Product:

H610c_firmware

(Netapp)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 22
Date Id Summary Products Score Patch Annotated
2022-06-21 CVE-2022-2068 In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems... Sannav, Debian_linux, Fedora, Aff_8300_firmware, Aff_8700_firmware, Aff_a400_firmware, Bootstrap_os, Element_software, Fas_8300_firmware, Fas_8700_firmware, Fas_a400_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700s_firmware, Hci_management_node, Ontap_antivirus_connector, Ontap_select_deploy_administration_utility, Santricity_smi\-S_provider, Smi\-S_provider, Snapmanager, Solidfire, Openssl, Sinec_ins 9.8
2020-11-23 CVE-2020-15436 Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. Brocade_fabric_operating_system_firmware, Linux_kernel, A250_firmware, A700s_firmware, Aff_500f_firmware, Aff_8300_firmware, Aff_8700_firmware, Aff_a400_firmware, Cloud_backup, Fabric\-Attached_storage_a400_firmware, Fas_500f_firmware, Fas_8300_firmware, Fas_8700_firmware, H410c_firmware, H610c_firmware, H610s_firmware, H615c_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware 6.7
2022-03-03 CVE-2021-3609 .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. Linux_kernel, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, 3scale_api_management, Build_of_quarkus, Codeready_linux_builder_eus, Codeready_linux_builder_for_power_little_endian_eus, Enterprise_linux_aus, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_ibm_z_systems_eus_s390x, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Openshift_container_platform, Virtualization, Virtualization_host 7.0
2021-12-25 CVE-2021-45485 In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. Linux_kernel, Aff_a400_firmware, All_flash_fabric\-Attached_storage_8300_firmware, All_flash_fabric\-Attached_storage_8700_firmware, Brocade_fabric_operating_system_firmware, E\-Series_santricity_os_controller, Fabric\-Attached_storage_8300_firmware, Fabric\-Attached_storage_8700_firmware, Fabric\-Attached_storage_a400_firmware, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Hci_compute_node_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy 7.5
2021-03-26 CVE-2020-35508 A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process. Linux_kernel, A700s_firmware, Aff_a400_firmware, Brocade_fabric_operating_system_firmware, Fas8300_firmware, Fas8700_firmware, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Enterprise_linux 4.5
2022-03-02 CVE-2021-3772 A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. Debian_linux, Linux_kernel, E\-Series_santricity_os_controller, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700s_firmware, Hci_compute_node, Solidfire_\&_hci_management_node, Solidfire_\&_hci_storage_node, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy, Enterprise_linux 6.5
2022-07-27 CVE-2022-36879 An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. Debian_linux, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Aff_500f_firmware, Aff_8300_firmware, Aff_8700_firmware, Aff_a250_firmware, Aff_a400_firmware, E\-Series_santricity_os_controller, Fas_500f_firmware, Fas_8300_firmware, Fas_8700_firmware, Fas_a250_firmware, Fas_a400_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700s_firmware, Hci_bootstrap_os 5.5
2020-05-18 CVE-2020-13143 gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. Ubuntu_linux, Debian_linux, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Bootstrap_os, Cloud_backup, Element_software, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Solidfire, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage, Leap 6.5
2020-05-09 CVE-2020-12769 An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8. Ubuntu_linux, Debian_linux, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Cloud_backup, Element_software, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Hci_compute_node_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap 5.5
2021-06-07 CVE-2019-25045 An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. Linux_kernel, Aff_8300_firmware, Aff_8700_firmware, Aff_a400_firmware, Aff_a700s_firmware, Cloud_backup, Fabric\-Attached_storage_a400_firmware, Fas_8300_firmware, Fas_8700_firmware, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware 7.8