Active IQ Unified Manager

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-25	CVE-2019-10184	Missing Authorization vulnerability in multiple products undertow before version 2.0.23.Final is vulnerable to an information leak issue. network low complexity redhat netapp CWE-862	5.0
2019-07-17	CVE-2019-13272	In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). local low complexity linux debian fedoraproject canonical redhat netapp	7.8
2019-07-10	CVE-2017-12652	Improper Input Validation vulnerability in multiple products libpng before 1.6.32 does not properly check the length of chunks against the user limit. network low complexity libpng netapp CWE-20 critical	9.8
2019-07-10	CVE-2018-14550	Out-of-bounds Write vulnerability in multiple products An issue has been found in third-party PNM decoding associated with libpng 1.6.35. network low complexity libpng oracle netapp CWE-787	8.8
2019-07-01	CVE-2019-13118	Type Confusion vulnerability in multiple products In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. network low complexity xmlsoft opensuse netapp oracle fedoraproject canonical apple CWE-843	5.3
2019-06-14	CVE-2019-10126	Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in the Linux kernel. network low complexity linux redhat canonical debian opensuse netapp CWE-122 critical	9.8
2019-06-12	CVE-2019-3888	Information Exposure Through Log Files vulnerability in multiple products A vulnerability was found in Undertow web server before 2.0.21. network low complexity redhat netapp CWE-532	5.0
2019-06-03	CVE-2019-12615	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. network low complexity linux netapp CWE-476	7.5
2019-05-08	CVE-2019-11815	Race Condition vulnerability in multiple products An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. network linux canonical debian opensuse netapp CWE-362 critical	9.3
2019-05-07	CVE-2018-20836	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 4.20. network high complexity linux canonical debian f5 netapp opensuse CWE-416	8.1