Every CVE whose affected-product data names Netapp H610s Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (62)
CVE-2019-10126 — CVSS 9.8 (critical): A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mw…
CVE-2019-18805 — CVSS 9.8 (critical): An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer…
CVE-2019-3846 — CVSS 8.8 (high): A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting…
CVE-2019-14821 — CVSS 8.8 (high): An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements…
CVE-2024-2398 — CVSS 8.6 (high): When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the…
CVE-2022-0995 — CVSS 7.8 (high): An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can…
CVE-2019-14814 — CVSS 7.8 (high): There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel…
CVE-2019-14816 — CVSS 7.8 (high): There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that…
CVE-2019-14835 — CVSS 7.8 (high): A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue…
CVE-2019-19448 — CVSS 7.8 (high): In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs…
CVE-2019-19816 — CVSS 7.8 (high): In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write…
CVE-2019-25045 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic…
CVE-2020-8835 — CVSS 7.8 (high): In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit…
CVE-2020-12653 — CVSS 7.8 (high): An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c…
CVE-2024-28757 — CVSS 7.5 (high): libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via…
CVE-2024-26461 — CVSS 7.5 (high): Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.
CVE-2019-16995 — CVSS 7.5 (high): In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port…
CVE-2019-12615 — CVSS 7.5 (high): An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked…
CVE-2019-15538 — CVSS 7.5 (high): An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp…
CVE-2021-45485 — CVSS 7.5 (high): In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a…
CVE-2024-6119 — CVSS 7.5 (high): Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an…
CVE-2019-19050 — CVSS 7.5 (high): A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause…
CVE-2019-19069 — CVSS 7.5 (high): A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause…
CVE-2022-2068 — CVSS 7.3 (high): In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not…
CVE-2024-33601 — CVSS 7.3 (high): nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc…
CVE-2021-3609 — CVSS 7.0 (high): .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to…
CVE-2019-18683 — CVSS 7.0 (high): An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on…
CVE-2020-11884 — CVSS 7.0 (high): In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code…
CVE-2021-40490 — CVSS 7.0 (high): A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
CVE-2020-12770 — CVSS 6.7 (medium): An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka…
CVE-2020-15436 — CVSS 6.7 (medium): Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of…
CVE-2019-5108 — CVSS 6.5 (medium): An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this…
CVE-2020-10690 — CVSS 6.5 (medium): There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource…
CVE-2020-13143 — CVSS 6.5 (medium): gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering…
CVE-2021-3772 — CVSS 6.5 (medium): A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the…
CVE-2024-2379 — CVSS 6.3 (medium): libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an…
CVE-2020-36516 — CVSS 5.9 (medium): An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy…
CVE-2024-33600 — CVSS 5.9 (medium): nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup…
CVE-2020-8832 — CVSS 5.5 (medium): The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context…
CVE-2019-20095 — CVSS 5.5 (medium): mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did…
CVE-2022-36879 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be…
CVE-2023-52585 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_stat…
CVE-2019-20054 — CVSS 5.5 (medium): In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to…
CVE-2024-26633 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()…
CVE-2024-26733 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown…
CVE-2024-26735 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet…
CVE-2019-19813 — CVSS 5.5 (medium): In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can…
CVE-2020-12771 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing…
CVE-2020-12769 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to…
CVE-2020-12888 — CVSS 5.3 (medium): The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
CVE-2019-18282 — CVSS 5.3 (medium): The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f…
CVE-2019-19965 — CVSS 4.7 (medium): In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port…
CVE-2020-35508 — CVSS 4.5 (medium): A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process…
CVE-2019-19318 — CVSS 4.4 (medium): In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in…
CVE-2024-11053 — CVSS 3.4 (low): When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host…
CVE-2025-0167 — CVSS 3.4 (low): When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to…
CVE-2021-36086 — CVSS 3.3 (low): The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and…