Vulnerabilities > Netapp > H300S Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-30 CVE-2023-27538 Improper Authentication vulnerability in multiple products
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse.
5.5
2023-03-27 CVE-2023-1077 Type Confusion vulnerability in multiple products
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.
local
high complexity
linux debian netapp CWE-843
7.0
2023-03-27 CVE-2023-1380 Out-of-bounds Read vulnerability in multiple products
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel.
local
low complexity
redhat linux netapp debian canonical CWE-125
7.1
2023-02-25 CVE-2023-26545 Double Free vulnerability in multiple products
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
local
high complexity
linux netapp CWE-415
4.7
2023-02-23 CVE-2023-23914 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially.
network
low complexity
haxx netapp splunk CWE-319
critical
9.1
2023-02-23 CVE-2023-23915 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel.
network
low complexity
haxx netapp splunk CWE-319
6.5
2023-02-23 CVE-2023-23916 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms.
network
low complexity
haxx fedoraproject debian netapp splunk CWE-770
6.5
2022-12-18 CVE-2022-47518 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.0.11.
local
low complexity
linux debian netapp CWE-787
7.8
2022-12-18 CVE-2022-47519 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.0.11.
local
low complexity
linux debian netapp CWE-787
7.8
2022-12-18 CVE-2022-47520 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.0.11.
local
low complexity
linux debian netapp CWE-125
7.1