Vulnerabilities > Netapp > H500S Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-29 | CVE-2022-36123 | The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). | 7.8 |
2022-07-27 | CVE-2022-36879 | An issue was discovered in the Linux kernel through 5.18.14. | 5.5 |
2022-07-26 | CVE-2022-1671 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. | 7.1 |
2022-07-20 | CVE-2022-31160 | jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. | 6.1 |
2022-07-07 | CVE-2022-32205 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. | 4.3 |
2022-07-07 | CVE-2022-32206 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. | 6.5 |
2022-07-07 | CVE-2022-32207 | Incorrect Default Permissions vulnerability in multiple products When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended. | 9.8 |
2022-07-07 | CVE-2022-32208 | Out-of-bounds Write vulnerability in multiple products When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. | 5.9 |
2022-07-06 | CVE-2022-2318 | There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. | 5.5 |
2022-07-05 | CVE-2022-2097 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. | 5.3 |