A250 Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-29	CVE-2021-25215	Reachable Assertion vulnerability in multiple products In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. network low complexity debian isc fedoraproject netapp oracle siemens CWE-617	7.5
2021-03-20	CVE-2021-28952	Classic Buffer Overflow vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.8. local low complexity linux fedoraproject netapp CWE-120	7.8
2021-03-20	CVE-2021-28951	Improper Locking vulnerability in multiple products An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. local low complexity linux fedoraproject netapp CWE-667	5.5
2021-02-26	CVE-2020-27618	Infinite Loop vulnerability in multiple products The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228. local low complexity gnu netapp oracle debian CWE-835	5.5
2021-02-17	CVE-2020-8625	Classic Buffer Overflow vulnerability in multiple products BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. network high complexity isc debian fedoraproject siemens netapp CWE-120	8.1
2021-01-04	CVE-2019-25013	Out-of-bounds Read vulnerability in multiple products The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. network high complexity gnu fedoraproject netapp broadcom debian CWE-125	5.9
2020-12-02	CVE-2020-14305	An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. network high complexity linux netapp	8.1
2020-11-28	CVE-2020-29374	Incorrect Authorization vulnerability in multiple products An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. local high complexity linux debian netapp CWE-863	3.6
2020-11-23	CVE-2020-15436	Use After Free vulnerability in multiple products Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. local low complexity linux broadcom netapp CWE-416	6.7