Filtered by vendor Netapp Subscriptions
Filtered by product H300s Firmware Subscriptions
Total 265 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-27666 5 Debian, Fedoraproject, Linux and 2 more 24 Debian Linux, Fedora, Linux Kernel and 21 more 2024-11-21 7.8 High
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
CVE-2022-27223 3 Debian, Linux, Netapp 17 Debian Linux, Linux Kernel, Active Iq Unified Manager and 14 more 2024-11-21 8.8 High
In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.
CVE-2022-26966 3 Debian, Linux, Netapp 17 Debian Linux, Linux Kernel, Active Iq Unified Manager and 14 more 2024-11-21 5.5 Medium
An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.
CVE-2022-26490 4 Debian, Fedoraproject, Linux and 1 more 19 Debian Linux, Fedora, Linux Kernel and 16 more 2024-11-21 7.8 High
st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.
CVE-2022-25265 3 Linux, Netapp, Redhat 20 Linux Kernel, Baseboard Management Controller Firmware, H300e and 17 more 2024-11-21 7.8 High
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.
CVE-2022-25258 4 Debian, Fedoraproject, Linux and 1 more 14 Debian Linux, Fedora, Linux Kernel and 11 more 2024-11-21 4.6 Medium
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.
CVE-2022-24958 4 Debian, Fedoraproject, Linux and 1 more 19 Debian Linux, Fedora, Linux Kernel and 16 more 2024-11-21 7.8 High
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
CVE-2022-24122 3 Fedoraproject, Linux, Netapp 18 Fedora, Linux Kernel, H300e and 15 more 2024-11-21 7.8 High
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
CVE-2022-23308 7 Apple, Debian, Fedoraproject and 4 more 46 Ipados, Iphone Os, Mac Os X and 43 more 2024-11-21 7.5 High
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
CVE-2022-23222 5 Debian, Fedoraproject, Linux and 2 more 22 Debian Linux, Fedora, Linux Kernel and 19 more 2024-11-21 7.8 High
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.
CVE-2022-22576 6 Brocade, Debian, Haxx and 3 more 18 Fabric Operating System, Debian Linux, Curl and 15 more 2024-11-21 8.1 High
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).
CVE-2022-1998 4 Fedoraproject, Linux, Netapp and 1 more 13 Fedora, Linux Kernel, H300s and 10 more 2024-11-21 7.8 High
A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
CVE-2022-1973 3 Fedoraproject, Linux, Netapp 12 Fedora, Linux Kernel, H300s and 9 more 2024-11-21 7.1 High
A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem.
CVE-2022-1882 3 Linux, Netapp, Redhat 18 Linux Kernel, H300e, H300e Firmware and 15 more 2024-11-21 7.8 High
A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2022-1786 2 Linux, Netapp 11 Linux Kernel, H300s, H300s Firmware and 8 more 2024-11-21 7.8 High
A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system.
CVE-2022-1734 3 Debian, Linux, Netapp 18 Debian Linux, Linux Kernel, H300e and 15 more 2024-11-21 7.0 High
A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
CVE-2022-1679 4 Debian, Linux, Netapp and 1 more 21 Debian Linux, Linux Kernel, H300e and 18 more 2024-11-21 7.8 High
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2022-1678 2 Linux, Netapp 26 Linux Kernel, Active Iq Unified Manager, Bootstrap Os and 23 more 2024-11-21 5.9 Medium
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
CVE-2022-1671 2 Linux, Netapp 11 Linux Kernel, H300s, H300s Firmware and 8 more 2024-11-21 7.1 High
A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.
CVE-2022-1652 4 Debian, Linux, Netapp and 1 more 13 Debian Linux, Linux Kernel, H300s and 10 more 2024-11-21 7.8 High
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.