Total
344 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22922 | 6 Fedoraproject, Haxx, Netapp and 3 more | 23 Fedora, Curl, Cloud Backup and 20 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk. | |||||
| CVE-2021-22901 | 5 Haxx, Netapp, Oracle and 2 more | 34 Curl, Active Iq Unified Manager, Cloud Backup and 31 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory. | |||||
| CVE-2021-22897 | 5 Haxx, Netapp, Oracle and 2 more | 30 Curl, Cloud Backup, H300e and 27 more | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly. | |||||
| CVE-2021-22543 | 4 Debian, Fedoraproject, Linux and 1 more | 21 Debian Linux, Fedora, Linux Kernel and 18 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. | |||||
| CVE-2021-20284 | 2 Gnu, Netapp | 3 Binutils, Cloud Backup, Ontap Select Deploy Administration Utility | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-20226 | 2 Linux, Netapp | 2 Linux Kernel, Cloud Backup | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not incrementing the file reference counter while in use. The highest threat from this vulnerability is to data integrity, confidentiality and system availability. | |||||
| CVE-2021-20197 | 4 Broadcom, Gnu, Netapp and 1 more | 6 Brocade Fabric Operating System Firmware, Binutils, Cloud Backup and 3 more | 2024-11-21 | 3.3 LOW | 6.3 MEDIUM |
| There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. | |||||
| CVE-2020-9391 | 3 Fedoraproject, Linux, Netapp | 10 Fedora, Linux Kernel, Active Iq Unified Manager and 7 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation. | |||||
| CVE-2020-9383 | 5 Canonical, Debian, Linux and 2 more | 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2. | |||||
| CVE-2020-9327 | 5 Canonical, Netapp, Oracle and 2 more | 11 Ubuntu Linux, Cloud Backup, Communications Messaging Server and 8 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. | |||||
| CVE-2020-8992 | 4 Canonical, Linux, Netapp and 1 more | 11 Ubuntu Linux, Linux Kernel, Active Iq Unified Manager and 8 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. | |||||
| CVE-2020-8835 | 4 Canonical, Fedoraproject, Linux and 1 more | 47 Ubuntu Linux, Fedora, Linux Kernel and 44 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780) | |||||
| CVE-2020-8832 | 2 Canonical, Netapp | 60 Ubuntu Linux, Aff 8300, Aff 8300 Firmware and 57 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. | |||||
| CVE-2020-8760 | 2 Intel, Netapp | 2 Active Management Technology Firmware, Cloud Backup | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8757 | 2 Intel, Netapp | 2 Active Management Technology Firmware, Cloud Backup | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8754 | 2 Intel, Netapp | 3 Active Management Technology Firmware, Standard Manageability, Cloud Backup | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Out-of-bounds read in subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. | |||||
| CVE-2020-8752 | 2 Intel, Netapp | 3 Active Management Technology Firmware, Standard Manageability, Cloud Backup | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of privileges via network access. | |||||
| CVE-2020-8749 | 2 Intel, Netapp | 2 Active Management Technology Firmware, Cloud Backup | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2020-8747 | 2 Intel, Netapp | 2 Active Management Technology Firmware, Cloud Backup | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access. | |||||
| CVE-2020-8746 | 2 Intel, Netapp | 2 Active Management Technology Firmware, Cloud Backup | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||