Element Software Management Node Security Vulnerabilities and Issues — Element Software Management Node CVE List

Lucene search

NetappElement Software Management Node

9 matches found

CVE•added 2019/10/17 6:15 p.m.•592 views

CVE-2019-14287

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo...

9CVSS8.7AI score0.84563EPSS

CVE•added 2019/03/21 4:1 p.m.•435 views

CVE-2019-7221

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

7.8CVSS7.5AI score0.00128EPSS

CVE•added 2019/01/07 6:0 p.m.•380 views

CVE-2019-5489

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited...

5.5CVSS6.4AI score0.00291EPSS

CVE•added 2019/03/21 4:0 p.m.•329 views

CVE-2018-19985

The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.

4.6CVSS5.9AI score0.00043EPSS

CVE•added 2019/03/21 4:1 p.m.•306 views

CVE-2019-7222

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

5.5CVSS6.4AI score0.00038EPSS

CVE•added 2018/06/26 4:29 p.m.•269 views

CVE-2017-7657

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as...

9.8CVSS9.1AI score0.0484EPSS

CVE•added 2019/01/16 8:29 p.m.•176 views

CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b...

7.5CVSS6.4AI score0.35731EPSS

CVE•added 2019/04/04 4:29 p.m.•75 views

CVE-2018-20449

The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.

5.5CVSS4.9AI score0.00071EPSS

CVE•added 2018/07/10 9:29 p.m.•41 views

CVE-2018-3627

Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.

8.2CVSS8.1AI score0.0026EPSS