Netapp Snapprotect
18 CVEs affecting Netapp Snapprotect. Latest disclosed: 2019-05-17. Critical: 1, High: 12.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-10125 | Critical | 9.8 | 2019-03-27 | An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggere… |
CVE-2019-11815 | High | 8.1 | 2019-05-08 | An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related… |
CVE-2018-20836 | High | 8.1 | 2019-05-07 | An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expand… |
CVE-2015-8960 | High | 8.1 | 2016-09-21 | The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not di… |
CVE-2019-3844 | High | 7.8 | 2019-04-26 | It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to cre… |
CVE-2019-3843 | High | 7.8 | 2019-04-26 | It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID… |
CVE-2018-20669 | High | 7.8 | 2019-03-21 | An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in… |
CVE-2019-9162 | High | 7.8 | 2019-02-25 | In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index… |
CVE-2018-14634 | High | 7.8 | 2018-09-25 | An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged)… |
CVE-2019-3900 | High | 7.7 | 2019-04-25 | An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). I… |
CVE-2019-9003 | High | 7.5 | 2019-02-22 | In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous ex… |
CVE-2019-11486 | High | 7.0 | 2019-04-23 | The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions. |
CVE-2016-5195 | High | 7.0 | 2016-11-10 | Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on… |
CVE-2019-3874 | Medium | 6.5 | 2019-03-25 | The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service at… |
CVE-2019-1559 | Medium | 5.9 | 2019-02-27 | If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can… |
CVE-2019-3882 | Medium | 5.5 | 2019-04-24 | A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio d… |
CVE-2019-3901 | Medium | 4.7 | 2019-04-22 | A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mu… |
CVE-2018-20839 | Medium | 4.3 | 2019-05-17 | systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or us… |