HCI Management Node

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-04	CVE-2020-10029	Out-of-bounds Write vulnerability in multiple products The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. local low complexity gnu fedoraproject canonical opensuse netapp debian CWE-787	5.5
2020-02-25	CVE-2020-9391	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. local low complexity linux fedoraproject netapp CWE-787	5.5
2020-02-25	CVE-2020-9383	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel 3.16 through 5.5.6. local low complexity linux debian opensuse canonical netapp CWE-125	7.1
2020-02-14	CVE-2020-8992	Excessive Iteration vulnerability in multiple products ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. local low complexity linux canonical opensuse netapp CWE-834	4.9
2020-01-16	CVE-2019-18282	Use of Insufficiently Random Values vulnerability in multiple products The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. network low complexity linux debian netapp CWE-330	5.0
2019-12-30	CVE-2019-20095	Memory Leak vulnerability in multiple products mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. local low complexity linux opensuse netapp CWE-401	4.9
2019-12-25	CVE-2019-19965	NULL Pointer Dereference vulnerability in multiple products In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5. local linux debian canonical netapp opensuse CWE-476	1.9
2019-12-23	CVE-2019-5108	Improper Authentication vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. low complexity linux debian canonical netapp oracle CWE-287	3.3
2019-12-17	CVE-2019-19816	Out-of-bounds Write vulnerability in multiple products In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled. local low complexity linux canonical debian netapp CWE-787	7.8
2019-12-17	CVE-2019-19813	Use After Free vulnerability in multiple products In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. network linux canonical debian netapp CWE-416	7.1