Hci Compute Node@- Security Vulnerabilities and Issues — Hci Compute Node@- CVE List

Lucene search

NetappHci Compute Node-

16 matches found

CVE•added 2022/03/25 9:15 a.m.•3123 views

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

7.5CVSS8.1AI score0.00085EPSS

CVE•added 2022/07/19 10:15 p.m.•1315 views

CVE-2022-21541

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exp...

5.9CVSS5.8AI score0.00186EPSS

CVE•added 2022/07/19 10:15 p.m.•1314 views

CVE-2022-21540

5.3CVSS5AI score0.00441EPSS

CVE•added 2022/04/19 9:15 p.m.•1226 views

CVE-2022-21449

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.2 and 18; Oracle GraalVM Enterprise Edition: 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenti...

7.5CVSS6.9AI score0.2539EPSS

CVE•added 2022/08/05 7:15 a.m.•1082 views

CVE-2022-37434

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHe...

9.8CVSS9.9AI score0.92678EPSS

CVE•added 2022/07/19 10:15 p.m.•1070 views

CVE-2022-21549

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated a...

5.3CVSS5AI score0.00129EPSS

CVE•added 2022/02/09 11:15 p.m.•778 views

CVE-2022-0391

A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an a...

7.5CVSS7.4AI score0.00816EPSS

CVE•added 2022/07/19 6:15 p.m.•612 views

CVE-2022-34169

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or ...

7.5CVSS8.2AI score0.08073EPSS

Web

CVE•added 2022/03/03 7:15 p.m.•594 views

CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

7.8CVSS8AI score0.07118EPSS

CVE•added 2022/07/07 9:15 p.m.•495 views

CVE-2022-2047

In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.

4CVSS5.2AI score0.00878EPSS

CVE•added 2022/05/12 5:15 a.m.•382 views

CVE-2022-30594

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.

7.8CVSS7.7AI score0.00025EPSS

CVE•added 2022/07/07 9:15 p.m.•357 views

CVE-2022-2048

In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left ...

7.5CVSS7.3AI score0.01411EPSS

CVE•added 2022/07/27 8:15 p.m.•329 views

CVE-2022-36946

nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.

7.5CVSS7.2AI score0.04664EPSS

CVE•added 2022/03/02 11:15 p.m.•298 views

CVE-2021-3772

A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.

6.5CVSS6.8AI score0.00243EPSS

CVE•added 2022/06/02 2:15 p.m.•289 views

CVE-2022-27781

libcurl provides the CURLOPT_CERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.

7.5CVSS7.4AI score0.00054EPSS

CVE•added 2022/06/02 2:15 p.m.•194 views

CVE-2022-27779

libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without Public Suffix List awareness. If PSL support not provided, a more rudimentary check ...

5.3CVSS6.1AI score0.0019EPSS