Vulnerabilities > Netapp > H700S Firmware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-18 | CVE-2021-20322 | Use of Insufficiently Random Values vulnerability in multiple products A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. | 7.4 |
2022-02-18 | CVE-2021-4090 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. | 7.1 |
2022-02-18 | CVE-2022-0646 | Use After Free vulnerability in multiple products A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device. | 7.8 |
2022-02-16 | CVE-2022-25265 | Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). | 7.8 |
2022-02-16 | CVE-2021-3752 | Race Condition vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. | 7.1 |
2022-02-16 | CVE-2021-3760 | Use After Free vulnerability in multiple products A flaw was found in the Linux kernel. | 7.8 |
2022-02-11 | CVE-2022-0185 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. | 8.4 |
2022-02-11 | CVE-2022-24958 | Release of Invalid Pointer or Reference vulnerability in multiple products drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. | 7.8 |
2022-01-29 | CVE-2022-24122 | Use After Free vulnerability in multiple products kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. | 7.8 |
2022-01-26 | CVE-2021-22600 | Double Free vulnerability in multiple products A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. | 7.0 |