Vulnerabilities > Netapp > H410C Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2021-12-23 CVE-2021-45469 Out-of-bounds Read vulnerability in multiple products
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.
local
low complexity
linux fedoraproject debian netapp CWE-125
7.8
7.8
2021-12-22 CVE-2021-44733 Race Condition vulnerability in multiple products
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11.
local
high complexity
linux redhat fedoraproject debian netapp CWE-362
7.0
7.0
2021-12-16 CVE-2021-45100 Cleartext Transmission of Sensitive Information vulnerability in multiple products
The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled.
network
low complexity
ksmbd-project netapp CWE-319
7.5
7.5
2021-12-14 CVE-2021-4044 Infinite Loop vulnerability in multiple products
Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server.
network
low complexity
openssl netapp nodejs CWE-835
7.5
7.5
2021-12-08 CVE-2018-25020 Classic Buffer Overflow vulnerability in multiple products
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow.
local
low complexity
linux netapp CWE-120
7.8
7.8
2021-11-15 CVE-2021-43618 Integer Overflow or Wraparound vulnerability in multiple products
GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.
network
low complexity
gmplib debian netapp CWE-190
7.5
7.5
2021-10-28 CVE-2021-43057 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.14.8.
local
low complexity
linux netapp CWE-416
7.8
7.8
2021-10-11 CVE-2021-42252 An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6.
local
low complexity
linux netapp
7.8
7.8
2021-10-05 CVE-2021-42008 Out-of-bounds Write vulnerability in multiple products
The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write.
local
low complexity
linux netapp debian CWE-787
7.8
7.8
2021-10-02 CVE-2021-41864 Integer Overflow or Wraparound vulnerability in multiple products
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
local
low complexity
linux fedoraproject netapp debian CWE-190
7.8
7.8