Vulnerabilities > Netapp > H410S Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-04-10 CVE-2020-8832 Information Exposure vulnerability in multiple products
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
local
low complexity
canonical netapp CWE-200
5.5
2020-04-02 CVE-2020-8835 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory.
local
low complexity
linux fedoraproject canonical netapp CWE-787
7.8
2020-01-21 CVE-2020-7595 Infinite Loop vulnerability in multiple products
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
7.5
2020-01-21 CVE-2019-20388 Memory Leak vulnerability in multiple products
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
7.5
2019-10-11 CVE-2019-2215 Use After Free vulnerability in multiple products
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel.
local
low complexity
google debian canonical netapp huawei CWE-416
7.8
2019-09-30 CVE-2019-16995 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.
network
low complexity
linux opensuse netapp CWE-772
7.8
2019-09-20 CVE-2019-14816 Heap-based Buffer Overflow vulnerability in multiple products
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
7.8
2019-09-20 CVE-2019-14814 Heap-based Buffer Overflow vulnerability in multiple products
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
7.8
2019-09-19 CVE-2019-14821 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation.
8.8
2019-09-17 CVE-2019-14835 Classic Buffer Overflow vulnerability in multiple products
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration.
7.8