Netapp

H410c Firmware

231 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.4

CVE-2020-13817

  • EPSS 0.38%
  • Published 04.06.2020 13:15:11
  • Last modified 05.05.2025 17:15:59

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated ...

6.5

CVE-2020-13143

  • EPSS 2.98%
  • Published 18.05.2020 18:15:11
  • Last modified 21.11.2024 05:00:44

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753...

5.3

CVE-2020-12888

  • EPSS 0.1%
  • Published 15.05.2020 18:15:13
  • Last modified 21.11.2024 05:00:29

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

5.5

CVE-2020-12769

Exploit
  • EPSS 0.06%
  • Published 09.05.2020 21:15:11
  • Last modified 21.11.2024 05:00:15

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

6.7

CVE-2020-12770

  • EPSS 0.05%
  • Published 09.05.2020 21:15:11
  • Last modified 21.11.2024 05:00:15

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.

5.5

CVE-2020-12771

Exploit
  • EPSS 0.06%
  • Published 09.05.2020 21:15:11
  • Last modified 21.11.2024 05:00:15

An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.

6.4

CVE-2020-10690

  • EPSS 0.02%
  • Published 08.05.2020 15:15:11
  • Last modified 21.11.2024 04:55:51

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes ...

7.8

CVE-2020-12653

  • EPSS 0.21%
  • Published 05.05.2020 06:15:11
  • Last modified 21.11.2024 04:59:59

An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer ov...

7

CVE-2020-1752

  • EPSS 0.19%
  • Published 30.04.2020 17:15:13
  • Last modified 21.11.2024 05:11:18

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker ...

6.1

CVE-2020-11022

Exploit
  • EPSS 22.55%
  • Published 29.04.2020 22:15:11
  • Last modified 21.11.2024 04:56:36

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob...