Lucene search
+L
NetappSolidfire

192 matches found

CVE
CVE
added 2019/11/04 3:36 p.m.270 views

CVE-2019-18683

CVE-2019-18683 affects the Linux kernel’s V4L2 vivid driver (drivers/media/platform/vivid). The issue arises from wrong mutex locking in functions vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and related kthreads, causing multiple race conditions dur...

7CVSS7.7AI score0.00985EPSS
CVE
CVE
added 2022/07/07 12:0 a.m.270 views

CVE-2022-32205

CVE-2022-32205 affects curl and can cause denial of service when a malicious server serves a large number of Set-Cookie headers. curl

4.3CVSS6.2AI score0.26915EPSS
CVE
CVE
added 2020/04/30 12:0 a.m.265 views

CVE-2020-1752

CVE-2020-1752 (glibc) is a use-after-free vulnerability in the tilde expansion path handling of glibc’s glob processing, originating in upstream version 2.14 and fixed in 2.32. The issue affects directory paths beginning with a tilde followed by a valid username and can be exploited by a local at...

7CVSS7.1AI score0.00535EPSS
CVE
CVE
added 2020/11/28 6:20 a.m.254 views

CVE-2020-29369

CVE-2020-29369 is a real Linux kernel vulnerability described in the connected docs. It is a race condition in mm/mmap.c (expand_downwards vs. expand_upwards) that can occur during munmap page-table free operations, present in Linux kernels before 5.7.11 (CID-246c320a8cfe). The issue is triggered...

7CVSS6.7AI score0.0045EPSS
CVE
CVE
added 2020/04/02 6:0 p.m.251 views

CVE-2020-8835

CVE-2020-8835 affects Linux kernel 5.5.0 and newer, with backports to 5.4.x. The issue is in the BPF verifier (kernel/bpf/verifier.c): it truncates 64-bit values to 32-bit for 32-bit operations, causing the verifier’s checked bounds to diverge from actual execution. This can lead to out-of-bounds...

7.8CVSS7.2AI score0.0601EPSS
CVE
CVE
added 2019/11/07 1:8 p.m.249 views

CVE-2019-18805

CVE-2019-18805 affects the Linux kernel prior to 5.0.11. A signed integer overflow occurs in net/ipv4/sysctl_net_ipv4.c and in tcp_input.c (tcp_ack_update_rtt()) when a very large value is written to /proc/sys/net/ipv4/tcp_min_rtt_wlen, potentially causing a denial of service or other impact. Con...

9.8CVSS9.1AI score0.03431EPSS
Web
CVE
CVE
added 2019/02/24 12:0 a.m.248 views

CVE-2019-9075

CVE-2019-9075 affects GNU Binutils 2.32 (libbfd) with a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap (archive64.c). Multiple connected sources (Astra Linux, CNVD, Debian tracker, F5 advisory, Cloud Linux updates) confirm the vulnerability in the BFD library and describe potential...

7.8CVSS7.7AI score0.01697EPSS
CVE
CVE
added 2019/04/22 3:22 p.m.246 views

CVE-2019-3901

CVE-2019-3901 describes a race condition in perf_event_open() that can leak data from setuid processes. The root cause is that cred_guard_mutex is not held during the ptrace_may_access() check, allowing a target task to execve() with setuid execution before perf_event_alloc() attaches, bypassing ...

5.6CVSS5.4AI score0.00339EPSS
CVE
CVE
added 2019/09/30 12:3 p.m.239 views

CVE-2019-16995

CVE-2019-16995 affects the Linux kernel prior to 5.0.3. The issue is a memory leak in hsr_dev_finalize() (net/hsr/hsr_device.c) that can occur if hsr_add_port fails to add a port, potentially leading to a denial of service. The vulnerability is not tied to a vendor product in the provided text be...

7.8CVSS7.7AI score0.03529EPSS
CVE
CVE
added 2021/11/15 12:0 a.m.239 views

CVE-2021-42376

CVE-2021-42376 is a BusyBox vulnerability affecting the hush applet where a NULL pointer dereference can cause denial of service when processing a crafted command due to missing validation after a delimiter. Public disclosures and vendor advisories across multiple distributions (Debian, Alpine, F...

5.5CVSS6.9AI score0.00399EPSS
CVE
CVE
added 2019/12/17 5:58 a.m.236 views

CVE-2019-19816

CVE-2019-19816 affects the Linux kernel 5.0.21: mounting a crafted btrfs image can trigger a slab-out-of-bounds write in __btrfs_map_block in fs/btrfs/volumes.c due to mishandling of the data stripes value = 1. The connected Nessus advisory blocks (Unity Linux UTSA-2026-004332 and related plugin ...

9.3CVSS7.1AI score0.03293EPSS
CVE
CVE
added 2018/06/26 5:0 p.m.230 views

CVE-2017-7658

In CVE-2017-7658, Eclipse Jetty had a flaw in how it handles HTTP requests when multiple Content-Length headers are present or when a Content-Length header accompanies a chunked encoding header. This could allow a forged or pipelined request to bypass intermediary authorization if the shorter len...

9.8CVSS9.2AI score0.20985EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.219 views

CVE-2019-9074

CVE-2019-9074 affects the GNU Binutils Binary File Descriptor library (libbfd) bundled in Binutils 2.32. It is an out-of-bounds read in bfd_getl32 called from pei-x86_64.c, leading to a SEGV. Several connected advisories confirm impact on local attackers via crafted ELF/PE files and DoS, with pos...

5.5CVSS5.9AI score0.01569EPSS
CVE
CVE
added 2024/04/13 12:0 a.m.219 views

CVE-2024-32487

CVE-2024-32487 affects the less utility. The issue allows OS command execution via a newline character in a file name due to faulty quoting in filename.c (affecting versions up to 653). Exploitation typically requires attacker-controlled file names (e.g., from an untrusted archive) and the LESSOP...

8.6CVSS9.2AI score0.00628EPSS
CVE
CVE
added 2019/02/25 10:0 p.m.218 views

CVE-2019-9162

CVE-2019-9162 concerns the Linux kernel prior to 4.20.12, where the SNMP NAT module's net/ipv4/netfilter/nf_nat_snmp_basic_main.c contains insufficient ASN.1 length checks. This can trigger an out-of-bounds read/write (array index) leading to a kernel oops or local privilege escalation, specifica...

7.8CVSS7.1AI score0.01092EPSS
CVE
CVE
added 2018/03/06 8:0 p.m.212 views

CVE-2018-7185

CVE-2018-7185 affects ntp protocol engine in ntp 4.2.6 before 4.2.8p11, where a remote attacker can send crafted packets with a zero-origin timestamp and the source IP of the other side of an interleaved association to cause the victim ntpd to reset its association, producing a denial of service....

7.5CVSS7.2AI score0.09056EPSS
CVE
CVE
added 2018/03/06 8:0 p.m.202 views

CVE-2018-7170

CVE-2018-7170 affects ntp’s ntpd component in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92. An authenticated attacker who knows a private symmetric key can create many ephemeral associations to win the clock selection (Sybil attack) and modify a victim’s clock. The issue arises from an incomp...

5.3CVSS6.3AI score0.02704EPSS
CVE
CVE
added 2019/11/27 11:41 p.m.198 views

CVE-2019-19318

The CVE-2019-19318 issue affects Linux kernel 5.3.11. Root cause: mounting a crafted btrfs image twice can trigger a use-after-free in rwsem_down_write_slowpath because rwsem_can_spin_on_owner’s rwsem_owner_flags returns an already freed pointer. Documented impact per sources indicates an availab...

4.4CVSS6AI score0.00645EPSS
CVE
CVE
added 2019/12/17 5:43 a.m.197 views

CVE-2019-19813

CVE-2019-19813 is a Linux kernel use-after-free in __mutex_lock on Linux kernel 5.0.21 when mounting a crafted btrfs image, performing operations, and calling syncfs, related to mutex_can_spin_on_owner, __btrfs_qgroup_free_meta, and btrfs_insert_delayed_items. It is a local, user-interaction-requ...

7.1CVSS5.7AI score0.02129EPSS
CVE
CVE
added 2019/04/26 8:26 p.m.194 views

CVE-2019-3844

Summary (CVE-2019-3844): Affected component is systemd with DynamicUser; a local attacker can create SUID/SGID binaries and gain access to resources owned by a potentially different service after the transient UID/GID is recycled. This is a local privilege escalation vulnerability. Remediation fo...

7.8CVSS7.4AI score0.00888EPSS
CVE
CVE
added 2019/07/30 12:5 p.m.193 views

CVE-2019-14444

CVE-2019-14444: GNU Binutils 2.32 contains an integer overflow in readelf/elfcomm.c (byte_put_little_endian) that can trigger a denial of service via crafted ELF files. IBM Netezza products have addressed this by upgrading Binutils; remediation patches include Netezza Analytics 3.3.8 (and related...

5.5CVSS6.2AI score0.01481EPSS
CVE
CVE
added 2019/06/03 9:58 p.m.190 views

CVE-2019-12615

CVE-2019-12615 affects the Linux kernel (SPARC) in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c prior to/through version 5.1.6, due to an unchecked kstrdup_const of node_info->vdev_port.name that can trigger a NULL pointer dereference and system crash. This is a DoS vulnerability as de...

7.8CVSS7AI score0.03574EPSS
CVE
CVE
added 2021/11/15 12:0 a.m.183 views

CVE-2021-42377

CVE-2021-42377 (BusyBox) is one of multiple vulnerabilities affecting BusyBox, specifically in the hush applet. The issue is an attacker-controlled pointer free that can cause denial of service and, under rare crafted inputs, may enable remote code execution. The vulnerability is categorized unde...

9.8CVSS9.5AI score0.03379EPSS
CVE
CVE
added 2021/08/08 7:25 p.m.181 views

CVE-2021-38202

CVE-2021-38202 affects the Linux kernel before 5.13.4, where fs/nfsd/trace.h can allow remote attackers to trigger a denial-of-service via an out-of-bounds read in strlen when the trace event framework is used for nfsd. The vulnerability is triggered by NFS traffic sent over the network. A fix wa...

7.5CVSS6.9AI score0.0319EPSS
CVE
CVE
added 2021/11/15 12:0 a.m.179 views

CVE-2021-42374

CVE-2021-42374 is an out-of-bounds heap read in BusyBox’s unlzma applet that can lead to information leakage and denial of service when decompressing crafted LZMA input. Connected sources confirm impact on BusyBox broadly (unlzma) across multiple distributions and variants (e.g., Debian/BusyBox a...

5.3CVSS5.9AI score0.00579EPSS
CVE
CVE
added 2022/05/08 12:0 a.m.178 views

CVE-2022-1619

CVE-2022-1619 is a heap-based buffer overflow in Vim's cmdline_erase_chars (vim/vim) before version 8.2.4899. The vulnerability can crash Vim, corrupt memory, and potentially enable remote code execution. The connected Astra Linux bulletin confirms the same technical detail. The provided document...

7.8CVSS7.3AI score0.02481EPSS
CVE
CVE
added 2021/08/08 7:25 p.m.170 views

CVE-2021-38203

CVE-2021-38203 affects the btrfs component in the Linux kernel, with the issue present in versions before 5.13.4. The root cause is a race condition during allocations of new system chunks when space is scarce in space_info, which can lead to a denial-of-service (deadlock) for local attackers. Pu...

5.5CVSS5.1AI score0.00365EPSS
CVE
CVE
added 2020/12/09 9:6 p.m.169 views

CVE-2020-16599

CVE-2020-16599 concerns a NULL pointer dereference in the GNU Binutils library (libbfd) distributed with Binutils 2.35, specifically in _bfd_elf_get_symbol_version_string used by nm-new, which can cause a denial of service via a crafted ELF file. The connected Nessus entries note an “illegal memo...

5.5CVSS5.4AI score0.01042EPSS
CVE
CVE
added 2019/11/18 5:23 a.m.168 views

CVE-2019-19050

CVE-2019-19050 describes a memory leak in the Linux kernel’s crypto_reportstat() path (crypto/crypto_user_stat.c) that can cause a denial of service via memory consumption when crypto_reportstat_alg() fails, affected up to kernel 5.3.11. Connected Nessus advisories (Unity Linux UTSA-2026-003794 a...

7.8CVSS7.5AI score0.05077EPSS
CVE
CVE
added 2019/07/23 1:39 p.m.163 views

CVE-2019-1010204

CVE-2019-1010204 affects GNU binutils, specifically the gold linker. The vulnerability arises from a combination of improper input validation , signed/unsigned comparison , and an out-of-bounds read in the code paths for gold/fileread.cc:497 and elfcpp/elfcpp_file.h:644. The documented impact is ...

5.5CVSS5.9AI score0.01115EPSS
CVE
CVE
added 2019/04/26 8:27 p.m.161 views

CVE-2019-3843

CVE-2019-3843 concerns systemd's DynamicUser feature, where a service can create a SUID/SGID binary and retain it under a transient UID/GID after termination. The result is a local attacker potentially accessing resources owned by a different service in the future when UID/GID are recycled, as de...

7.8CVSS7.2AI score0.00912EPSS
CVE
CVE
added 2020/02/25 5:55 p.m.159 views

CVE-2020-9391

CVE-2020-9391 affects the Linux kernel on AArch64 (versions 5.4 to 5.5.6). The top byte of the address passed to brk is ignored, potentially moving the program break downward instead of upward, which can cause heap corruption in glibc malloc. Public sources in the connected documents consistently...

5.5CVSS5.4AI score0.00497EPSS
CVE
CVE
added 2021/11/15 12:0 a.m.159 views

CVE-2021-42373

CVE-2021-42373 is a NULL pointer dereference in BusyBox's man applet triggered when a section name is supplied but no page argument is given, causing a denial of service via local access. Affected product: BusyBox (man applet). Root cause: NULL pointer dereference in mq_handle logic; impact: loca...

5.5CVSS6.8AI score0.00377EPSS
CVE
CVE
added 2021/11/15 12:0 a.m.156 views

CVE-2021-42375

CVE-2021-42375 concerns BusyBox ash applet: incorrect handling of a special element can trigger a denial of service when processing a crafted shell command. Affected product: Cloud Pak for Security (CP4S) versions 1.8.1.0, 1.8.0.0, and 1.7.2.0. Remediation: upgrade to CP4S 1.9.0.0 per IBM guidanc...

5.5CVSS7AI score0.00378EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.137 views

CVE-2019-9071

CVE-2019-9071 affects GNU Binutils’ libiberty component (cp-demangle.c, function d_count_templates_scopes) with a stack consumption/stack overflow vulnerability after deep recursion. Likely enables buffer overflow and remote code execution in affected contexts as described in multiple advisories....

5.5CVSS6.1AI score0.01813EPSS
CVE
CVE
added 2019/11/18 5:24 a.m.132 views

CVE-2019-19069

CVE-2019-19069 affects the Linux kernel fastrpc DMA path. A memory leak in the function fastrpc_dma_buf_attach() (drivers/misc/fastrpc.c) can be triggered by dma_get_sgtable() failures, allowing a potential denial of service through memory consumption. The vulnerability is in kernels before 5.3.9...

7.8CVSS6.8AI score0.03422EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.129 views

CVE-2019-9073

CVE-2019-9073 affects the GNU Binutils Binary File Descriptor library (libbfd) shipped with Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables (elf.c). This can impact availability (PARTIAL per CVSSv3), with local attack vector and no confidentiality/in...

5.5CVSS6.1AI score0.01097EPSS
CVE
CVE
added 2023/07/17 12:0 a.m.128 views

CVE-2023-38432

CVE-2023-38432 affects the Linux kernel prior to 6.3.10. The KSMBD SMB2 server (fs/smb/server/smb2misc.c) does not validate the relationship between the SMB command payload size and RFC1002 length, causing an out-of-bounds read. Impact: potential information disclosure or crash as stated by affec...

9.1CVSS8.7AI score0.02378EPSS
CVE
CVE
added 2019/03/27 5:15 a.m.127 views

CVE-2019-10125

CVE-2019-10125 affects the Linux kernel (up to v5.0.4) where aio_poll() in fs/aio.c may release a file by aio_poll_wake() after vfs_poll() returns, causing a use-after-free. Connected advisories (Unity Linux UTSA entries) reproduce the vulnerable description and map the issue to kernel code path ...

10CVSS8.9AI score0.05258EPSS
CVE
CVE
added 2022/05/25 2:49 p.m.127 views

CVE-2022-1678

CVE-2022-1678 affects Linux kernel 4.18–4.19, with memory/netns leaks due to improper sock reference handling in TCP pacing. Public Nessus/Unity advisories confirm the issue and reference kernel commits addressing the vulnerability; exploitation is described as remote via TCP pacing. Mitigation/r...

7.5CVSS7.2AI score0.02913EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.100 views

CVE-2019-9072

CVE-2019-9072 affects the GNU Binutils Binary File Descriptor library (libbfd) shipped with Binutils 2.32. The issue is an attempted excessive memory allocation in setup_group() within elf.c, which can enable a denial-of-service through memory exhaustion when processing ELF files. Public advisori...

5.5CVSS5.5AI score0.01159EPSS
CVE
CVE
added 2021/01/08 3:19 p.m.57 views

CVE-2020-8584

The CVE-2020-8584 issue relates to Element OS, affecting versions prior to 1.8P1 and 12.2. It arises from a failure to properly filter certain elements of externally-entered data during the construction of a code segment, enabling an unauthenticated remote attacker to execute arbitrary code. This...

10CVSS9.6AI score0.0417EPSS
Total number of security vulnerabilities192