Lucene search

K
Netapp500f Firmware

12 matches found

CVE
CVE
added 2021/02/17 11:15 p.m.1365 views

CVE-2020-8625

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gss...

8.1CVSS8.4AI score0.02085EPSS
CVE
CVE
added 2022/03/15 5:15 p.m.1216 views

CVE-2022-0778

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

7.5CVSS7.8AI score0.06777EPSS
CVE
CVE
added 2023/02/03 6:15 a.m.820 views

CVE-2023-25136

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-p...

6.5CVSS6.8AI score0.90014EPSS
CVE
CVE
added 2021/04/29 1:15 a.m.780 views

CVE-2021-25215

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query ...

7.5CVSS6.6AI score0.0214EPSS
CVE
CVE
added 2021/01/04 6:15 p.m.561 views

CVE-2019-25013

The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.

7.1CVSS6.8AI score0.0068EPSS
CVE
CVE
added 2024/01/31 1:15 p.m.411 views

CVE-2024-1086

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vul...

7.8CVSS8.1AI score0.84406EPSS
CVE
CVE
added 2020/11/28 7:15 a.m.363 views

CVE-2020-29374

An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-1...

3.6CVSS4.9AI score0.00021EPSS
CVE
CVE
added 2021/02/26 11:15 p.m.335 views

CVE-2020-27618

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...

5.5CVSS6.5AI score0.00644EPSS
CVE
CVE
added 2024/09/03 4:15 p.m.330 views

CVE-2024-6119

Issue summary: Applications performing certificate name checks (e.g., TLSclients checking server certificates) may attempt to read an invalid memoryaddress resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial ofser...

7.5CVSS6.5AI score0.00672EPSS
CVE
CVE
added 2021/12/14 7:15 p.m.289 views

CVE-2021-4044

Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (for example out of memory). Such a negative return value is mishandled by OpenSSL and will cause an ...

7.5CVSS7.2AI score0.23145EPSS
CVE
CVE
added 2021/05/26 12:15 p.m.235 views

CVE-2020-25668

A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.

7CVSS7.4AI score0.00132EPSS
CVE
CVE
added 2021/04/29 5:15 a.m.161 views

CVE-2021-31879

GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.

6.1CVSS7.8AI score0.03066EPSS