Netapp

H500e Firmware

148 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.5

CVE-2020-35508

  • EPSS 0.05%
  • Veröffentlicht 26.03.2021 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:27:27

A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass chec...

8.8

CVE-2021-28660

  • EPSS 0.27%
  • Veröffentlicht 17.03.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 06:00:02

rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/sta...

5.5

CVE-2020-27618

Exploit
  • EPSS 0.03%
  • Veröffentlicht 26.02.2021 23:15:11
  • Zuletzt bearbeitet 09.06.2025 16:15:31

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an i...

4.9

CVE-2020-15025

  • EPSS 1.89%
  • Veröffentlicht 24.06.2020 19:15:10
  • Zuletzt bearbeitet 21.11.2024 05:04:38

ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC alg...

4.4

CVE-2020-10732

  • EPSS 0.05%
  • Veröffentlicht 12.06.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:55:57

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

7.4

CVE-2020-13817

  • EPSS 0.38%
  • Veröffentlicht 04.06.2020 13:15:11
  • Zuletzt bearbeitet 05.05.2025 17:15:59

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated ...

6.5

CVE-2020-13143

  • EPSS 2.98%
  • Veröffentlicht 18.05.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:44

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753...

5.3

CVE-2020-12888

  • EPSS 0.1%
  • Veröffentlicht 15.05.2020 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:00:29

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

5.5

CVE-2020-12769

Exploit
  • EPSS 0.06%
  • Veröffentlicht 09.05.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:15

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

6.7

CVE-2020-12770

  • EPSS 0.05%
  • Veröffentlicht 09.05.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:15

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.