Smi-s Provider Security Vulnerabilities and Issues — Smi-s Provider CVE List

Lucene search

NetappSmi-s Provider

10 matches found

CVE•added 2020/04/21 2:15 p.m.•656 views

CVE-2020-1967

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorit...

7.5CVSS7.5AI score0.5372EPSS

CVE•added 2020/01/21 11:15 p.m.•577 views

CVE-2020-7595

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

7.5CVSS7.6AI score0.00236EPSS

CVE•added 2020/01/21 11:15 p.m.•529 views

CVE-2019-20388

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

7.5CVSS7.6AI score0.00562EPSS

CVE•added 2022/02/26 5:15 a.m.•410 views

CVE-2022-23308

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

7.5CVSS7.7AI score0.00026EPSS

CVE•added 2020/08/20 1:17 a.m.•402 views

CVE-2020-15862

Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.

7.8CVSS7.9AI score0.0008EPSS

CVE•added 2023/04/25 4:15 p.m.•382 views

CVE-2023-29552

The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.

7.5CVSS7.4AI score0.93374EPSS

CVE•added 2022/11/23 6:15 p.m.•287 views

CVE-2022-40304

An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.

7.8CVSS6.9AI score0.00079EPSS

CVE•added 2017/11/13 10:29 p.m.•249 views

CVE-2016-8610

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail t...

7.5CVSS7.4AI score0.69527EPSS

CVE•added 2020/08/20 1:17 a.m.•225 views

CVE-2020-15861

Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.

7.8CVSS7.5AI score0.00561EPSS

CVE•added 2022/05/03 4:15 p.m.•215 views

CVE-2022-1473

The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will ...

7.5CVSS8.2AI score0.00229EPSS