Vulnerabilities > Netapp > H700S Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-03-04 CVE-2021-3743 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel.
local
low complexity
linux fedoraproject netapp oracle CWE-125
7.1
2022-03-03 CVE-2021-3640 Race Condition vulnerability in multiple products
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page.
7.0
2022-03-03 CVE-2021-3609 Race Condition vulnerability in multiple products
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges.
local
high complexity
linux redhat netapp CWE-362
7.0
2022-02-26 CVE-2022-23308 Use After Free vulnerability in multiple products
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
7.5
2022-02-18 CVE-2021-20322 Use of Insufficiently Random Values vulnerability in multiple products
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports.
network
high complexity
linux fedoraproject debian netapp oracle CWE-330
7.4
2022-02-18 CVE-2021-4090 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel.
local
low complexity
linux netapp CWE-787
7.1
2022-02-18 CVE-2022-0646 Use After Free vulnerability in multiple products
A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device.
local
low complexity
linux netapp CWE-416
7.8
2022-02-16 CVE-2022-25265 Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20).
local
low complexity
linux netapp CWE-913
7.8
2022-02-16 CVE-2021-3752 Race Condition vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition.
7.1
2022-02-16 CVE-2021-3760 Use After Free vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux fedoraproject debian netapp CWE-416
7.8