Vulnerabilities > Netapp > AFF A250 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-18 | CVE-2021-33060 | Out-of-bounds Write vulnerability in multiple products Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-07-27 | CVE-2022-36879 | An issue was discovered in the Linux kernel through 5.18.14. | 5.5 |
| 2021-09-26 | CVE-2021-41617 | sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. | 7.0 |
| 2021-09-03 | CVE-2021-40490 | Race Condition vulnerability in multiple products A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. | 7.0 |
| 2021-07-07 | CVE-2021-22555 | Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. | 4.6 |
| 2021-05-26 | CVE-2020-27815 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. | 7.8 |
| 2021-04-29 | CVE-2021-25216 | Out-of-bounds Read vulnerability in multiple products In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. | 6.8 |
| 2021-04-29 | CVE-2021-25214 | Reachable Assertion vulnerability in multiple products In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed. | 6.5 |
| 2021-03-22 | CVE-2021-28971 | Improper Handling of Exceptional Conditions vulnerability in multiple products In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. | 5.5 |
| 2021-03-22 | CVE-2021-28964 | Race Condition vulnerability in multiple products A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. | 4.7 |