Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Netapp Subscribe
Filtered by product Solidfire Baseboard Management Controller
Total 73 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-11089 2 Intel, Netapp 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more 2022-11-09 2.1 LOW 5.5 MEDIUM
Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2019-11111 2 Intel, Netapp 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more 2022-11-09 4.6 MEDIUM 7.8 HIGH
Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2019-11113 2 Intel, Netapp 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more 2022-11-09 2.1 LOW 4.4 MEDIUM
Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access.
CVE-2019-14574 2 Intel, Netapp 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more 2022-11-09 2.1 LOW 5.5 MEDIUM
Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2019-14590 2 Intel, Netapp 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more 2022-11-09 2.1 LOW 5.5 MEDIUM
Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2019-14591 2 Intel, Netapp 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more 2022-11-09 2.1 LOW 5.5 MEDIUM
Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2019-19947 4 Canonical, Debian, Linux and 1 more 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more 2022-11-09 2.1 LOW 4.6 MEDIUM
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
CVE-2019-19054 6 Broadcom, Canonical, Fedoraproject and 3 more 19 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 16 more 2022-11-07 4.7 MEDIUM 4.7 MEDIUM
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
CVE-2019-19063 7 Broadcom, Canonical, Fedoraproject and 4 more 20 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 17 more 2022-11-07 4.9 MEDIUM 4.6 MEDIUM
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
CVE-2019-19057 7 Broadcom, Canonical, Debian and 4 more 20 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 17 more 2022-11-07 2.1 LOW 3.3 LOW
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.
CVE-2020-15436 3 Broadcom, Linux, Netapp 34 Brocade Fabric Operating System Firmware, Linux Kernel, A250 and 31 more 2022-10-19 7.2 HIGH 6.7 MEDIUM
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
CVE-2020-29370 2 Linux, Netapp 10 Linux Kernel, Cloud Backup, H410c and 7 more 2022-10-19 4.4 MEDIUM 7.0 HIGH
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.
CVE-2020-14305 2 Linux, Netapp 10 Linux Kernel, A250, A250 Firmware and 7 more 2022-10-14 8.3 HIGH 8.1 HIGH
An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-25692 3 Netapp, Openldap, Redhat 5 Cloud Backup, Solidfire Baseboard Management Controller, Solidfire Baseboard Management Controller Firmware and 2 more 2022-10-12 5.0 MEDIUM 7.5 HIGH
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.
CVE-2020-8832 2 Canonical, Netapp 60 Ubuntu Linux, Aff 8300, Aff 8300 Firmware and 57 more 2022-10-11 2.1 LOW 5.5 MEDIUM
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
CVE-2021-23133 5 Broadcom, Debian, Fedoraproject and 2 more 24 Brocade Fabric Operating System, Debian Linux, Fedora and 21 more 2022-10-06 6.9 MEDIUM 7.0 HIGH
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.
CVE-2020-36158 4 Debian, Fedoraproject, Linux and 1 more 6 Debian Linux, Fedora, Linux Kernel and 3 more 2022-10-06 7.2 HIGH 6.7 MEDIUM
mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.
CVE-2020-35519 2 Linux, Netapp 20 Linux Kernel, Cloud Backup, H300e and 17 more 2022-10-06 6.8 MEDIUM 7.8 HIGH
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-27825 4 Debian, Linux, Netapp and 1 more 9 Debian Linux, Linux Kernel, Cloud Backup and 6 more 2022-09-02 5.4 MEDIUM 5.7 MEDIUM
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.
CVE-2020-25668 3 Debian, Linux, Netapp 26 Debian Linux, Linux Kernel, 500f and 23 more 2022-08-05 6.9 MEDIUM 7.0 HIGH
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.