CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26993
https://notcve.org/view.php?id=CVE-2021-26993
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to cause a partial Denial of Service (DoS) to the web server. E-Series SANtricity OS Controller Software versiones 11.x anteriores a versión 11.70.1, son susceptibles a una vulnerabilidad que, cuando se explota con éxito, podría permitir a un atacante remoto causar una denegación de servicio (DoS) parcial en el servidor web • https://security.netapp.com/advisory/NTAP-20210610-0001 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26995
https://notcve.org/view.php?id=CVE-2021-26995
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow privileged attackers to execute arbitrary code. E-Series SANtricity OS Controller Software versiones 11.x anteriores a versión 11.70.1, son susceptibles a una vulnerabilidad que, cuando se explota con éxito, podría permitir a atacantes con privilegios ejecutar código arbitrario • https://security.netapp.com/advisory/NTAP-20210610-0002 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26996
https://notcve.org/view.php?id=CVE-2021-26996
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover system configuration and application information which may aid in crafting more complex attacks. E-Series SANtricity OS Controller Software versiones 11.x anteriores a 11.70.1, son susceptibles de una vulnerabilidad que, cuando se explota con éxito, podría permitir a un atacante remoto detectar información de configuración del sistema y de la aplicación que podría ayudar a diseñar ataques más complejos • https://security.netapp.com/advisory/NTAP-20210610-0003 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26997
https://notcve.org/view.php?id=CVE-2021-26997
E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover information via error messaging which may aid in crafting more complex attacks. E-Series SANtricity OS Controller Software versiones 11.x anteriores a versión 11.70.1, son susceptibles a una vulnerabilidad que, si se explota con éxito, podría permitir a un atacante remoto detectar información por medio de mensajes de error que podrían ayudar a diseñar ataques más complejos • https://security.netapp.com/advisory/NTAP-20210610-0004 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 9.8EPSS: 1%CPEs: 22EXPL: 1CVE-2021-33574 – glibc: mq_notify does not handle separately allocated thread attributes
https://notcve.org/view.php?id=CVE-2021-33574
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact. La función mq_notify de la Biblioteca C de GNU (también conocida como glibc) versiones 2.32 y 2.33 tiene un use-after-free. Puede utilizar el objeto de atributos del hilo de notificación (pasado a través de su parámetro struct sigevent) después de que haya sido liberado por el llamante, lo que lleva a una denegación de servicio (caída de la aplicación) o posiblemente a otro impacto no especificado The mq_notify function in the GNU C Library (aka glibc) has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact. • https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP https://security.gentoo.org/glsa/202107-07 https://security.netapp.com/advisory/ntap-20210629-0005 https://sourceware.org/bugzilla/show_bug.cgi?id=27896 https://sourceware.org/bugzilla/show_bug.cgi?id=2789 • CWE-416: Use After Free •