Netapp

H410c Firmware

231 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-2873

  • EPSS 0.03%
  • Published 22.08.2022 15:15:15
  • Last modified 21.11.2024 07:01:51

An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to cra...

7.1

CVE-2022-1973

  • EPSS 0.09%
  • Published 05.08.2022 17:15:08
  • Last modified 21.11.2024 06:41:51

A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem.

7.8

CVE-2022-36123

Exploit
  • EPSS 0.02%
  • Published 29.07.2022 14:15:08
  • Last modified 21.11.2024 07:12:26

The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.

5.5

CVE-2022-36879

  • EPSS 0.04%
  • Published 27.07.2022 04:15:10
  • Last modified 05.05.2025 16:15:17

An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.

7.1

CVE-2022-1671

  • EPSS 0.16%
  • Published 26.07.2022 17:15:08
  • Last modified 21.11.2024 06:41:13

A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.

6.1

CVE-2022-31160

Exploit
  • EPSS 10.94%
  • Published 20.07.2022 20:15:08
  • Last modified 21.11.2024 07:04:01

jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed with...

5.5

CVE-2022-2318

  • EPSS 0.08%
  • Published 06.07.2022 19:15:08
  • Last modified 21.11.2024 07:00:45

There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.

5.3

CVE-2022-2097

  • EPSS 0.41%
  • Published 05.07.2022 11:15:08
  • Last modified 21.11.2024 07:00:18

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't writte...

7.8

CVE-2022-34918

Exploit
  • EPSS 34.58%
  • Published 04.07.2022 21:15:07
  • Last modified 21.11.2024 07:10:26

An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacke...

10

CVE-2022-2274

Exploit
  • EPSS 56.5%
  • Published 01.07.2022 08:15:07
  • Last modified 21.11.2024 07:00:40

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption w...