Netapp Aff_a400_firmware
21 CVEs affecting Netapp Aff_a400_firmware. Latest disclosed: 2022-08-18. Critical: 1, High: 11.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-18805 | Critical | 9.8 | 2019-11-07 | An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_upd… |
CVE-2021-22555 | High | 8.3 | 2021-07-07 | A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a… |
CVE-2021-33060 | High | 7.8 | 2022-08-18 | Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local a… |
CVE-2019-25045 | High | 7.8 | 2021-06-07 | An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. |
CVE-2019-19816 | High | 7.8 | 2019-12-17 | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_b… |
CVE-2019-19448 | High | 7.8 | 2019-12-08 | In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to… |
CVE-2022-1473 | High | 7.5 | 2022-05-03 | The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This f… |
CVE-2021-45485 | High | 7.5 | 2021-12-25 | In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, alth… |
CVE-2019-19069 | High | 7.5 | 2019-11-18 | A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service… |
CVE-2019-19050 | High | 7.5 | 2019-11-18 | A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service… |
CVE-2022-2068 | High | 7.3 | 2022-06-21 | In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise she… |
CVE-2022-1292 | High | 7.3 | 2022-05-03 | The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a man… |
CVE-2020-15436 | Medium | 6.7 | 2020-11-23 | Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging… |
CVE-2022-1434 | Medium | 5.9 | 2022-05-03 | The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attack… |
CVE-2022-36879 | Medium | 5.5 | 2022-07-27 | An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. |
CVE-2020-8832 | Medium | 5.5 | 2020-04-10 | The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain I… |
CVE-2019-19813 | Medium | 5.5 | 2019-12-17 | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after… |
CVE-2022-1343 | Medium | 5.3 | 2022-05-03 | The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the r… |
CVE-2020-35508 | Medium | 4.5 | 2021-03-26 | A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling… |
CVE-2019-19318 | Medium | 4.4 | 2019-11-28 | In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in k… |