Lucene search
K
NetappActive Iq Performance Analytics Services

15 matches found

CVE
CVE
added 2019/09/04 5:50 a.m.609 views

CVE-2019-15902

CVE-2019-15902 describes a backporting error that reintroduced Spectre-v1 in ptrace_get_debugreg() due to swapped lines during cherry-picking. Affected Linux kernels include 4.4.x (up to 4.4.190), 4.9.x (up to 4.9.190), 4.14.x (up to 4.14.141), 4.19.x (up to 4.19.69), and 5.2.x (up to 5.2.11). Th...

5.6CVSS6.7AI score0.00586EPSS
CVE
CVE
added 2019/03/17 6:26 p.m.493 views

CVE-2019-7221

CVE-2019-7221 is a Use-after-Free in the KVM implementation of the Linux kernel up to version 4.20.5. The vulnerability concerns KVM VMX preemption timer handling and is locally exploitable with low privileges and no user interaction, potentially affecting confidentiality, integrity, and availabi...

7.8CVSS7.5AI score0.00805EPSS
CVE
CVE
added 2019/07/26 4:39 a.m.457 views

CVE-2018-20855

CVE-2018-20855 affects Linux kernel before 4.18.7. In mlx5InfiniBand, create_qp_common (mlx5_ib_create_qp_resp) was never initialized, leaking stack memory to userspace. Upstream fix shipped with kernel 4.18.7 (commit 0625b4ba1a5d4703c7fb01c497bd6c156908af00). Mitigation: upgrade to 4.18.7+ or ap...

3.3CVSS4.8AI score0.00463EPSS
CVE
CVE
added 2019/03/17 4:38 p.m.444 views

CVE-2019-6454

CVE-2019-6454 affects systemd’s bus_process_object() which allocates a large stack buffer for the object path in D-Bus messages. A locally unprivileged user can send a crafted message to PID1, causing the stack pointer to jump past guard pages and crash systemd PID1, potentially triggering a kern...

5.5CVSS5.5AI score0.02035EPSS
CVE
CVE
added 2019/01/07 6:0 p.m.417 views

CVE-2019-5489

CVE-2019-5489 affects the Linux kernel mincore() implementation (mm/mincore.c) up to version 4.19.13. It enables a local attacker to observe page cache access patterns of other processes sharing memory, leading to potential information disclosure; the impact is described as partial confidentialit...

5.5CVSS6.4AI score0.00774EPSS
CVE
CVE
added 2019/03/17 7:48 p.m.373 views

CVE-2018-19985

CVE-2018-19985 is a Linux kernel vulnerability describing an out-of-bounds read in hso_get_config_data (drivers/net/usb/hso.c) caused by indexing an array with the device-provided if_num. This is a local, kernel-space issue that could lead to a crash. Public IBM advisories for the IBM 4769 toolki...

4.6CVSS5.9AI score0.00961EPSS
CVE
CVE
added 2019/03/17 6:52 p.m.366 views

CVE-2019-7222

The CVE-2019-7222 issue affects the KVM component of the Linux kernel up to version 4.20.5, where a vulnerability allowed information leakage by exposing uninitialized kernel stack contents to a guest. Connected documents explicitly refer to “KVM: leak of uninitialized stack contents to guest (CV...

5.5CVSS6.4AI score0.00678EPSS
CVE
CVE
added 2018/09/19 9:0 a.m.363 views

CVE-2018-17182

Summary : CVE-2018-17182 is a Linux kernel use-after-free vulnerability in the vmacache subsystem. The root cause is that the function vmacache_flush_all mishandles sequence number overflows, allowing a local attacker to trigger a use-after-free via certain thread creation/map/unmap/invalidation/...

7.8CVSS6.5AI score0.03206EPSS
CVE
CVE
added 2019/01/11 7:0 p.m.358 views

CVE-2018-16866

CVE-2018-16866 is a systemd-journald out-of-bounds read vulnerability. The flaw arises in how journald parses log messages that terminate with a colon, allowing a local attacker to disclose process memory data. Affected versions are reported as v221–v239. Public advisories and vendor notes (e.g.,...

4.3CVSS5.3AI score0.01051EPSS
CVE
CVE
added 2019/08/16 1:15 a.m.352 views

CVE-2019-15098

CVE-2019-15098 affects the Linux kernel driver ath6kl/usb.c (USB wifi driver) up to version 5.2.9. The issue is a NULL pointer dereference caused by an incomplete address in an endpoint descriptor, potentially leading to a crash or denial of service. The connected Nessus/Unity Linux advisories co...

4.9CVSS6.2AI score0.00721EPSS
CVE
CVE
added 2019/01/14 10:0 p.m.258 views

CVE-2018-16888

CVE-2018-16888 affects systemd. When a service runs as an unprivileged user, a local attacker who can write to the service’s PIDFile may trick systemd into killing other services and/or privileged processes. Vulnerable versions are those before v237. Remediation: update systemd to a fixed version...

4.7CVSS5.4AI score0.00298EPSS
CVE
CVE
added 2018/12/13 7:0 p.m.204 views

CVE-2018-19039

Grafana CVE-2018-19039 affects Grafana before 4.6.5 and 5.x before 5.3.3, allowing remote authenticated users with Editor or Admin perms to read arbitrary files. Root cause is a file-read exposure via dashboards/editors. Upgrading to Grafana 4.6.5 or 5.3.3+ mitigates the issue; check vendor advis...

6.5CVSS6.3AI score0.0728EPSS
CVE
CVE
added 2019/03/25 6:34 p.m.161 views

CVE-2019-7612

CVE-2019-7612 affects Logstash: versions before 5.6.15 and 6.6.1 are vulnerable to a sensitive data disclosure where credentials used in a URL can be logged in error messages due to malformed URL logging. Root cause: improper handling of URL logging in Logstash configuration. Impact: potential ex...

9.8CVSS9.1AI score0.02407EPSS
CVE
CVE
added 2018/06/11 11:0 a.m.156 views

CVE-2018-12099

Grafana prior to 5.2.0-beta1 is affected by XSS in dashboard links (CVE-2018-12099). The issue stems from an incomplete fix, with later Nessus entries noting unpatched vectors in Grafana 5.3.1 related to this CVE. Remediation: upgrade to Grafana 5.2.0-beta1 or newer where the fix is included.

6.1CVSS5.9AI score0.02073EPSS
CVE
CVE
added 2018/09/21 4:0 p.m.138 views

CVE-2018-16597

CVE-2018-16597 affects the Linux kernel prior to version 4.8. The issue is an incorrect access check in overlayfs mounts, which could allow a local attacker to modify or truncate files on the underlying filesystem. The connected Nessus/OpenVAS advisories reference kernel updates to fix this vulne...

5.5CVSS5.7AI score0.00542EPSS