Note:
This project will be discontinued after December 13, 2021. [more]
Product:
H300s_firmware
(Netapp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 274 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-08-24 | CVE-2021-3998 | A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data. | Glibc, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Ontap_select_deploy_administration_utility | 7.5 | ||
| 2022-08-24 | CVE-2021-4204 | An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. | Debian_linux, Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Enterprise_linux | 7.1 | ||
| 2022-08-29 | CVE-2022-1199 | A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. | Linux_kernel, Active_iq_unified_manager, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Enterprise_linux | 7.5 | ||
| 2022-08-29 | CVE-2022-2961 | A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on the system. | Fedora, Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware | 7.0 | ||
| 2022-08-31 | CVE-2022-39046 | An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap. | Glibc, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Ontap_select_deploy_administration_utility | 5.3 | ||
| 2022-09-09 | CVE-2022-2964 | A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. | Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Enterprise_linux | 7.8 | ||
| 2022-09-09 | CVE-2022-2526 | A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later. | Active_iq_unified_manager, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Systemd | 9.8 | ||
| 2022-09-14 | CVE-2022-3202 | A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information. | Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware | 7.1 | ||
| 2022-10-17 | CVE-2022-3545 | A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability. | Debian_linux, Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware | 7.8 | ||
| 2022-10-17 | CVE-2022-3564 | A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. | Debian_linux, Linux_kernel, H300s_firmware, H410s_firmware, H500s_firmware, H700s_firmware | 7.1 |