Filtered by vendor Netapp
Subscriptions
Filtered by product H300s
Subscriptions
Total
289 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-0492 | 6 Canonical, Debian, Fedoraproject and 3 more | 36 Ubuntu Linux, Debian Linux, Fedora and 33 more | 2024-08-02 | 7.8 High |
| A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. | ||||
| CVE-2022-0435 | 5 Fedoraproject, Linux, Netapp and 2 more | 40 Fedora, Linux Kernel, H300e and 37 more | 2024-08-02 | 8.8 High |
| A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. | ||||
| CVE-2022-0330 | 4 Fedoraproject, Linux, Netapp and 1 more | 52 Fedora, Linux Kernel, H300e and 49 more | 2024-08-02 | 7.8 High |
| A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. | ||||
| CVE-2023-40791 | 2 Linux, Netapp | 9 Linux Kernel, H300s, H300s Firmware and 6 more | 2024-08-02 | 6.3 Medium |
| extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page. | ||||
| CVE-2023-38428 | 2 Linux, Netapp | 7 Linux Kernel, H300s, H410s and 4 more | 2024-08-02 | 9.1 Critical |
| An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read. | ||||
| CVE-2023-38432 | 2 Linux, Netapp | 7 Linux Kernel, H300s, H410s and 4 more | 2024-08-02 | 9.1 Critical |
| An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read. | ||||
| CVE-2023-38430 | 2 Linux, Netapp | 6 Linux Kernel, H300s, H410s and 3 more | 2024-08-02 | 9.1 Critical |
| An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. | ||||
| CVE-2023-38431 | 2 Linux, Netapp | 6 Linux Kernel, H300s, H410s and 3 more | 2024-08-02 | 9.1 Critical |
| An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read. | ||||
| CVE-2023-38426 | 2 Linux, Netapp | 7 Linux Kernel, H300s, H410s and 4 more | 2024-08-02 | 9.1 Critical |
| An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_context's name_len is larger than the tag length. | ||||
| CVE-2023-35828 | 2 Linux, Netapp | 6 Linux Kernel, H300s, H410c and 3 more | 2024-08-02 | 7.0 High |
| An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c. | ||||
| CVE-2023-35829 | 2 Linux, Netapp | 5 Linux Kernel, H300s, H410s and 2 more | 2024-08-02 | 7.0 High |
| An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c. | ||||
| CVE-2023-35826 | 2 Linux, Netapp | 6 Linux Kernel, H300s, H410c and 3 more | 2024-08-02 | 7.0 High |
| An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c. | ||||
| CVE-2023-35788 | 5 Canonical, Debian, Linux and 2 more | 20 Ubuntu Linux, Debian Linux, Linux Kernel and 17 more | 2024-08-02 | 7.8 High |
| An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation. | ||||
| CVE-2023-35001 | 5 Debian, Fedoraproject, Linux and 2 more | 15 Debian Linux, Fedora, Linux Kernel and 12 more | 2024-08-02 | 7.8 High |
| Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | ||||
| CVE-2023-33250 | 2 Linux, Netapp | 9 Linux Kernel, H300s, H300s Firmware and 6 more | 2024-08-02 | 4.4 Medium |
| The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c. | ||||
| CVE-2023-32248 | 3 Linux, Netapp, Redhat | 7 Linux Kernel, H300s, H410c and 4 more | 2024-08-02 | 7.5 High |
| A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. | ||||
| CVE-2023-28466 | 4 Debian, Linux, Netapp and 1 more | 10 Debian Linux, Linux Kernel, H300s and 7 more | 2024-08-02 | 7.0 High |
| do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | ||||
| CVE-2023-28322 | 5 Apple, Fedoraproject, Haxx and 2 more | 17 Macos, Fedora, Curl and 14 more | 2024-08-02 | 3.7 Low |
| An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | ||||
| CVE-2023-28321 | 6 Apple, Debian, Fedoraproject and 3 more | 17 Macos, Debian Linux, Fedora and 14 more | 2024-08-02 | 5.9 Medium |
| An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`. | ||||
| CVE-2023-28319 | 4 Apple, Haxx, Netapp and 1 more | 13 Macos, Curl, Clustered Data Ontap and 10 more | 2024-08-02 | 7.5 High |
| A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed. | ||||