H300s Firmware Security Vulnerabilities and Issues — H300s Firmware CVE List

Lucene search

NetappH300s Firmware

10 matches found

CVE•added 2022/08/05 7:15 a.m.•1085 views

CVE-2022-37434

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHe...

9.8CVSS9.9AI score0.92678EPSS

CVE•added 2022/08/31 6:15 a.m.•431 views

CVE-2022-39046

An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap.

7.5CVSS5.8AI score0.00572EPSS

CVE•added 2022/08/24 4:15 p.m.•340 views

CVE-2021-3999

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arb...

7.8CVSS9.2AI score0.0102EPSS

CVE•added 2022/08/24 4:15 p.m.•252 views

CVE-2021-3998

A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.

7.5CVSS8.1AI score0.00114EPSS

CVE•added 2022/08/29 3:15 p.m.•229 views

CVE-2022-2961

A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on the system.

7CVSS6.7AI score0.00023EPSS

CVE•added 2022/08/24 4:15 p.m.•200 views

CVE-2021-4204

An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.

7.1CVSS6.5AI score0.00767EPSS

CVE•added 2022/08/22 3:15 p.m.•183 views

CVE-2022-2873

An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.

5.5CVSS6AI score0.00033EPSS

CVE•added 2022/08/29 3:15 p.m.•178 views

CVE-2022-1199

A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.

7.5CVSS6.9AI score0.00148EPSS

CVE•added 2022/08/23 8:15 p.m.•166 views

CVE-2022-2938

A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.

7.8CVSS7.1AI score0.00022EPSS

CVE•added 2022/08/05 5:15 p.m.•143 views

CVE-2022-1973

A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem.

7.1CVSS6.5AI score0.00022EPSS