Netapp » Steelstore » N/A : Security Vulnerabilities, CVEs,
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
Max CVSS
7.8
EPSS Score
0.07%
Published
2019-11-25
Updated
2023-07-13
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
Max CVSS
5.3
EPSS Score
0.47%
Published
2019-02-04
Updated
2022-05-23
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
Max CVSS
9.8
EPSS Score
1.17%
Published
2019-09-16
Updated
2023-03-29
Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
Max CVSS
5.3
EPSS Score
0.26%
Published
2018-08-28
Updated
2019-03-07
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
Max CVSS
5.9
EPSS Score
0.48%
Published
2018-10-29
Updated
2022-08-29
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
Max CVSS
5.9
EPSS Score
0.29%
Published
2018-10-30
Updated
2022-08-29
6 vulnerabilities found