Vulnerabilities > Netapp > Fas2720 Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-10 | CVE-2020-8832 | Information Exposure vulnerability in multiple products The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. | 5.5 |
2020-04-02 | CVE-2020-8835 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. | 7.8 |
2019-10-11 | CVE-2019-2215 | Use After Free vulnerability in multiple products A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. | 7.8 |
2019-09-20 | CVE-2019-14816 | Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | 7.8 |
2019-09-20 | CVE-2019-14814 | Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | 7.8 |
2019-02-27 | CVE-2019-1559 | Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. | 5.9 |