Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hci_h410c_firmware
(Netapp)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 6 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-09-04 | CVE-2020-24977 | GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. | Debian_linux, Fedora, Active_iq_unified_manager, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, Hci_h410c_firmware, Inventory_collect_tool, Manageability_software_development_kit, Snapdrive, Leap, Communications_cloud_native_core_network_function_cloud_native_environment, Enterprise_manager_base_platform, Enterprise_manager_ops_center, Http_server, Mysql_workbench, Peoplesoft_enterprise_peopletools, Real_user_experience_insight, Libxml2 | 6.5 | ||
2021-02-05 | CVE-2021-26708 | A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support. | Linux_kernel, Aff_baseboard_management_controller, Baseboard_management_controller_500f_firmware, Baseboard_management_controller_a250_firmware, Cloud_backup, Fas_baseboard_management_controller, Hci_h410c_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller | 7.0 | ||
2021-02-17 | CVE-2021-26932 | An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then loops over the results, performing follow-up actions based on the success or failure of each operation. Unfortunately, when running in PV mode, the Linux backend drivers mishandle this: Some errors... | Debian_linux, Fedora, Linux_kernel, Cloud_backup, Hci_compute_node, Hci_h410c_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node | 5.5 | ||
2021-05-14 | CVE-2021-3537 | A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. | Debian_linux, Fedora, Active_iq_unified_manager, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, Hci_h410c_firmware, Manageability_software_development_kit, Ontap_select_deploy_administration_utility, Snapdrive, Communications_cloud_native_core_network_function_cloud_native_environment, Enterprise_manager_base_platform, Enterprise_manager_ops_center, Mysql_workbench, Openjdk, Peoplesoft_enterprise_peopletools, Real_user_experience_insight, Enterprise_linux, Jboss_core_services, Libxml2 | 5.9 | ||
2021-05-18 | CVE-2021-3518 | There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability. | Debian_linux, Fedora, Active_iq_unified_manager, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, Hci_h410c_firmware, Manageability_software_development_kit, Ontap_select_deploy_administration_utility, Snapdrive, Communications_cloud_native_core_network_function_cloud_native_environment, Enterprise_manager_base_platform, Enterprise_manager_ops_center, Mysql_workbench, Peoplesoft_enterprise_peopletools, Real_user_experience_insight, Enterprise_linux, Jboss_core_services, Libxml2 | 8.8 | ||
2021-05-19 | CVE-2021-3517 | There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application. | Debian_linux, Fedora, Active_iq_unified_manager, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_web_services, Hci_h410c_firmware, Hci_management_node, Manageability_software_development_kit, Oncommand_insight, Oncommand_workflow_automation, Ontap_select_deploy_administration_utility, Santricity_unified_manager, Snapdrive, Snapmanager, Solidfire, Communications_cloud_native_core_network_function_cloud_native_environment, Enterprise_manager_base_platform, Mysql_workbench, Openjdk, Peoplesoft_enterprise_peopletools, Real_user_experience_insight, Zfs_storage_appliance_kit, Enterprise_linux, Jboss_core_services, Libxml2 | 8.6 |