Vulnerabilities > Netapp > Solidfire Baseboard Management Controller Firmware

DATE CVE VULNERABILITY TITLE RISK
2019-11-18 CVE-2019-19044 Memory Leak vulnerability in multiple products
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.
network
low complexity
linux netapp broadcom canonical CWE-401
7.5
2019-11-14 CVE-2019-14591 Improper Input Validation vulnerability in multiple products
Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel netapp CWE-20
5.5
2019-11-14 CVE-2019-14590 Improper Privilege Management vulnerability in multiple products
Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel netapp CWE-269
5.5
2019-11-14 CVE-2019-14574 Out-of-bounds Read vulnerability in multiple products
Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel netapp CWE-125
5.5
2019-11-14 CVE-2019-11113 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access.
local
low complexity
intel netapp CWE-119
4.4
2019-11-14 CVE-2019-11111 NULL Pointer Dereference vulnerability in multiple products
Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp CWE-476
7.8
2019-11-14 CVE-2019-11089 Improper Input Validation vulnerability in multiple products
Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel netapp CWE-20
5.5
2019-10-11 CVE-2019-2215 Use After Free vulnerability in multiple products
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel.
local
low complexity
google debian canonical netapp huawei CWE-416
7.8
2019-09-16 CVE-2019-5481 Double Free vulnerability in multiple products
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
network
low complexity
haxx fedoraproject netapp oracle debian opensuse CWE-415
critical
9.8
2019-08-16 CVE-2019-15118 Uncontrolled Recursion vulnerability in multiple products
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
local
low complexity
linux canonical debian opensuse netapp CWE-674
5.5