VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Netapp
>
H500S Firmware
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-11-17
CVE-2021-43976
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
low complexity
linux
fedoraproject
debian
netapp
oracle
4.6
4.6
2021-11-15
CVE-2021-42373
NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given
local
low complexity
busybox
fedoraproject
netapp
CWE-476
5.5
5.5
2021-11-15
CVE-2021-42374
Out-of-bounds Read vulnerability in multiple products
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed.
local
high complexity
busybox
fedoraproject
netapp
CWE-125
5.3
5.3
2021-11-15
CVE-2021-42375
An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters.
local
low complexity
busybox
fedoraproject
netapp
5.5
5.5
2021-11-15
CVE-2021-42376
NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character.
local
low complexity
busybox
fedoraproject
netapp
CWE-476
5.5
5.5
2021-11-02
CVE-2017-5123
Improper Input Validation vulnerability in multiple products
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.
local
low complexity
linux
netapp
CWE-20
4.6
4.6
2021-10-27
CVE-2021-25219
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance.
network
low complexity
isc
debian
fedoraproject
netapp
siemens
oracle
5.3
5.3
2021-10-26
CVE-2021-41182
Cross-site Scripting vulnerability in multiple products
jQuery-UI is the official jQuery user interface library.
network
low complexity
jqueryui
fedoraproject
netapp
debian
drupal
oracle
tenable
CWE-79
6.1
6.1
2021-10-26
CVE-2021-41183
Cross-site Scripting vulnerability in multiple products
jQuery-UI is the official jQuery user interface library.
network
low complexity
jqueryui
fedoraproject
netapp
debian
drupal
oracle
tenable
CWE-79
6.1
6.1
2021-10-26
CVE-2021-41184
Cross-site Scripting vulnerability in multiple products
jQuery-UI is the official jQuery user interface library.
network
low complexity
jqueryui
fedoraproject
netapp
drupal
tenable
oracle
CWE-79
6.1
6.1
«
Previous
1
2
...
4
5
6
(current)
7
8
...
9
10
»
Next