H500e Firmware Security Vulnerabilities and Issues — H500e Firmware CVE List

Lucene search

NetappH500e Firmware

9 matches found

CVE•added 2021/11/02 11:15 p.m.•340 views

CVE-2021-43267

An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.

9.8CVSS6.8AI score0.72709EPSS

CVE•added 2021/11/17 5:15 p.m.•297 views

CVE-2021-43976

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

4.6CVSS6AI score0.00017EPSS

CVE•added 2021/11/17 5:15 p.m.•265 views

CVE-2021-43975

In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.

6.7CVSS6.6AI score0.00018EPSS

CVE•added 2021/11/15 9:15 p.m.•202 views

CVE-2021-42376

A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.

5.5CVSS6.9AI score0.00028EPSS

CVE•added 2021/11/15 9:15 p.m.•153 views

CVE-2021-42374

An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that

5.3CVSS5.9AI score0.00071EPSS

CVE•added 2021/11/15 9:15 p.m.•151 views

CVE-2021-42377

An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered command input.

9.8CVSS9.5AI score0.03035EPSS

CVE•added 2021/11/15 9:15 p.m.•130 views

CVE-2021-42373

A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given

5.5CVSS6.8AI score0.00052EPSS

CVE•added 2021/11/15 9:15 p.m.•129 views

CVE-2021-42375

An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.

5.5CVSS7AI score0.00051EPSS

CVE•added 2021/11/02 10:15 p.m.•66 views

CVE-2017-5123

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.

8.8CVSS7.4AI score0.01984EPSS