Vulnerabilities > Netapp > Active IQ Unified Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-08-19 CVE-2019-15213 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.2.3.
low complexity
linux netapp opensuse CWE-416
4.6
2019-08-19 CVE-2019-15212 Double Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.1.8.
4.6
2019-08-19 CVE-2019-15211 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.2.6.
4.6
2019-08-16 CVE-2019-15118 Uncontrolled Recursion vulnerability in multiple products
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
local
low complexity
linux canonical debian opensuse netapp CWE-674
5.5
2019-08-16 CVE-2019-15098 NULL Pointer Dereference vulnerability in multiple products
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
4.6
2019-07-01 CVE-2019-13118 Type Confusion vulnerability in multiple products
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
5.3
2019-02-27 CVE-2019-1559 Information Exposure Through Discrepancy vulnerability in multiple products
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC.
5.9
2019-02-04 CVE-2019-7317 Use After Free vulnerability in multiple products
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
5.3
2019-01-16 CVE-2019-2510 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle mariadb redhat netapp canonical
4.9
2019-01-16 CVE-2019-2503 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). 6.4