Home/Product/netapp solidfire \& hci storage node
Product

netapp solidfire \& hci storage node

26 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-0725
all versions
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING
7.3HIGH
 CVE-2025-0167
all versions
When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the firs
3.4LOW
 CVE-2024-40896
all versions
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities
9.1CRITICAL
 CVE-2024-50602
all versions
An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can
5.9MEDIUM
 CVE-2024-36958
all versions
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix nfsd4_encode_fattr4() crasher Ensure that args.acl
5.5MEDIUM
 CVE-2024-33602
all versions
nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrup
7.4HIGH
 CVE-2023-5178
all versions
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c in nvmet_tcp_free_crypto` due to a logical bug in the NVMe
8.8HIGH
 CVE-2023-37920
all versions
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the id
7.5HIGH
 CVE-2023-32257
all versions
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the process
8.1HIGH
 CVE-2023-38432
all versions
An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship be
9.1CRITICAL
 CVE-2023-38428
all versions
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value b
9.1CRITICAL
 CVE-2023-38426
all versions
An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_co
9.1CRITICAL
 CVE-2022-36946
all versions
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of s
7.5HIGH
 CVE-2022-2048
all versions
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can
7.5HIGH
 CVE-2022-2047
all versions
In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority
2.7LOW
 CVE-2022-27776
all versions
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HT
6.5MEDIUM
 CVE-2022-27775
all versions
An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in t
7.5HIGH
 CVE-2022-27774
all versions
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow
5.7MEDIUM
 CVE-2022-22576
all versions
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticate
8.1HIGH
 CVE-2021-3772
all versions
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks
6.5MEDIUM
 CVE-2021-44228
all versions
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration
10.0CRITICAL
 CVE-2020-29569
all versions
An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend exp
8.8HIGH
 CVE-2020-29374
all versions
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) i
3.6LOW
 CVE-2020-25645
all versions
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPse
7.5HIGH
 CVE-2020-12464
all versions
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs withou
6.7MEDIUM
 CVE-2018-20836
all versions
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in d
8.1HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin