Vulnerabilities > Netapp > H410C Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-04-29 CVE-2020-11022 In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. 6.1
2020-04-29 CVE-2020-11023 In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. 6.1
2020-04-10 CVE-2020-8832 Information Exposure vulnerability in multiple products
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
local
low complexity
canonical netapp CWE-200
5.5
2020-03-04 CVE-2020-10029 Out-of-bounds Write vulnerability in multiple products
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets.
5.5
2020-02-25 CVE-2020-9391 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture.
local
low complexity
linux fedoraproject netapp CWE-787
5.5
2020-02-14 CVE-2020-8992 Excessive Iteration vulnerability in multiple products
ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.
local
low complexity
linux canonical opensuse netapp CWE-834
5.5
2019-08-19 CVE-2019-15223 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.1.8.
low complexity
linux netapp canonical CWE-476
4.6
2019-08-19 CVE-2019-15222 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.2.8.
low complexity
linux netapp opensuse CWE-476
4.6
2019-08-19 CVE-2019-15221 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.1.17.
4.6
2019-08-19 CVE-2019-15220 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.2.1.
4.6