Filtered by vendor Netapp
Subscriptions
Filtered by product Steelstore Cloud Integrated Storage
Subscriptions
Total
211 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-12888 | 7 Canonical, Debian, Fedoraproject and 4 more | 45 Ubuntu Linux, Debian Linux, Fedora and 42 more | 2024-08-04 | 5.3 Medium |
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. | ||||
CVE-2020-12769 | 5 Canonical, Debian, Linux and 2 more | 36 Ubuntu Linux, Debian Linux, Linux Kernel and 33 more | 2024-08-04 | 5.5 Medium |
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8. | ||||
CVE-2020-12771 | 6 Canonical, Debian, Linux and 3 more | 37 Ubuntu Linux, Debian Linux, Linux Kernel and 34 more | 2024-08-04 | 5.5 Medium |
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. | ||||
CVE-2020-12770 | 6 Canonical, Debian, Fedoraproject and 3 more | 42 Ubuntu Linux, Debian Linux, Fedora and 39 more | 2024-08-04 | 6.7 Medium |
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040. | ||||
CVE-2020-12659 | 3 Linux, Netapp, Redhat | 9 Linux Kernel, Active Iq Unified Manager, Aff Baseboard Management Controller and 6 more | 2024-08-04 | 6.7 Medium |
An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation. | ||||
CVE-2020-12653 | 5 Debian, Linux, Netapp and 2 more | 42 Debian Linux, Linux Kernel, A700s and 39 more | 2024-08-04 | 7.8 High |
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea. | ||||
CVE-2020-12465 | 3 Linux, Netapp, Redhat | 10 Linux Kernel, Active Iq Unified Manager, Aff Baseboard Management Controller and 7 more | 2024-08-04 | 6.7 Medium |
An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages. | ||||
CVE-2020-12464 | 3 Linux, Netapp, Redhat | 11 Linux Kernel, Active Iq Unified Manager, Aff A700s and 8 more | 2024-08-04 | 6.7 Medium |
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. | ||||
CVE-2020-12243 | 9 Apple, Broadcom, Canonical and 6 more | 28 Mac Os X, Brocade Fabric Operating System, Ubuntu Linux and 25 more | 2024-08-04 | 7.5 High |
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). | ||||
CVE-2020-11884 | 6 Canonical, Debian, Fedoraproject and 3 more | 38 Ubuntu Linux, Debian Linux, Fedora and 35 more | 2024-08-04 | 7.0 High |
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur. | ||||
CVE-2020-11620 | 5 Debian, Fasterxml, Netapp and 2 more | 26 Debian Linux, Jackson-databind, Active Iq Unified Manager and 23 more | 2024-08-04 | 8.1 High |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly). | ||||
CVE-2020-11619 | 5 Debian, Fasterxml, Netapp and 2 more | 31 Debian Linux, Jackson-databind, Active Iq Unified Manager and 28 more | 2024-08-04 | 8.1 High |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). | ||||
CVE-2020-11112 | 5 Debian, Fasterxml, Netapp and 2 more | 39 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 36 more | 2024-08-04 | 8.8 High |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). | ||||
CVE-2020-11113 | 5 Debian, Fasterxml, Netapp and 2 more | 41 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 38 more | 2024-08-04 | 8.8 High |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). | ||||
CVE-2020-11111 | 5 Debian, Fasterxml, Netapp and 2 more | 33 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 30 more | 2024-08-04 | 8.8 High |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). | ||||
CVE-2020-10968 | 5 Debian, Fasterxml, Netapp and 2 more | 41 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 38 more | 2024-08-04 | 8.8 High |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). | ||||
CVE-2020-10969 | 5 Debian, Fasterxml, Netapp and 2 more | 41 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 38 more | 2024-08-04 | 8.8 High |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane. | ||||
CVE-2020-10757 | 7 Canonical, Debian, Fedoraproject and 4 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2024-08-04 | 7.8 High |
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. | ||||
CVE-2020-10732 | 5 Canonical, Linux, Netapp and 2 more | 33 Ubuntu Linux, Linux Kernel, Active Iq Unified Manager and 30 more | 2024-08-04 | 3.3 Low |
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data. | ||||
CVE-2020-10672 | 5 Debian, Fasterxml, Netapp and 2 more | 40 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 37 more | 2024-08-04 | 8.8 High |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). |