Vulnerabilities > Netapp > H500S Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-25 | CVE-2022-1678 | An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. | 7.5 |
| 2022-05-19 | CVE-2022-1183 | Reachable Assertion vulnerability in multiple products On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. | 7.5 |
| 2022-05-18 | CVE-2022-1734 | Use After Free vulnerability in multiple products A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine. | 7.0 |
| 2022-05-17 | CVE-2022-1116 | Integer Overflow or Wraparound vulnerability in multiple products Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. | 7.8 |
| 2022-05-17 | CVE-2022-29581 | Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. | 7.8 |
| 2022-05-16 | CVE-2022-1586 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. | 9.1 |
| 2022-05-16 | CVE-2022-1587 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. | 9.1 |
| 2022-05-16 | CVE-2022-1679 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. | 7.8 |
| 2022-05-12 | CVE-2022-30594 | Missing Authorization vulnerability in multiple products The Linux kernel before 5.17.2 mishandles seccomp permissions. | 7.8 |
| 2022-05-04 | CVE-2022-29155 | SQL Injection vulnerability in multiple products In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. | 9.8 |