Note:
This project will be discontinued after December 13, 2021. [more]
Product:
H500s_firmware
(Netapp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 265 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-05-12 | CVE-2022-30594 | The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. | Debian_linux, Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Hci_compute_node, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node | 7.8 | ||
| 2022-07-26 | CVE-2022-1671 | A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information. | Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware | 7.1 | ||
| 2022-08-05 | CVE-2022-1973 | A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. | Fedora, Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware | 7.1 | ||
| 2023-05-30 | CVE-2023-2953 | A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function. | Macos, Active_iq_unified_manager, Clustered_data_ontap, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Ontap_tools, Openldap, Enterprise_linux | 7.5 | ||
| 2021-05-26 | CVE-2020-27815 | A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | Debian_linux, Linux_kernel, Aff_a250_firmware, Fas500f_firmware, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware | 7.8 | ||
| 2023-06-21 | CVE-2023-2828 | Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or... | Debian_linux, Fedora, Bind, Active_iq_unified_manager, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware | 7.5 | ||
| 2022-08-05 | CVE-2022-37434 | zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). | Ipados, Iphone_os, Macos, Watchos, Debian_linux, Fedora, Active_iq_unified_manager, H300s_firmware, H500s_firmware, H700s_firmware, Hci, Hci_compute_node, Management_services_for_element_software, Oncommand_workflow_automation, Ontap_select_deploy_administration_utility, Storagegrid, Stormshield_network_security, Zlib | 9.8 | ||
| 2022-08-24 | CVE-2021-4204 | An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. | Debian_linux, Linux_kernel, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Enterprise_linux | 7.1 | ||
| 2019-09-20 | CVE-2019-14816 | There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, A220_firmware, A320_firmware, A700s_firmware, A800_firmware, C190_firmware, Data_availability_services, Fas2720_firmware, Fas2750_firmware, H300e_firmware, H300s_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610s_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Service_processor, Solidfire, Steelstore_cloud_integrated_storage, Leap, Enterprise_linux, Enterprise_linux_compute_node_eus, Enterprise_linux_eus, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_tus, Messaging_realtime_grid, Virtualization | 7.8 | ||
| 2023-06-21 | CVE-2023-2829 | A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec`) enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1. | Bind, Active_iq_unified_manager, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware | 7.5 |