Home/Product/netapp hci bootstrap os
Product

netapp hci bootstrap os

27 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-33602
all versions
nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrup
7.4HIGH
 CVE-2024-33601
all versions
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses
7.3HIGH
 CVE-2024-33600
all versions
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgr
5.9MEDIUM
 CVE-2024-33599
all versions
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by cl
8.1HIGH
 CVE-2023-29153
all versions
Uncontrolled resource consumption for some Intel(R) SPS firmware before version SPS_E5_06.01.04.002.0 may allow a privileged user
4.9MEDIUM
 CVE-2023-28531
all versions
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest
9.8CRITICAL
 CVE-2021-4209
all versions
A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-leng
6.5MEDIUM
 CVE-2022-36879
all versions
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount t
5.5MEDIUM
 CVE-2022-30115
all versions
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HT
4.3MEDIUM
 CVE-2022-27781
all versions
libcurl provides the CURLOPT_CERTINFO option to allow applications torequest details to be returned about a server's certificate
7.5HIGH
 CVE-2022-27780
all versions
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a
7.5HIGH
 CVE-2022-27779
all versions
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be
5.3MEDIUM
 CVE-2022-27776
all versions
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HT
6.5MEDIUM
 CVE-2022-27775
all versions
An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in t
7.5HIGH
 CVE-2022-27774
all versions
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow
5.7MEDIUM
 CVE-2021-38203
all versions
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger alloca
5.5MEDIUM
 CVE-2021-38202
all versions
fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in
7.5HIGH
 CVE-2021-38201
all versions
net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-ou
7.5HIGH
 CVE-2021-38199
all versions
fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NF
6.5MEDIUM
 CVE-2021-38160
all versions
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted devic
7.8HIGH
 CVE-2020-8286
all versions
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the O
7.5HIGH
 CVE-2020-8285
all versions
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match pa
7.5HIGH
 CVE-2020-8284
all versions
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and p
3.7LOW
 CVE-2020-29368
all versions
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation
7.0HIGH
 CVE-2020-16166
all versions
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the i
3.7LOW
 CVE-2020-12771
all versions
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coa
5.5MEDIUM
 CVE-2019-0201
all versions
An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t ch
5.9MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin