Lucene search

K
NetappH410c Firmware

230 matches found

CVE
CVE
added 2025/02/05 10:15 a.m.303 views

CVE-2025-0167

When asked to use a .netrc file for credentials and to follow HTTPredirects, curl could leak the password used for the first host to thefollowed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a default entry thatomits both login and password. A rare circu...

3.4CVSS7AI score0.00068EPSS
CVE
CVE
added 2019/08/16 2:15 p.m.302 views

CVE-2019-15118

check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.

5.5CVSS6.5AI score0.00136EPSS
CVE
CVE
added 2022/11/23 6:15 p.m.301 views

CVE-2022-40304

An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.

7.8CVSS6.9AI score0.00079EPSS
CVE
CVE
added 2021/05/25 8:15 p.m.300 views

CVE-2020-25672

A memory leak vulnerability was found in Linux kernel in llcp_sock_connect

7.5CVSS7.3AI score0.017EPSS
CVE
CVE
added 2021/11/17 5:15 p.m.300 views

CVE-2021-43975

In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.

6.7CVSS6.6AI score0.00019EPSS
CVE
CVE
added 2017/05/19 2:29 p.m.299 views

CVE-2017-9078

The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled.

8.8CVSS8.6AI score0.02734EPSS
CVE
CVE
added 2024/05/06 8:15 p.m.297 views

CVE-2024-33602

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memorywhen the NSS callback does not store all strings in the provided buffer.The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability...

7.4CVSS6.8AI score0.00227EPSS
CVE
CVE
added 2022/07/04 9:15 p.m.294 views

CVE-2022-34918

An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an ...

7.8CVSS7.5AI score0.40818EPSS
CVE
CVE
added 2020/06/15 5:15 p.m.292 views

CVE-2020-14155

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

5.3CVSS6.4AI score0.00152EPSS
CVE
CVE
added 2022/03/03 7:15 p.m.292 views

CVE-2021-3609

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

7CVSS7.2AI score0.00064EPSS
CVE
CVE
added 2021/12/14 7:15 p.m.291 views

CVE-2021-4044

Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (for example out of memory). Such a negative return value is mishandled by OpenSSL and will cause an ...

7.5CVSS7.2AI score0.18807EPSS
Web
CVE
CVE
added 2021/09/03 1:15 a.m.291 views

CVE-2021-40490

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

7CVSS7AI score0.00037EPSS
CVE
CVE
added 2021/05/26 11:15 a.m.290 views

CVE-2020-25671

A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.

7.8CVSS7.6AI score0.00131EPSS
CVE
CVE
added 2022/03/02 11:15 p.m.289 views

CVE-2021-3772

A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.

6.5CVSS6.8AI score0.00243EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.288 views

CVE-2019-15216

An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.

4.9CVSS6AI score0.00043EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.286 views

CVE-2019-15218

An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.

4.9CVSS6.1AI score0.00099EPSS
CVE
CVE
added 2022/02/11 6:15 a.m.285 views

CVE-2022-24958

drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.

7.8CVSS7.2AI score0.00025EPSS
CVE
CVE
added 2022/05/16 9:15 p.m.283 views

CVE-2022-1587

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.

9.1CVSS8.9AI score0.00146EPSS
CVE
CVE
added 2022/11/25 4:15 a.m.283 views

CVE-2022-45885

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.

7CVSS6.6AI score0.00012EPSS
CVE
CVE
added 2022/10/17 12:15 p.m.282 views

CVE-2022-3545

A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply ...

7.8CVSS6.8AI score0.00023EPSS
CVE
CVE
added 2022/11/04 7:15 p.m.282 views

CVE-2022-43945

The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send b...

7.5CVSS8AI score0.00652EPSS
CVE
CVE
added 2022/06/09 3:15 p.m.281 views

CVE-2022-1998

A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

7.8CVSS7.4AI score0.00036EPSS
CVE
CVE
added 2020/02/25 4:15 p.m.278 views

CVE-2020-9383

An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.

7.1CVSS6.7AI score0.00164EPSS
CVE
CVE
added 2021/05/26 11:15 a.m.271 views

CVE-2020-25670

A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.

7.8CVSS7.7AI score0.00059EPSS
CVE
CVE
added 2021/10/05 12:15 a.m.271 views

CVE-2021-42008

The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.

7.8CVSS7.2AI score0.00934EPSS
CVE
CVE
added 2023/05/30 10:15 p.m.269 views

CVE-2023-2953

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

7.5CVSS7.3AI score0.0111EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.268 views

CVE-2019-15212

An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.

4.9CVSS5.9AI score0.00108EPSS
CVE
CVE
added 2022/03/04 4:15 p.m.268 views

CVE-2021-3743

An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerab...

7.1CVSS7.2AI score0.00011EPSS
CVE
CVE
added 2021/05/26 1:15 p.m.266 views

CVE-2020-27815

A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as ...

7.8CVSS7.9AI score0.00182EPSS
CVE
CVE
added 2022/05/16 9:15 p.m.263 views

CVE-2022-1586

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in ca...

9.1CVSS9.1AI score0.00331EPSS
CVE
CVE
added 2022/03/06 4:15 a.m.258 views

CVE-2022-26490

st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.

7.8CVSS7.6AI score0.00025EPSS
CVE
CVE
added 2022/06/02 2:15 p.m.257 views

CVE-2022-1786

A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system.

7.8CVSS7.3AI score0.01049EPSS
CVE
CVE
added 2022/09/09 3:15 p.m.256 views

CVE-2022-2964

A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.

7.8CVSS7.6AI score0.00041EPSS
CVE
CVE
added 2020/04/29 1:15 p.m.255 views

CVE-2020-11884

In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur.

7CVSS6.6AI score0.0011EPSS
CVE
CVE
added 2021/09/19 5:15 p.m.254 views

CVE-2021-41073

loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation.

7.8CVSS7.2AI score0.00896EPSS
CVE
CVE
added 2023/02/25 4:15 a.m.253 views

CVE-2023-26545

In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

4.7CVSS6AI score0.00012EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.252 views

CVE-2019-15211

An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.

4.9CVSS6AI score0.00115EPSS
CVE
CVE
added 2021/05/26 12:15 p.m.252 views

CVE-2020-25668

A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.

7CVSS7.4AI score0.00132EPSS
CVE
CVE
added 2022/08/24 4:15 p.m.252 views

CVE-2021-3998

A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.

7.5CVSS8.1AI score0.00098EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.251 views

CVE-2019-15213

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.

4.9CVSS6AI score0.00144EPSS
CVE
CVE
added 2021/04/19 10:15 p.m.251 views

CVE-2021-3506

An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The h...

7.1CVSS6.7AI score0.00376EPSS
CVE
CVE
added 2022/02/16 7:15 p.m.251 views

CVE-2021-3753

A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.

4.7CVSS6AI score0.00012EPSS
CVE
CVE
added 2022/04/11 5:15 a.m.251 views

CVE-2022-28893

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.

7.8CVSS7.3AI score0.0002EPSS
CVE
CVE
added 2022/02/26 4:15 a.m.250 views

CVE-2020-36516

An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.

5.9CVSS6.2AI score0.00023EPSS
CVE
CVE
added 2022/05/18 5:15 p.m.248 views

CVE-2022-1734

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.

7CVSS7.2AI score0.00013EPSS
CVE
CVE
added 2020/12/11 7:15 p.m.245 views

CVE-2020-27825

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special...

5.7CVSS6.4AI score0.00111EPSS
CVE
CVE
added 2023/06/16 9:15 p.m.244 views

CVE-2023-35788

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

7.8CVSS7.7AI score0.00009EPSS
CVE
CVE
added 2023/04/24 6:15 a.m.242 views

CVE-2023-31084

An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event...

5.5CVSS6.6AI score0.00008EPSS
CVE
CVE
added 2021/05/26 11:15 a.m.241 views

CVE-2020-25673

A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.

5.5CVSS6.1AI score0.00136EPSS
CVE
CVE
added 2021/10/11 7:15 p.m.240 views

CVE-2021-42252

An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs becau...

7.8CVSS7.2AI score0.00087EPSS
Total number of security vulnerabilities230