Netapp

H300s Firmware

288 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.4

CVE-2020-10690

  • EPSS 0.13%
  • Veröffentlicht 08.05.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:55:51

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes ...

7.8

CVE-2020-12653

  • EPSS 0.2%
  • Veröffentlicht 05.05.2020 06:15:11
  • Zuletzt bearbeitet 21.11.2024 04:59:59

An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer ov...

6.1

CVE-2020-11022

Exploit
  • EPSS 18.04%
  • Veröffentlicht 29.04.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 04:56:36

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob...

6.1

CVE-2020-11023

Warnung Exploit
  • EPSS 32.3%
  • Veröffentlicht 29.04.2020 21:15:11
  • Zuletzt bearbeitet 07.11.2025 19:32:52

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex...

7

CVE-2020-11884

  • EPSS 0.04%
  • Veröffentlicht 29.04.2020 13:15:11
  • Zuletzt bearbeitet 21.11.2024 04:58:49

In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade...

7.5

CVE-2020-12243

Exploit
  • EPSS 8.22%
  • Veröffentlicht 28.04.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:59:22

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).

5.5

CVE-2020-8832

  • EPSS 0.31%
  • Veröffentlicht 10.04.2020 00:15:11
  • Zuletzt bearbeitet 21.11.2024 05:39:31

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of th...

7.8

CVE-2020-8835

Exploit
  • EPSS 24.75%
  • Veröffentlicht 02.04.2020 18:15:18
  • Zuletzt bearbeitet 21.11.2024 05:39:32

In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5....

7.5

CVE-2019-20388

  • EPSS 0.56%
  • Veröffentlicht 21.01.2020 23:15:13
  • Zuletzt bearbeitet 21.11.2024 04:38:21

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

7.5

CVE-2020-7595

  • EPSS 0.47%
  • Veröffentlicht 21.01.2020 23:15:13
  • Zuletzt bearbeitet 03.12.2025 16:15:54

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.