Vulnerabilities > Netapp > Active IQ Performance Analytics Services

DATE CVE VULNERABILITY TITLE RISK
2019-09-04 CVE-2019-15902 Information Exposure vulnerability in multiple products
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11.
local
high complexity
linux debian opensuse netapp CWE-200
5.6
2019-08-16 CVE-2019-15098 NULL Pointer Dereference vulnerability in multiple products
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
4.6
2019-07-26 CVE-2018-20855 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.18.7.
local
low complexity
linux opensuse netapp CWE-119
3.3
2019-03-25 CVE-2019-7612 Information Exposure Through Log Files vulnerability in multiple products
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs.
network
low complexity
elastic netapp CWE-532
critical
9.8
2019-03-21 CVE-2019-7222 The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. 5.5
2019-03-21 CVE-2019-7221 Use After Free vulnerability in multiple products
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
7.8
2019-03-21 CVE-2019-6454 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in sd-bus in systemd 239.
5.5
2019-03-21 CVE-2018-19985 Out-of-bounds Read vulnerability in multiple products
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
low complexity
linux debian netapp CWE-125
4.6
2019-01-14 CVE-2018-16888 Improper Privilege Management vulnerability in multiple products
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes.
4.7
2019-01-11 CVE-2018-16866 An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. 3.3