Netapp

H700e Firmware

149 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2018-25020

  • EPSS 0.16%
  • Published 08.12.2021 05:15:07
  • Last modified 21.11.2024 04:03:22

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/...

6.7

CVE-2021-43975

Exploit
  • EPSS 0.02%
  • Published 17.11.2021 17:15:08
  • Last modified 21.11.2024 06:30:07

In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.

4.6

CVE-2021-43976

  • EPSS 0.02%
  • Published 17.11.2021 17:15:08
  • Last modified 21.11.2024 06:30:07

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

5.5

CVE-2021-42373

  • EPSS 0.08%
  • Published 15.11.2021 21:15:07
  • Last modified 21.11.2024 06:27:41

A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given

5.3

CVE-2021-42374

Exploit
  • EPSS 0.07%
  • Published 15.11.2021 21:15:07
  • Last modified 05.05.2025 17:17:27

An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that

5.5

CVE-2021-42375

  • EPSS 0.06%
  • Published 15.11.2021 21:15:07
  • Last modified 23.04.2025 20:15:33

An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditi...

5.5

CVE-2021-42376

  • EPSS 0.05%
  • Published 15.11.2021 21:15:07
  • Last modified 21.11.2024 06:27:41

A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered comman...

9.8

CVE-2021-42377

  • EPSS 1.86%
  • Published 15.11.2021 21:15:07
  • Last modified 21.11.2024 06:27:41

An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under...

9.8

CVE-2021-43267

Exploit
  • EPSS 72.71%
  • Published 02.11.2021 23:15:07
  • Last modified 21.11.2024 06:28:57

An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO mes...

8.8

CVE-2017-5123

  • EPSS 1.98%
  • Published 02.11.2021 22:15:08
  • Last modified 21.11.2024 03:27:06

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.