Netapp

H300s Firmware

288 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-3999

Exploit
  • EPSS 1.02%
  • Veröffentlicht 24.08.2022 16:15:09
  • Zuletzt bearbeitet 02.12.2025 21:15:49

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid progr...

7.1

CVE-2021-4204

  • EPSS 0.77%
  • Veröffentlicht 24.08.2022 16:15:09
  • Zuletzt bearbeitet 21.11.2024 06:37:08

An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.

7.8

CVE-2022-2938

  • EPSS 0.03%
  • Veröffentlicht 23.08.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:57

A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.

5.5

CVE-2022-2873

  • EPSS 0.03%
  • Veröffentlicht 22.08.2022 15:15:15
  • Zuletzt bearbeitet 21.11.2024 07:01:51

An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to cra...

7.1

CVE-2022-1973

  • EPSS 0.13%
  • Veröffentlicht 05.08.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:51

A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem.

9.8

CVE-2022-37434

Exploit
  • EPSS 92.47%
  • Veröffentlicht 05.08.2022 07:15:07
  • Zuletzt bearbeitet 30.05.2025 20:15:30

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib s...

7.8

CVE-2022-36123

Exploit
  • EPSS 0.02%
  • Veröffentlicht 29.07.2022 14:15:08
  • Zuletzt bearbeitet 21.11.2024 07:12:26

The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.

5.5

CVE-2022-36879

  • EPSS 0.04%
  • Veröffentlicht 27.07.2022 04:15:10
  • Zuletzt bearbeitet 05.05.2025 16:15:17

An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.

7.1

CVE-2022-1671

  • EPSS 0.16%
  • Veröffentlicht 26.07.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:13

A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.

6.1

CVE-2022-31160

Exploit
  • EPSS 15.26%
  • Veröffentlicht 20.07.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 07:04:01

jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed with...