Filtered by vendor Netapp Subscriptions
Filtered by product H410c Subscriptions
Total 231 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-25671 4 Debian, Fedoraproject, Linux and 1 more 23 Debian Linux, Fedora, Linux Kernel and 20 more 2024-11-21 7.8 High
A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.
CVE-2020-25670 4 Debian, Fedoraproject, Linux and 1 more 23 Debian Linux, Fedora, Linux Kernel and 20 more 2024-11-21 7.8 High
A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.
CVE-2020-25669 3 Debian, Linux, Netapp 21 Debian Linux, Linux Kernel, Cloud Backup and 18 more 2024-11-21 7.8 High
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.
CVE-2020-25668 3 Debian, Linux, Netapp 26 Debian Linux, Linux Kernel, 500f and 23 more 2024-11-21 7.0 High
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
CVE-2020-25643 6 Debian, Linux, Netapp and 3 more 8 Debian Linux, Linux Kernel, H410c and 5 more 2024-11-21 7.2 High
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-1752 5 Canonical, Debian, Gnu and 2 more 10 Ubuntu Linux, Debian Linux, Glibc and 7 more 2024-11-21 7 High
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.
CVE-2020-16166 8 Canonical, Debian, Fedoraproject and 5 more 18 Ubuntu Linux, Debian Linux, Fedora and 15 more 2024-11-21 3.7 Low
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.
CVE-2020-15436 4 Broadcom, Linux, Netapp and 1 more 37 Brocade Fabric Operating System Firmware, Linux Kernel, A250 and 34 more 2024-11-21 6.7 Medium
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
CVE-2020-15025 4 Netapp, Ntp, Opensuse and 1 more 27 8300, 8300 Firmware, 8700 and 24 more 2024-11-21 4.4 Medium
ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.
CVE-2020-14155 7 Apple, Gitlab, Netapp and 4 more 22 Macos, Gitlab, Active Iq Unified Manager and 19 more 2024-11-21 5.3 Medium
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
CVE-2020-13817 5 Fujitsu, Netapp, Ntp and 2 more 41 M10-1, M10-1 Firmware, M10-4 and 38 more 2024-11-21 7.4 High
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.
CVE-2020-13143 5 Canonical, Debian, Linux and 2 more 38 Ubuntu Linux, Debian Linux, Linux Kernel and 35 more 2024-11-21 6.5 Medium
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.
CVE-2020-12888 7 Canonical, Debian, Fedoraproject and 4 more 45 Ubuntu Linux, Debian Linux, Fedora and 42 more 2024-11-21 5.3 Medium
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
CVE-2020-12771 6 Canonical, Debian, Linux and 3 more 37 Ubuntu Linux, Debian Linux, Linux Kernel and 34 more 2024-11-21 5.5 Medium
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
CVE-2020-12770 6 Canonical, Debian, Fedoraproject and 3 more 42 Ubuntu Linux, Debian Linux, Fedora and 39 more 2024-11-21 6.7 Medium
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
CVE-2020-12769 5 Canonical, Debian, Linux and 2 more 36 Ubuntu Linux, Debian Linux, Linux Kernel and 33 more 2024-11-21 5.5 Medium
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.
CVE-2020-12653 5 Debian, Linux, Netapp and 2 more 42 Debian Linux, Linux Kernel, A700s and 39 more 2024-11-21 7.8 High
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.
CVE-2020-12243 9 Apple, Broadcom, Canonical and 6 more 28 Mac Os X, Brocade Fabric Operating System, Ubuntu Linux and 25 more 2024-11-21 7.5 High
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).
CVE-2020-11884 6 Canonical, Debian, Fedoraproject and 3 more 38 Ubuntu Linux, Debian Linux, Fedora and 35 more 2024-11-21 7.0 High
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur.
CVE-2020-11023 8 Debian, Drupal, Fedoraproject and 5 more 65 Debian Linux, Drupal, Fedora and 62 more 2024-11-21 6.9 Medium
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.