Vulnerabilities (CVE)

Vendor filter

Netapp Subscribe

Product filter

Active Iq Performance Analytics Services Subscribe

Filter

14 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-16597 3 Linux, Netapp, Opensuse 4 Linux Kernel, Active Iq Performance Analytics Services, Element Software and 1 more 2019-07-22 4.9
An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.
CVE-2019-9948 3 Python, Netapp, Opensuse 3 Python, Active Iq Performance Analytics Services, Leap 2019-06-19 6.4
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.
CVE-2019-7221 7 Fedoraproject, Linux, Opensuse and 4 more 16 Fedora, Linux Kernel, Leap and 13 more 2019-06-15 4.6
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
CVE-2019-6454 7 Freedesktop, Netapp, Canonical and 4 more 12 Systemd, Active Iq Performance Analytics Services, Ubuntu Linux and 9 more 2019-06-04 4.9
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can...
CVE-2019-5489 2 Linux, Netapp 3 Linux Kernel, Active Iq Performance Analytics Services, Element Software Management Node 2019-05-31 2.1
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing...
CVE-2018-16866 4 Freedesktop, Canonical, Debian and 1 more 5 Systemd, Ubuntu Linux, Debian Linux and 2 more 2019-05-13 2.1
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
CVE-2019-7222 6 Debian, Fedoraproject, Linux and 3 more 7 Debian Linux, Fedora, Linux Kernel and 4 more 2019-05-13 2.1
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
CVE-2018-16888 3 Freedesktop, Netapp, Redhat 4 Systemd, Active Iq Performance Analytics Services, Element Software and 1 more 2019-05-10 1.9
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to...
CVE-2018-19985 3 Debian, Linux, Netapp 4 Debian Linux, Linux Kernel, Active Iq Performance Analytics Services and 1 more 2019-05-09 2.1
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows...
CVE-2018-19039 3 Netapp, Redhat, Grafana 7 Active Iq Performance Analytics Services, Storagegrid Webscale Nas Bridge, Enterprise Linux Desktop and 4 more 2019-05-02 4.0
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
CVE-2018-12099 2 Grafana, Netapp 3 Grafana, Active Iq Performance Analytics Services, Storagegrid Webscale Nas Bridge 2019-04-29 4.3
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
CVE-2019-7612 1 Netapp 1 Active Iq Performance Analytics Services 2019-04-24 5.0
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged...
CVE-2018-14634 4 Canonical, Linux, Redhat and 1 more 9 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 6 more 2019-03-21 7.2
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions...
CVE-2018-17182 4 Canonical, Debian, Linux and 1 more 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more 2019-03-05 7.2
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread...