Vulnerabilities > Netapp > H300S Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-24 CVE-2021-3999 Off-by-one Error vulnerability in multiple products
A flaw was found in glibc.
local
low complexity
gnu debian netapp CWE-193
7.8
2022-08-24 CVE-2021-4204 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation.
local
low complexity
linux debian redhat netapp CWE-119
7.1
2022-08-23 CVE-2022-2938 Use After Free vulnerability in multiple products
A flaw was found in the Linux kernel's implementation of Pressure Stall Information.
local
low complexity
linux redhat fedoraproject netapp CWE-416
7.8
2022-08-05 CVE-2022-1973 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal.
local
low complexity
linux fedoraproject netapp CWE-416
7.1
2022-07-26 CVE-2022-1671 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel.
local
low complexity
linux netapp CWE-476
7.1
2022-07-04 CVE-2022-34918 Type Confusion vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.18.9.
local
low complexity
linux debian canonical netapp CWE-843
7.8
2022-06-09 CVE-2022-1998 Use After Free vulnerability in multiple products
A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user().
local
low complexity
linux fedoraproject redhat netapp CWE-416
7.8
2022-06-02 CVE-2022-32250 Use After Free vulnerability in multiple products
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
local
low complexity
linux fedoraproject debian netapp CWE-416
7.8
2022-06-02 CVE-2022-1652 Use After Free vulnerability in multiple products
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function.
local
low complexity
linux redhat debian netapp CWE-416
7.8
2022-06-02 CVE-2022-1786 Type Confusion vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring.
local
low complexity
linux netapp CWE-843
7.8