Vulnerabilities > Netapp > HCI Management Node
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-23 | CVE-2019-1010204 | Incorrect Conversion between Numeric Types vulnerability in multiple products GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. | 5.5 |
2019-07-17 | CVE-2019-13272 | In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). | 7.8 |
2019-06-14 | CVE-2019-10126 | Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in the Linux kernel. | 9.8 |
2019-06-03 | CVE-2019-12615 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. | 7.5 |
2019-06-03 | CVE-2019-3846 | Heap-based Buffer Overflow vulnerability in multiple products A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. | 8.8 |
2019-05-28 | CVE-2019-5436 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | 7.8 |
2019-05-08 | CVE-2019-11815 | Race Condition vulnerability in multiple products An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. | 9.3 |
2019-04-26 | CVE-2019-3844 | Privilege Chaining vulnerability in multiple products It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. | 7.8 |
2019-04-26 | CVE-2019-3843 | Improper Privilege Management vulnerability in multiple products It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. | 7.8 |
2019-04-25 | CVE-2019-3900 | Infinite Loop vulnerability in multiple products An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). | 7.7 |