Vulnerabilities (CVE)

Filtered by vendor Netapp Subscribe
Filtered by product H300s
Total 289 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-20322 5 Debian, Fedoraproject, Linux and 2 more 32 Debian Linux, Fedora, Linux Kernel and 29 more 2024-11-21 5.8 MEDIUM 7.4 HIGH
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.
CVE-2020-8835 4 Canonical, Fedoraproject, Linux and 1 more 47 Ubuntu Linux, Fedora, Linux Kernel and 44 more 2024-11-21 7.2 HIGH 7.8 HIGH
In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)
CVE-2020-8832 2 Canonical, Netapp 60 Ubuntu Linux, Aff 8300, Aff 8300 Firmware and 57 more 2024-11-21 2.1 LOW 5.5 MEDIUM
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
CVE-2020-7595 7 Canonical, Debian, Fedoraproject and 4 more 32 Ubuntu Linux, Debian Linux, Fedora and 29 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
CVE-2020-36516 2 Linux, Netapp 29 Linux Kernel, Bootstrap Os, Cloud Volumes Ontap Mediator and 26 more 2024-11-21 4.9 MEDIUM 5.9 MEDIUM
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2020-36387 2 Linux, Netapp 17 Linux Kernel, H300e, H300e Firmware and 14 more 2024-11-21 7.2 HIGH 7.8 HIGH
An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.
CVE-2020-36385 3 Linux, Netapp, Starwindsoftware 19 Linux Kernel, H300e, H300e Firmware and 16 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2020-35519 2 Linux, Netapp 20 Linux Kernel, Cloud Backup, H300e and 17 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-35508 3 Linux, Netapp, Redhat 33 Linux Kernel, A700s, A700s Firmware and 30 more 2024-11-21 4.4 MEDIUM 4.5 MEDIUM
A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process.
CVE-2020-28097 2 Linux, Netapp 18 Linux Kernel, Cloud Backup, H300e and 15 more 2024-11-21 3.6 LOW 5.9 MEDIUM
The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85.
CVE-2020-27815 3 Debian, Linux, Netapp 22 Debian Linux, Linux Kernel, Aff A250 and 19 more 2024-11-21 6.1 MEDIUM 7.8 HIGH
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-27618 4 Debian, Gnu, Netapp and 1 more 24 Debian Linux, Glibc, 500f and 21 more 2024-11-21 2.1 LOW 5.5 MEDIUM
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.
CVE-2020-25673 3 Fedoraproject, Linux, Netapp 22 Fedora, Linux Kernel, Active Iq Unified Manager and 19 more 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
CVE-2020-25672 4 Debian, Fedoraproject, Linux and 1 more 23 Debian Linux, Fedora, Linux Kernel and 20 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
A memory leak vulnerability was found in Linux kernel in llcp_sock_connect
CVE-2020-25671 4 Debian, Fedoraproject, Linux and 1 more 23 Debian Linux, Fedora, Linux Kernel and 20 more 2024-11-21 7.2 HIGH 7.8 HIGH
A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.
CVE-2020-25670 4 Debian, Fedoraproject, Linux and 1 more 23 Debian Linux, Fedora, Linux Kernel and 20 more 2024-11-21 7.2 HIGH 7.8 HIGH
A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.
CVE-2020-25669 3 Debian, Linux, Netapp 21 Debian Linux, Linux Kernel, Cloud Backup and 18 more 2024-11-21 7.2 HIGH 7.8 HIGH
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.
CVE-2020-25668 3 Debian, Linux, Netapp 26 Debian Linux, Linux Kernel, 500f and 23 more 2024-11-21 6.9 MEDIUM 7.0 HIGH
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
CVE-2020-15025 4 Netapp, Ntp, Opensuse and 1 more 27 8300, 8300 Firmware, 8700 and 24 more 2024-11-21 4.0 MEDIUM 4.4 MEDIUM
ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.
CVE-2020-14155 6 Apple, Gitlab, Netapp and 3 more 20 Macos, Gitlab, Active Iq Unified Manager and 17 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.