Lucene search
K
NetappService Processor

13 matches found

CVE
CVE
added 2018/08/17 12:0 a.m.5729 views

CVE-2018-15473

OpenSSH vulnerability CVE-2018-15473 affects OpenSSH up to version 7.7, where the server may enumerate valid usernames by returning different responses for invalid authentication attempts due to not delaying bailout until after the request packet is parsed (auth2-gss.c, auth2-hostbased.c, auth2-p...

5.9CVSS5.8AI score0.98631EPSS
CVE
CVE
added 2018/01/21 10:0 p.m.4215 views

CVE-2016-10708

OpenSSH sshd before 7.4 is vulnerable to a denial of service caused by a NULL pointer dereference when processing an out-of-sequence NEWKEYS message (kex.c/packet.c). This affects the OpenSSH server; exploitation leads to daemon crash as demonstrated by Honggfuzz. Affected products include OpenSS...

7.5CVSS5.9AI score0.15716EPSS
CVE
CVE
added 2019/07/17 12:32 p.m.1571 views

CVE-2019-13272

CVE-2019-13272 affects the Linux kernel ptrace code (kernel/ptrace.c), where credentials recording during ptrace relationship establishment can fail, enabling a local attacker to obtain root privileges under certain parent/child lifecycle scenarios and potentially cause a panic. Public advisories...

7.8CVSS7.7AI score0.52199EPSS
In wild
CVE
CVE
added 2019/10/11 6:16 p.m.1431 views

CVE-2019-2215

CVE-2019-2215 is a use-after-free in the Android binder driver (binder.c) that enables local privilege escalation from an app to the Linux kernel. The issue is local, with no user interaction required, and exploitation may lead to memory corruption, denial of service, or escalation per the cited ...

7.8CVSS7.5AI score0.72105EPSS
In wild
CVE
CVE
added 2019/02/27 11:0 p.m.925 views

CVE-2019-1559

OpenSSL vulnerability CVE-2019-1559 describes a padding-oracle weakness where, if an application encounters a fatal protocol error and then calls SSL_shutdown() twice (to send close_notify and to receive one), the server may respond differently to a 0-byte record with invalid padding versus inval...

5.9CVSS6.3AI score0.17139EPSS
CVE
CVE
added 2019/09/20 6:25 p.m.791 views

CVE-2019-14816

CVE-2019-14816 is a Linux kernel heap-based buffer overflow in the mwifiex (Marvell) wifi driver that affects all versions up to, but excluding, 5.3. It enables a local attacker to crash the system or potentially execute arbitrary code via the Marvell wifi chip driver; affected scope is the kerne...

7.8CVSS9.1AI score0.00909EPSS
CVE
CVE
added 2019/09/20 6:27 p.m.753 views

CVE-2019-14814

CVE-2019-14814 affects the Linux kernel Marvell WiFi driver (mwifiex) - a heap-based buffer overflow in the Marvell WiFi chip driver, present in all kernel versions up to but excluding 5.3. This can allow local users to crash the system or, potentially, execute arbitrary code. Public advisories (...

7.8CVSS9AI score0.00869EPSS
CVE
CVE
added 2019/09/17 3:9 p.m.616 views

CVE-2019-14835

The CVE-2019-14835 entry describes a buffer overflow in Linux kernel vhost functionality (virtqueue buffers translated to IOVs) during VM live migration. A privileged guest user could pass descriptors with invalid length while migration is underway, potentially causing a host privilege escalation...

7.8CVSS8.3AI score0.00627EPSS
CVE
CVE
added 2019/09/04 5:50 a.m.609 views

CVE-2019-15902

CVE-2019-15902 describes a backporting error that reintroduced Spectre-v1 in ptrace_get_debugreg() due to swapped lines during cherry-picking. Affected Linux kernels include 4.4.x (up to 4.4.190), 4.9.x (up to 4.9.190), 4.14.x (up to 4.14.141), 4.19.x (up to 4.19.69), and 5.2.x (up to 5.2.11). Th...

5.6CVSS6.7AI score0.00586EPSS
CVE
CVE
added 2021/01/04 12:0 a.m.606 views

CVE-2019-25013

CVE-2019-25013 affects the GNU C Library (glibc) iconv, where processing invalid multi-byte input in EUC-KR can cause a buffer over-read. Connected advisories confirm the issue and map it to glibc versions affected (through 2.32) and note that Debian, AlmaLinux/Alma or Amazon Linux advisories add...

7.1CVSS6.8AI score0.03538EPSS
CVE
CVE
added 2017/11/13 10:0 p.m.305 views

CVE-2016-8610

CVE-2016-8610 is a denial-of-service flaw in OpenSSL affecting TLS/SSL alert packet processing during handshakes. The issue exists in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0, enabling a remote attacker to cause high CPU usage and denial of service by sending many alert messages. Con...

7.5CVSS7.4AI score0.39657EPSS
CVE
CVE
added 2019/09/30 12:3 p.m.237 views

CVE-2019-16995

CVE-2019-16995 affects the Linux kernel prior to 5.0.3. The issue is a memory leak in hsr_dev_finalize() (net/hsr/hsr_device.c) that can occur if hsr_add_port fails to add a port, potentially leading to a denial of service. The vulnerability is not tied to a vendor product in the provided text be...

7.8CVSS7.7AI score0.03529EPSS
CVE
CVE
added 2019/03/21 6:25 p.m.53 views

CVE-2019-5490

CVE-2019-5490 affects NetApp Service Processor firmware 2.x–5.x, shipped with a default account enabled, enabling unauthorized command execution. The issue is tied to the default-privilege account and is documented by NetApp/Lenovo advisories; affected platforms may include the listed models, req...

10CVSS9.5AI score0.03493EPSS