H410C Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-03	CVE-2022-28389	Double Free vulnerability in multiple products mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. local low complexity linux fedoraproject debian netapp CWE-415	5.5
2022-03-30	CVE-2022-0998	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhost_vdpa_config_validate function. local low complexity linux netapp CWE-190	7.8
2022-03-29	CVE-2022-1055	Use After Free vulnerability in multiple products A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. local low complexity linux redhat fedoraproject canonical netapp CWE-416	7.8
2022-03-25	CVE-2021-4203	Race Condition vulnerability in multiple products A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. network high complexity linux netapp oracle CWE-362	6.8
2022-03-25	CVE-2022-0330	Improper Preservation of Permissions vulnerability in multiple products A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. local low complexity linux redhat fedoraproject netapp CWE-281	7.8
2022-03-25	CVE-2022-0500	Out-of-bounds Write vulnerability in multiple products A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. local low complexity linux fedoraproject netapp CWE-787	7.8
2022-03-25	CVE-2022-0995	Out-of-bounds Write vulnerability in multiple products An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. local low complexity linux fedoraproject netapp CWE-787	7.8
2022-03-25	CVE-2018-25032	Out-of-bounds Write vulnerability in multiple products zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. network low complexity zlib debian fedoraproject apple python mariadb netapp siemens azul goto CWE-787	7.5
2022-03-23	CVE-2021-4197	Improper Authentication vulnerability in multiple products An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. local low complexity linux debian oracle broadcom netapp CWE-287	7.8
2022-03-23	CVE-2021-25220	HTTP Request Smuggling vulnerability in multiple products BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. network low complexity isc fedoraproject netapp siemens juniper CWE-444	6.8