Vulnerabilities > Netapp > H300S Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-15 | CVE-2023-2124 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). | 7.8 |
2023-04-25 | CVE-2023-0045 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. | 7.5 |
2023-04-25 | CVE-2023-2269 | Improper Locking vulnerability in multiple products A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. | 4.4 |
2023-04-24 | CVE-2023-2007 | Improper Locking vulnerability in multiple products The specific flaw exists within the DPT I2O Controller driver. | 7.8 |
2023-03-31 | CVE-2023-28464 | Double Free vulnerability in multiple products hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. | 7.8 |
2023-03-30 | CVE-2023-27533 | Injection vulnerability in multiple products A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. | 8.8 |
2023-03-30 | CVE-2023-27534 | Path Traversal vulnerability in multiple products A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. | 8.8 |
2023-03-30 | CVE-2023-27535 | Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. | 5.9 |
2023-03-30 | CVE-2023-27536 | Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. | 5.9 |
2023-03-30 | CVE-2023-27537 | Double Free vulnerability in multiple products A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". | 5.9 |