Filtered by vendor Netapp
Subscriptions
Filtered by product H300e
Subscriptions
Total
150 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22897 | 5 Haxx, Netapp, Oracle and 2 more | 30 Curl, Cloud Backup, H300e and 27 more | 2024-08-03 | 5.3 Medium |
| curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly. | ||||
| CVE-2021-20322 | 6 Debian, Fedoraproject, Linux and 3 more | 34 Debian Linux, Fedora, Linux Kernel and 31 more | 2024-08-03 | 7.4 High |
| A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. | ||||
| CVE-2021-4157 | 5 Fedoraproject, Linux, Netapp and 2 more | 18 Fedora, Linux Kernel, H300e and 15 more | 2024-08-03 | 8.0 High |
| An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system. | ||||
| CVE-2021-4083 | 5 Debian, Linux, Netapp and 2 more | 30 Debian Linux, Linux Kernel, H300e and 27 more | 2024-08-03 | 7.0 High |
| A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4. | ||||
| CVE-2021-4090 | 2 Linux, Netapp | 17 Linux Kernel, H300e, H300e Firmware and 14 more | 2024-08-03 | 7.1 High |
| An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat. | ||||
| CVE-2021-3752 | 6 Debian, Fedoraproject, Linux and 3 more | 28 Debian Linux, Fedora, Linux Kernel and 25 more | 2024-08-03 | 7.1 High |
| A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | ||||
| CVE-2021-3760 | 4 Debian, Fedoraproject, Linux and 1 more | 19 Debian Linux, Fedora, Linux Kernel and 16 more | 2024-08-03 | 7.8 High |
| A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. | ||||
| CVE-2021-3743 | 5 Fedoraproject, Linux, Netapp and 2 more | 22 Fedora, Linux Kernel, H300e and 19 more | 2024-08-03 | 7.1 High |
| An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3739 | 3 Fedoraproject, Linux, Netapp | 18 Fedora, Linux Kernel, H300e and 15 more | 2024-08-03 | 7.1 High |
| A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3640 | 6 Canonical, Debian, Fedoraproject and 3 more | 23 Ubuntu Linux, Debian Linux, Fedora and 20 more | 2024-08-03 | 7.0 High |
| A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system. | ||||
| CVE-2021-3609 | 3 Linux, Netapp, Redhat | 46 Linux Kernel, H300e, H300e Firmware and 43 more | 2024-08-03 | 7.0 High |
| .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. | ||||
| CVE-2021-3612 | 6 Debian, Fedoraproject, Linux and 3 more | 26 Debian Linux, Fedora, Linux Kernel and 23 more | 2024-08-03 | 7.8 High |
| An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | ||||
| CVE-2021-3541 | 4 Netapp, Oracle, Redhat and 1 more | 29 Active Iq Unified Manager, Cloud Backup, Clustered Data Ontap and 26 more | 2024-08-03 | 6.5 Medium |
| A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service. | ||||
| CVE-2021-3501 | 4 Fedoraproject, Linux, Netapp and 1 more | 28 Fedora, Linux Kernel, Cloud Backup and 25 more | 2024-08-03 | 7.1 High |
| A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability. | ||||
| CVE-2021-3506 | 3 Debian, Linux, Netapp | 20 Debian Linux, Linux Kernel, Cloud Backup and 17 more | 2024-08-03 | 7.1 High |
| An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-3483 | 3 Debian, Linux, Netapp | 19 Debian Linux, Linux Kernel, Cloud Backup and 16 more | 2024-08-03 | 7.8 High |
| A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected | ||||
| CVE-2022-29581 | 5 Canonical, Debian, Linux and 2 more | 22 Ubuntu Linux, Debian Linux, Linux Kernel and 19 more | 2024-08-03 | 7.8 High |
| Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. | ||||
| CVE-2022-29156 | 2 Linux, Netapp | 17 Linux Kernel, H300e, H300e Firmware and 14 more | 2024-08-03 | 7.8 High |
| drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release. | ||||
| CVE-2022-28893 | 4 Debian, Linux, Netapp and 1 more | 25 Debian Linux, Linux Kernel, H300e and 22 more | 2024-08-03 | 7.8 High |
| The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state. | ||||
| CVE-2022-28796 | 4 Fedoraproject, Linux, Netapp and 1 more | 24 Fedora, Linux Kernel, Active Iq Unified Manager and 21 more | 2024-08-03 | 7.0 High |
| jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. | ||||