Latest netapp a250 Vulnerabilities

CVE-2023-25136
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote at...
Openssh Openssh=9.1
Fedoraproject Fedora=37
Fedoraproject Fedora=38
NetApp ONTAP Select Deploy administration utility
Netapp A250 Firmware
Netapp A250
and 11 more
CVE-2022-1343
The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a succe...
redhat/openssl<1:3.0.1-41.el9_0
OpenSSL OpenSSL>=3.0.0<3.0.3
Netapp Active Iq Unified Manager
NetApp Clustered Data ONTAP
Netapp Clustered Data Ontap Antivirus Connector
Netapp Santricity Smi-s Provider
and 79 more
CVE-2022-1434
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing...
OpenSSL OpenSSL>=3.0.0<3.0.3
Netapp Active Iq Unified Manager
NetApp Clustered Data ONTAP
Netapp Clustered Data Ontap Antivirus Connector
Netapp Santricity Smi-s Provider
Netapp Smi-s Provider
and 77 more
CVE-2022-1473
A memory leak flaw was found in OpenSSL, resulting in TLS servers and clients being halted by out-of-memory conditions, leading to a denial of service. An attacker needs to repeat actions continuously...
rust/openssl-src>=300.0.0<300.0.6
redhat/openssl<1:3.0.1-41.el9_0
OpenSSL OpenSSL>=3.0.0<3.0.3
Netapp Active Iq Unified Manager
NetApp Clustered Data ONTAP
Netapp Clustered Data Ontap Antivirus Connector
and 80 more
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. O...
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el8
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el7
redhat/openssl<1:1.1.1k-7.el8_6
redhat/openssl<1:3.0.1-41.el9_0
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el7
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el8
and 108 more
CVE-2022-0778
A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of t...
redhat/jbcs-httpd24-apr-util<0:1.6.1-91.el8
redhat/jbcs-httpd24-curl<0:7.78.0-3.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-80.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-41.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-11.el8
redhat/jbcs-httpd24-openssl-chil<0:1.0.0-11.el8
and 84 more
CVE-2021-4044
Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (f...
rust/openssl-src>=300.0.0<300.0.4
OpenSSL OpenSSL<1.0.2
OpenSSL OpenSSL=1.1.0
OpenSSL OpenSSL=3.0.0
Netapp Cloud Backup
Netapp E-series Performance Analyzer
and 27 more
CVE-2021-31879
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
GNU Wget<=1.21.1
Broadcom Brocade Fabric Operating System Firmware
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
Netapp A250 Firmware
Netapp A250
and 2 more
CVE-2021-25215
In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of th...
debian/bind9<=1:9.11.5.P4+dfsg-5.1+deb10u3<=1:9.11.5.P4+dfsg-5.1<=1:9.16.13-1
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
debian/bind9
Debian Debian Linux=9.0
and 47 more
CVE-2021-28952
An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c...
Linux Linux kernel<=5.11.8
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Netapp Cloud Backup
Netapp A250 Firmware
and 93 more
CVE-2021-28951
An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concur...
Linux Linux kernel<=5.11.8
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Netapp A250 Firmware
Netapp A250
and 83 more
CVE-2020-27618
GNU C Library (aka glibc or libc6) is vulnerable to a denial of service, caused by an error when processing some invalid inputs from several IBM character sets in the iconv function. By sending invali...
IBM Security Verify Access<=10.0.0
GNU glibc<=2.32
NetApp ONTAP Select Deploy administration utility
Netapp A250 Firmware
Netapp A250
Netapp 500f Firmware
and 44 more
CVE-2020-8625
ISC BIND TKEY Query Heap-based Buffer Overflow Remote Code Execution Vulnerability
debian/bind9
debian/bind9<=1:9.11.5.P4+dfsg-5.1+deb10u2<=1:9.11.5.P4+dfsg-5.1<=1:9.16.11-2
ISC BIND
ISC BIND>=9.5.0<=9.11.27
ISC BIND>=9.12.0<=9.16.11
ISC BIND=9.11.3-s1
and 25 more
CVE-2021-26708
A flaw was found in the Linux kernel. Wrong locking in the AF_VSOCK socket can cause a local privilege escalation, bypassing SMEP and SMAP. The highest threat from this vulnerability is to data confid...
redhat/kernel-rt<0:4.18.0-240.22.1.rt7.77.el8_3
redhat/kernel<0:4.18.0-240.22.1.el8_3
Linux Linux kernel>=5.5<5.10.13
Netapp Aff Baseboard Management Controller
Netapp Cloud Backup
Netapp Fas Baseboard Management Controller
and 10 more
CVE-2019-25013
GNU glibc is vulnerable to a denial of service, caused by a buffer over-read in iconv feature. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a SIG...
IBM Security Verify Access<=10.0.0
GNU glibc<=2.32
Fedoraproject Fedora=32
Fedoraproject Fedora=33
NetApp ONTAP Select Deploy administration utility
NetApp Service Processor
and 18 more
CVE-2020-29374
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly c...
Google Android
ubuntu/linux<4.15.0-136.140
ubuntu/linux<5.4.0-45.49
ubuntu/linux<5.8~
ubuntu/linux<4.4.0-203.235
ubuntu/linux-aws<4.15.0-1094.101
and 102 more
CVE-2020-25668
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
ubuntu/linux<4.15.0-129.132
ubuntu/linux<5.4.0-59.65
ubuntu/linux<5.8.0-44.50
ubuntu/linux<5.10~
ubuntu/linux<4.4.0-198.230
ubuntu/linux-aws<4.15.0-1091.96
and 166 more
CVE-2020-14305
An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated ...
redhat/kernel-rt<0:3.10.0-1160.rt56.1131.el7
redhat/kernel<0:3.10.0-1160.el7
Linux Linux kernel<=4.11.12
Linux Linux kernel=4.12
Netapp Cloud Backup
Netapp A250 Firmware
and 9 more
CVE-2020-15436
A use-after-free flaw was observed in blkdev_get(), in fs/block_dev.c after a call to __blkdev_get() fails, and its refcount gets freed/released. This problem may cause a denial of service problem wit...
redhat/kernel-rt<0:3.10.0-1160.15.2.rt56.1152.el7
redhat/kernel<0:3.10.0-1160.15.2.el7
redhat/kernel-alt<0:4.14.0-115.35.1.el7a
redhat/kernel<0:3.10.0-957.72.1.el7
redhat/kernel<0:3.10.0-1062.51.1.el7
Google Android
and 150 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203