Lucene search
K
NetappElement Software Management Node

9 matches found

CVE
CVE
added 2019/10/17 5:3 p.m.683 views

CVE-2019-14287

CVE-2019-14287 affects sudo before 1.8.28. An attacker with a Runas ALL sudoer account can bypass policy blacklists and session PAM modules and cause incorrect logging by invoking sudo with a crafted user ID (example: sudo -u $((0xffffffff))). This corresponds to a local privilege-escalation flaw...

9CVSS8.7AI score0.63917EPSS
CVE
CVE
added 2019/03/17 6:26 p.m.493 views

CVE-2019-7221

CVE-2019-7221 is a Use-after-Free in the KVM implementation of the Linux kernel up to version 4.20.5. The vulnerability concerns KVM VMX preemption timer handling and is locally exploitable with low privileges and no user interaction, potentially affecting confidentiality, integrity, and availabi...

7.8CVSS7.5AI score0.00805EPSS
CVE
CVE
added 2019/01/07 6:0 p.m.416 views

CVE-2019-5489

CVE-2019-5489 affects the Linux kernel mincore() implementation (mm/mincore.c) up to version 4.19.13. It enables a local attacker to observe page cache access patterns of other processes sharing memory, leading to potential information disclosure; the impact is described as partial confidentialit...

5.5CVSS6.4AI score0.00774EPSS
CVE
CVE
added 2019/03/17 7:48 p.m.369 views

CVE-2018-19985

CVE-2018-19985 is a Linux kernel vulnerability describing an out-of-bounds read in hso_get_config_data (drivers/net/usb/hso.c) caused by indexing an array with the device-provided if_num. This is a local, kernel-space issue that could lead to a crash. Public IBM advisories for the IBM 4769 toolki...

4.6CVSS5.9AI score0.00961EPSS
CVE
CVE
added 2019/03/17 6:52 p.m.365 views

CVE-2019-7222

The CVE-2019-7222 issue affects the KVM component of the Linux kernel up to version 4.20.5, where a vulnerability allowed information leakage by exposing uninitialized kernel stack contents to a guest. Connected documents explicitly refer to “KVM: leak of uninitialized stack contents to guest (CV...

5.5CVSS6.4AI score0.00678EPSS
CVE
CVE
added 2018/06/26 4:0 p.m.315 views

CVE-2017-7657

CVE-2017-7657 affects Eclipse Jetty: transfer-encoding chunk size parsing could overflow an integer, causing large chunks to be treated as smaller ones and enabling a fake pipelined request that bypasses intermediary authorization. Affected versions include Jetty 9.2.x and older, 9.3.x (all confi...

9.8CVSS9.1AI score0.16154EPSS
CVE
CVE
added 2019/01/16 8:0 p.m.211 views

CVE-2017-3135

ISC BIND 9 DNS64 and RPZ combined can crash the server. CVE-2017-3135 causes an assertion failure or NULL pointer dereference when query responses are rewritten with both DNS64 and RPZ enabled, leading to a denial of service. Affected versions include BIND 9.8.8 and 9.9.3–9.9.9 (S1–S7/P5), 9.9.10...

7.5CVSS6.4AI score0.17108EPSS
CVE
CVE
added 2019/04/04 3:25 p.m.89 views

CVE-2018-20449

CVE-2018-20449 affects the Linux kernel 4.14.90, specifically the hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c. It allows local users to obtain sensitive address information by reading callback= lines in a debugfs file. The issue is evidenced across multiple feeds (NVD, Red Hat, SUSE...

5.5CVSS4.9AI score0.00421EPSS
CVE
CVE
added 2018/07/10 9:0 p.m.56 views

CVE-2018-3627

CVE-2018-3627 is a logic bug in Intel’s Converged Security Management Engine (CSME) 11.x firmware that could allow an attacker with local privileged access to execute arbitrary code. The vulnerability affects Intel CSME 11.x on several generations of Intel CPUs and is described as a local-elevati...

8.2CVSS8.1AI score0.00529EPSS