Vulnerabilities > Netapp > Solidfire > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-22 | CVE-2019-3901 | Improper Locking vulnerability in multiple products A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. | 4.7 |
| 2019-03-25 | CVE-2019-3874 | Resource Exhaustion vulnerability in multiple products The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. | 6.5 |
| 2019-02-27 | CVE-2019-1559 | Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. | 5.9 |
| 2019-02-25 | CVE-2019-9162 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. | 4.6 |
| 2019-02-24 | CVE-2019-9075 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. | 6.8 |
| 2019-02-24 | CVE-2019-9074 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. | 4.3 |
| 2019-02-24 | CVE-2019-9073 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. | 4.3 |
| 2019-02-24 | CVE-2019-9072 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. | 4.3 |
| 2019-02-24 | CVE-2019-9071 | Uncontrolled Recursion vulnerability in multiple products An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. | 4.3 |
| 2018-03-06 | CVE-2018-7185 | The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. | 5.0 |