Netapp

H500s Firmware

288 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-45485

  • EPSS 0.58%
  • Veröffentlicht 25.12.2021 02:15:06
  • Zuletzt bearbeitet 21.11.2024 06:32:18

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among ma...

7.8

CVE-2021-45469

Exploit
  • EPSS 0.07%
  • Veröffentlicht 23.12.2021 19:15:12
  • Zuletzt bearbeitet 21.11.2024 06:32:16

In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.

7

CVE-2021-44733

Exploit
  • EPSS 0.28%
  • Veröffentlicht 22.12.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 06:31:28

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.

7.5

CVE-2021-45100

  • EPSS 0.12%
  • Veröffentlicht 16.12.2021 05:15:08
  • Zuletzt bearbeitet 21.11.2024 06:31:57

The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol...

7.5

CVE-2021-4044

  • EPSS 15.58%
  • Veröffentlicht 14.12.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:36:47

Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (for example out of memory). Such a negative return ...

7.8

CVE-2018-25020

  • EPSS 0.16%
  • Veröffentlicht 08.12.2021 05:15:07
  • Zuletzt bearbeitet 21.11.2024 04:03:22

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/...

6.7

CVE-2021-43975

Exploit
  • EPSS 0.02%
  • Veröffentlicht 17.11.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:30:07

In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.

4.6

CVE-2021-43976

  • EPSS 0.05%
  • Veröffentlicht 17.11.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:30:07

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

5.5

CVE-2021-42373

  • EPSS 0.08%
  • Veröffentlicht 15.11.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:27:41

A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given

5.3

CVE-2021-42374

Exploit
  • EPSS 0.05%
  • Veröffentlicht 15.11.2021 21:15:07
  • Zuletzt bearbeitet 03.11.2025 21:15:43

An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that