H410C Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-25	CVE-2023-5363	Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. network low complexity openssl debian netapp	7.5
2023-10-14	CVE-2023-45862	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. local low complexity linux netapp CWE-770	5.5
2023-09-20	CVE-2023-4236	Reachable Assertion vulnerability in multiple products A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. network low complexity isc fedoraproject debian netapp CWE-617	7.5
2023-09-18	CVE-2023-4527	Out-of-bounds Read vulnerability in multiple products A flaw was found in glibc. network high complexity gnu redhat fedoraproject netapp CWE-125	6.5
2023-09-12	CVE-2023-4813	Use After Free vulnerability in multiple products A flaw was found in glibc. network high complexity gnu redhat fedoraproject netapp CWE-416	5.9
2023-07-24	CVE-2023-32252	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. network low complexity linux netapp CWE-476	7.5
2023-06-23	CVE-2023-3212	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. local low complexity linux fedoraproject redhat debian netapp CWE-476	4.4
2023-06-21	CVE-2023-2828	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. network low complexity isc debian fedoraproject netapp CWE-770	7.5
2023-06-21	CVE-2023-2829	A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec`) enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1. network low complexity isc netapp	7.5
2023-06-21	CVE-2023-2911	Out-of-bounds Write vulnerability in multiple products If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. network low complexity isc debian fedoraproject netapp CWE-787	7.5