H700S Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-30	CVE-2023-27538	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. local low complexity haxx fedoraproject debian netapp broadcom splunk CWE-287	5.5
2023-03-27	CVE-2023-1077	Type Confusion vulnerability in multiple products In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. local high complexity linux debian netapp CWE-843	7.0
2023-03-27	CVE-2023-1380	Out-of-bounds Read vulnerability in multiple products A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. local low complexity redhat linux netapp debian canonical CWE-125	7.1
2023-02-25	CVE-2023-26545	Double Free vulnerability in multiple products In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. local high complexity linux netapp CWE-415	4.7
2023-02-23	CVE-2023-23914	Cleartext Transmission of Sensitive Information vulnerability in multiple products A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. network low complexity haxx netapp splunk CWE-319 critical	9.1
2023-02-23	CVE-2023-23915	Cleartext Transmission of Sensitive Information vulnerability in multiple products A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. network low complexity haxx netapp splunk CWE-319	6.5
2023-02-23	CVE-2023-23916	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. network low complexity haxx fedoraproject debian netapp splunk CWE-770	6.5
2022-12-18	CVE-2022-47518	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 6.0.11. local low complexity linux debian netapp CWE-787	7.8
2022-12-18	CVE-2022-47519	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 6.0.11. local low complexity linux debian netapp CWE-787	7.8
2022-12-18	CVE-2022-47520	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 6.0.11. local low complexity linux debian netapp CWE-125	7.1