Vulnerabilities > Netapp > H300E Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-06-24 CVE-2020-28097 Out-of-bounds Read vulnerability in multiple products
The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback.
low complexity
linux netapp CWE-125
5.9
2021-06-11 CVE-2021-22897 Exposure of Resource to Wrong Sphere vulnerability in multiple products
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library.
network
low complexity
haxx oracle netapp siemens splunk CWE-668
5.3
2021-06-11 CVE-2021-22901 Use After Free vulnerability in multiple products
curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection.
network
high complexity
haxx oracle netapp siemens splunk CWE-416
8.1
2021-06-07 CVE-2018-25015 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.14.16.
local
low complexity
linux netapp CWE-416
7.8
2021-06-07 CVE-2019-25045 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.0.19.
local
low complexity
linux netapp CWE-416
7.8
2021-06-07 CVE-2020-36387 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.8.2.
local
low complexity
linux netapp CWE-416
7.8
2021-06-07 CVE-2020-36385 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.10.
local
low complexity
linux netapp starwindsoftware CWE-416
7.8
2021-05-27 CVE-2021-33200 Out-of-bounds Write vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579.
local
low complexity
linux fedoraproject netapp CWE-787
7.8
2021-05-26 CVE-2020-27815 A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges.
local
low complexity
linux debian netapp
7.8
2021-05-26 CVE-2020-25668 Improper Synchronization vulnerability in multiple products
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
local
high complexity
linux debian netapp CWE-662
7.0