Hci Storage Node Security Vulnerabilities and Issues — Hci Storage Node CVE List

Lucene search

NetappHci Storage Node

14 matches found

CVE•added 2020/07/24 2:15 p.m.•29533 views

CVE-2020-15778

scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a grea...

7.8CVSS7.8AI score0.67525EPSS

CVE•added 2020/06/29 6:15 p.m.•16152 views

CVE-2020-14145

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports st...

5.9CVSS5.6AI score0.02009EPSS

CVE•added 2020/12/08 4:15 p.m.•1028 views

CVE-2020-1971

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrec...

5.9CVSS5.7AI score0.0031EPSS

CVE•added 2020/09/27 4:15 a.m.•785 views

CVE-2020-26116

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.

7.2CVSS7.3AI score0.00579EPSS

CVE•added 2020/10/22 9:15 p.m.•463 views

CVE-2019-17006

In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.

10CVSS9.4AI score0.00454EPSS

CVE•added 2020/10/21 3:15 p.m.•368 views

CVE-2020-14803

Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of th...

5.3CVSS4.4AI score0.00046EPSS

CVE•added 2020/10/21 3:15 p.m.•356 views

CVE-2020-14798

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

3.1CVSS3.4AI score0.00247EPSS

CVE•added 2020/12/14 8:15 p.m.•349 views

CVE-2020-8284

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service bann...

4.3CVSS6AI score0.00104EPSS

CVE•added 2020/10/21 3:15 p.m.•346 views

CVE-2020-14781

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple pro...

4.3CVSS3.5AI score0.00117EPSS

CVE•added 2020/10/21 3:15 p.m.•317 views

CVE-2020-14779

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via mul...

4.3CVSS3.7AI score0.00138EPSS

CVE•added 2020/10/21 3:15 p.m.•316 views

CVE-2020-14796

3.1CVSS3.2AI score0.0013EPSS

CVE•added 2020/10/21 3:15 p.m.•311 views

CVE-2020-14792

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple ...

5.8CVSS3.9AI score0.00183EPSS

CVE•added 2020/10/21 3:15 p.m.•299 views

CVE-2020-14797

4.3CVSS3.7AI score0.00174EPSS

CVE•added 2020/11/28 7:15 a.m.•203 views

CVE-2020-29369

An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.

7CVSS6.7AI score0.00079EPSS