Vulnerabilities > Netapp > H500E Firmware > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-03 | CVE-2022-1292 | OS Command Injection vulnerability in multiple products The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. | 9.8 |
2021-11-15 | CVE-2021-42377 | Release of Invalid Pointer or Reference vulnerability in multiple products An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. | 9.8 |
2021-11-02 | CVE-2021-43267 | Improper Validation of Specified Quantity in Input vulnerability in multiple products An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. | 9.8 |
2021-09-23 | CVE-2021-22945 | Double Free vulnerability in multiple products When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*. | 9.1 |
2021-05-25 | CVE-2021-33574 | Use After Free vulnerability in multiple products The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. | 9.8 |