Vulnerabilities > Netapp > H500S Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-10-16 CVE-2023-40791 extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page.
local
high complexity
linux netapp
6.3
2023-09-18 CVE-2023-4527 Out-of-bounds Read vulnerability in multiple products
A flaw was found in glibc.
network
high complexity
gnu redhat fedoraproject netapp CWE-125
6.5
2023-09-12 CVE-2023-4813 Use After Free vulnerability in multiple products
A flaw was found in glibc.
network
high complexity
gnu redhat fedoraproject netapp CWE-416
5.9
2023-08-09 CVE-2023-4273 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the exFAT driver of the Linux kernel.
6.7
2023-06-23 CVE-2023-3212 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel.
4.4
2023-05-26 CVE-2023-2898 NULL Pointer Dereference vulnerability in multiple products
There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel.
local
high complexity
linux debian netapp CWE-476
4.7
2023-05-26 CVE-2023-28320 Resource Exhaustion vulnerability in multiple products
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time.
network
high complexity
haxx apple netapp CWE-400
5.9
2023-05-26 CVE-2023-28321 Improper Certificate Validation vulnerability in multiple products
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates.
network
high complexity
haxx debian fedoraproject netapp apple CWE-295
5.9
2023-05-21 CVE-2023-33250 Use After Free vulnerability in multiple products
The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c.
local
low complexity
linux netapp CWE-416
4.4
2023-04-25 CVE-2023-2269 Improper Locking vulnerability in multiple products
A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.
local
low complexity
linux fedoraproject debian netapp CWE-667
4.4