Total
129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-43790 | 2 Netapp, Vim | 3 Bootstrap Os, Hci Compute Node, Vim | 2025-08-18 | N/A | 4.5 MEDIUM |
| Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen in a buffer (msgbuf). When right-left mode (:set rl) is enabled, the search pattern is reversed. This happens by allocating a new buffer. If the search pattern contains some ASCII NUL characters, the buffer allocated will be smaller than the original allocated buffer (because for allocating the reversed buffer, the strlen() function is called, which only counts until it notices an ASCII NUL byte ) and thus the original length indicator is wrong. This causes an overflow when accessing characters inside the msgbuf by the previously (now wrong) length of the msgbuf. The issue has been fixed as of Vim patch v9.1.0689. | |||||
| CVE-2024-47814 | 2 Netapp, Vim | 3 Bootstrap Os, Hci Compute Node, Vim | 2025-08-18 | N/A | 3.9 LOW |
| Vim is an open source, command line text editor. A use-after-free was found in Vim < 9.1.0764. When closing a buffer (visible in a window) a BufWinLeave auto command can cause an use-after-free if this auto command happens to re-open the same buffer in a new split window. Impact is low since the user must have intentionally set up such a strange auto command and run some buffer unload commands. However this may lead to a crash. This issue has been addressed in version 9.1.0764 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-29768 | 2 Netapp, Vim | 3 Bootstrap Os, Hci Compute Node, Vim | 2025-08-18 | N/A | 4.4 MEDIUM |
| Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198. | |||||
| CVE-2025-22134 | 2 Netapp, Vim | 3 Bootstrap Os, Hci Compute Node, Vim | 2025-08-14 | N/A | 4.2 MEDIUM |
| When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003 | |||||
| CVE-2025-24014 | 2 Netapp, Vim | 3 Hci Compute Node, Hci Compute Node Firmware, Vim | 2025-08-14 | N/A | 4.2 MEDIUM |
| Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043. | |||||
| CVE-2025-24813 | 3 Apache, Debian, Netapp | 4 Tomcat, Debian Linux, Bootstrap Os and 1 more | 2025-08-08 | N/A | 9.8 CRITICAL |
| Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads - attacker knowledge of the names of security sensitive files being uploaded - the security sensitive files also being uploaded via partial PUT If all of the following were true, a malicious user was able to perform remote code execution: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - application was using Tomcat's file based session persistence with the default storage location - application included a library that may be leveraged in a deserialization attack Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue. | |||||
| CVE-2024-56337 | 2 Apache, Netapp | 3 Tomcat, Bootstrap Os, Hci Compute Node | 2025-08-08 | N/A | 9.8 CRITICAL |
| Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat: - running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true) - running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false) - running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed) Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can. | |||||
| CVE-2024-54677 | 2 Apache, Netapp | 3 Tomcat, Bootstrap Os, Hci Compute Node | 2025-08-08 | N/A | 5.3 MEDIUM |
| Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. | |||||
| CVE-2024-50379 | 2 Apache, Netapp | 3 Tomcat, Bootstrap Os, Hci Compute Node | 2025-08-08 | N/A | 9.8 CRITICAL |
| Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. | |||||
| CVE-2024-3447 | 2 Netapp, Qemu | 2 Hci Compute Node, Qemu | 2025-08-05 | N/A | 6.0 MEDIUM |
| A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. | |||||
| CVE-2025-0509 | 2 Netapp, Sparkle-project | 3 Hci Compute Node, Oncommand Workflow Automation, Sparkle | 2025-08-05 | N/A | 7.3 HIGH |
| A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s (Ed)DSA signing checks. | |||||
| CVE-2024-33601 | 3 Debian, Gnu, Netapp | 20 Debian Linux, Glibc, H300s and 17 more | 2025-08-01 | N/A | 7.3 HIGH |
| nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. | |||||
| CVE-2024-9823 | 2 Eclipse, Netapp | 4 Jetty, Active Iq Unified Manager, Bootstrap Os and 1 more | 2025-07-30 | N/A | 5.3 MEDIUM |
| There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory finally. | |||||
| CVE-2024-2398 | 4 Apple, Fedoraproject, Haxx and 1 more | 22 Macos, Fedora, Curl and 19 more | 2025-07-30 | N/A | 8.6 HIGH |
| When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. | |||||
| CVE-2024-2466 | 3 Apple, Haxx, Netapp | 12 Macos, Curl, Bootstrap Os and 9 more | 2025-07-30 | N/A | 6.5 MEDIUM |
| libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc). | |||||
| CVE-2024-8096 | 3 Debian, Haxx, Netapp | 15 Debian Linux, Curl, Active Iq Unified Manager and 12 more | 2025-07-30 | N/A | 6.5 MEDIUM |
| When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate. | |||||
| CVE-2024-2004 | 4 Apple, Fedoraproject, Haxx and 1 more | 15 Macos, Fedora, Curl and 12 more | 2025-07-30 | N/A | 3.5 LOW |
| When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled. curl --proto -all,-http http://curl.se The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug. | |||||
| CVE-2024-2379 | 3 Apple, Haxx, Netapp | 20 Macos, Curl, Active Iq Unified Manager and 17 more | 2025-07-30 | N/A | 6.3 MEDIUM |
| libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems. | |||||
| CVE-2025-0167 | 2 Haxx, Netapp | 25 Curl, Bootstrap Os, Element Software and 22 more | 2025-07-30 | N/A | 3.4 LOW |
| When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance. | |||||
| CVE-2025-0665 | 2 Haxx, Netapp | 13 Curl, Bootstrap Os, H300s and 10 more | 2025-07-30 | N/A | 9.8 CRITICAL |
| libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve. | |||||