H300e Firmware Security Vulnerabilities and Issues — H300e Firmware CVE List

Lucene search

NetappH300e Firmware

9 matches found

CVE•added 2022/05/03 4:15 p.m.•1129 views

CVE-2022-1292

The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the s...

10CVSS9AI score0.71469EPSS

CVE•added 2022/05/17 5:15 p.m.•315 views

CVE-2022-29581

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.

7.8CVSS7.8AI score0.00121EPSS

CVE•added 2022/05/18 5:15 p.m.•231 views

CVE-2022-1734

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.

7CVSS7.2AI score0.00013EPSS

CVE•added 2022/05/03 4:15 p.m.•215 views

CVE-2022-1473

The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will ...

7.5CVSS8.2AI score0.00229EPSS

CVE•added 2022/05/16 6:15 p.m.•198 views

CVE-2022-1679

A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.

7.8CVSS7.7AI score0.00094EPSS

CVE•added 2022/05/03 4:15 p.m.•183 views

CVE-2022-1343

The function OCSP_basic_verify verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is an...

5.3CVSS7AI score0.00119EPSS

CVE•added 2022/05/03 4:15 p.m.•169 views

CVE-2022-1434

The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipient...

5.9CVSS7.3AI score0.00055EPSS

CVE•added 2022/05/26 5:15 p.m.•141 views

CVE-2022-1882

A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.

7.8CVSS7.3AI score0.00024EPSS

CVE•added 2022/05/25 3:15 p.m.•104 views

CVE-2022-1678

An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.

7.5CVSS7.2AI score0.00135EPSS