Vulnerabilities > Netapp > Cn1610 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-14 | CVE-2019-10126 | Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in the Linux kernel. | 9.8 |
| 2019-06-03 | CVE-2019-12615 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. | 7.5 |
| 2019-06-03 | CVE-2019-3846 | Heap-based Buffer Overflow vulnerability in multiple products A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. | 8.8 |
| 2019-05-17 | CVE-2018-20839 | systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. | 4.3 |
| 2019-05-08 | CVE-2019-11815 | Race Condition vulnerability in multiple products An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. | 9.3 |
| 2019-04-26 | CVE-2019-3844 | Privilege Chaining vulnerability in multiple products It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. | 7.8 |
| 2019-04-26 | CVE-2019-3843 | Improper Privilege Management vulnerability in multiple products It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. | 7.8 |
| 2019-04-25 | CVE-2019-3900 | Infinite Loop vulnerability in multiple products An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). | 7.7 |
| 2019-04-24 | CVE-2019-3882 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. | 5.5 |
| 2019-04-22 | CVE-2019-3901 | Improper Locking vulnerability in multiple products A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. | 4.7 |