Product:

H410c_firmware

(Netapp)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 226
Date Id Summary Products Score Patch Annotated
2023-09-12 CVE-2023-4813 A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. Fedora, Glibc, Active_iq_unified_manager, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems_eus_s390x, Enterprise_linux_for_ibm_z_systems_s390x, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus 5.9
2023-02-25 CVE-2023-26545 In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware 4.7
2023-04-24 CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process. Debian_linux, Fedora, Linux_kernel, H410c_firmware 5.5
2022-05-16 CVE-2022-1586 An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT. Debian_linux, Fedora, Active_iq_unified_manager, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Hci_management_node, Ontap_select_deploy_administration_utility, Solidfire, Pcre2, Enterprise_linux 9.1
2024-03-10 CVE-2024-28757 libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). Fedora, Libexpat, Active_iq_unified_manager, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H700s_firmware, Oncommand_workflow_automation, Ontap, Ontap_tools, Windows_host_utilities 7.5
2022-01-26 CVE-2021-22600 A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 Debian_linux, Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware 7.0
2023-04-25 CVE-2023-0045 The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set  function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall.  The patch that added the support for the conditional... Debian_linux, Linux_kernel, Active_iq_unified_manager, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware 7.5
2019-10-11 CVE-2019-2215 A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095 Ubuntu_linux, Debian_linux, Android, Alp\-Al00b_firmware, Alp\-Tl00b_firmware, Anne\-Al00_firmware, Ares\-Al00b_firmware, Ares\-Al10d_firmware, Ares\-Tl00chw_firmware, Barca\-Al00_firmware, Berkeley\-L09_firmware, Berkeley\-Tl10_firmware, Bla\-Al00b_firmware, Bla\-L29c_firmware, Bla\-Tl00b_firmware, Columbia\-Al00a_firmware, Columbia\-L29d_firmware, Cornell\-Tl10b_firmware, Duke\-L09i_firmware, Dura\-Al00a_firmware, Figo\-Al00a_firmware, Florida\-Al20b_firmware, Florida\-L03_firmware, Florida\-L21_firmware, Florida\-L22_firmware, Florida\-Tl10b_firmware, Honor_9i_firmware, Honor_view_20_firmware, Jakarta\-Al00a_firmware, Johnson\-Tl00d_firmware, Leland\-Al10b_firmware, Leland\-L21a_firmware, Leland\-L32a_firmware, Leland\-Tl10b_firmware, Leland\-Tl10c_firmware, Lelandp\-Al00c_firmware, Lelandp\-L22c_firmware, Mate_rs_firmware, Neo\-Al00d_firmware, Nova_2s_firmware, Nova_3_firmware, Nova_3e_firmware, P20_firmware, P20_lite_firmware, Princeton\-Al10b_firmware, Rhone\-Al00_firmware, Stanford\-L09_firmware, Stanford\-L09s_firmware, Sydney\-Al00_firmware, Sydney\-Tl00_firmware, Sydneym\-Al00_firmware, Tony\-Al00b_firmware, Tony\-Tl00b_firmware, Y9_2019_firmware, Yale\-Al00a_firmware, Yale\-L21a_firmware, Yale\-Tl00b_firmware, A220_firmware, A320_firmware, A800_firmware, Aff_baseboard_management_controller_firmware, C190_firmware, Cloud_backup, Data_availability_services, Fas2720_firmware, Fas2750_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H610s_firmware, H700s_firmware, Hci_management_node, Service_processor, Solidfire, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage 7.8
2019-07-17 CVE-2019-13272 In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor... Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Active_iq_unified_manager, Aff_a700s_firmware, E\-Series_performance_analyzer, E\-Series_santricity_os_controller, H410c_firmware, H610s_firmware, Hci_compute_node, Hci_management_node, Service_processor, Solidfire, Steelstore_cloud_integrated_storage, Enterprise_linux, Enterprise_linux_for_arm_64, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus 7.8
2022-03-10 CVE-2022-0847 A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. Fedora, Linux_kernel, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Ovirt\-Engine, Codeready_linux_builder, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Virtualization_host, Scalance_lpe9403_firmware, Sma1000_firmware 7.8