Home/Product/netapp hci management node
Product

netapp hci management node

182 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-38430
all versions
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-o
9.1CRITICAL
 CVE-2023-32254
all versions
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the process
9.8CRITICAL
 CVE-2022-35252
all versions
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are s
3.7LOW
 CVE-2022-21549
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported
5.3MEDIUM
 CVE-2022-21541
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported v
5.9MEDIUM
 CVE-2022-21540
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported v
5.3MEDIUM
 CVE-2022-34169
all versions
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This c
7.5HIGH
 CVE-2022-32208
all versions
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possib
5.9MEDIUM
 CVE-2022-32207
all versions
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation
9.8CRITICAL
 CVE-2022-32206
all versions
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and p
6.5MEDIUM
 CVE-2022-32205
all versions
A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl < 7.84.0 stores all of
4.3MEDIUM
 CVE-2022-2068
all versions
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script d
7.3HIGH
 CVE-2022-1678
all versions
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memo
5.9MEDIUM
 CVE-2022-1587
all versions
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit
9.1CRITICAL
 CVE-2022-1586
all versions
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2
9.1CRITICAL
 CVE-2022-1619
all versions
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities ar
7.8HIGH
 CVE-2022-21496
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported vers
5.3MEDIUM
 CVE-2022-21476
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported
7.5HIGH
 CVE-2022-21443
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported
3.7LOW
 CVE-2021-4203
all versions
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen
6.8MEDIUM
 CVE-2021-3753
all versions
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read
4.7MEDIUM
 CVE-2022-21366
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported v
5.3MEDIUM
 CVE-2022-21365
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported v
5.3MEDIUM
 CVE-2022-21360
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported v
5.3MEDIUM
 CVE-2022-21349
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versio
5.3MEDIUM
 CVE-2022-21341
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Suppo
5.3MEDIUM
 CVE-2022-21340
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported
5.3MEDIUM
 CVE-2022-21305
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported v
5.3MEDIUM
 CVE-2022-21299
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported vers
5.3MEDIUM
 CVE-2022-21296
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported vers
5.3MEDIUM
 CVE-2022-21294
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported
5.3MEDIUM
 CVE-2022-21293
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported
5.3MEDIUM
 CVE-2022-21291
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported v
5.3MEDIUM
 CVE-2022-21283
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported
5.3MEDIUM
 CVE-2022-21282
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported vers
5.3MEDIUM
 CVE-2022-21277
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported v
5.3MEDIUM
 CVE-2022-21271
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported
5.3MEDIUM
 CVE-2022-21248
all versions
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Suppo
3.7LOW
 CVE-2021-4083
all versions
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way u
7.0HIGH
 CVE-2021-42377
all versions
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processin
9.8CRITICAL
 CVE-2021-42376
all versions
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to mis
5.5MEDIUM
 CVE-2021-42375
all versions
An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell comm
5.5MEDIUM
 CVE-2021-42374
all versions
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed
5.3MEDIUM
 CVE-2021-42373
all versions
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument
5.5MEDIUM
 CVE-2021-35603
all versions
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions th
3.7LOW
 CVE-2021-35588
all versions
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions
3.1LOW
 CVE-2021-35586
all versions
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions
5.3MEDIUM
 CVE-2021-35578
all versions
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions th
5.3MEDIUM
 CVE-2021-35567
all versions
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versio
6.8MEDIUM
 CVE-2021-35565
all versions
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions th
5.3MEDIUM
 CVE-2021-35564
all versions
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Keytool). Supported versions
5.3MEDIUM
 CVE-2021-35561
all versions
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Utility). Supported versions
5.3MEDIUM
 CVE-2021-35559
all versions
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions t
5.3MEDIUM
 CVE-2021-35556
all versions
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions t
5.3MEDIUM
 CVE-2021-35550
all versions
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions th
5.9MEDIUM
 CVE-2021-41864
all versions
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eB
7.8HIGH
 CVE-2021-41617
all versions
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because
7.0HIGH
 CVE-2016-20012
all versions
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known t
5.3MEDIUM
 CVE-2021-3712
all versions
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string dat
7.4HIGH
 CVE-2021-3711
all versions
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an applic
9.8CRITICAL
 CVE-2021-38203
all versions
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger alloca
5.5MEDIUM
 CVE-2021-38202
all versions
fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in
7.5HIGH
 CVE-2021-38201
all versions
net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-ou
7.5HIGH
 CVE-2021-38199
all versions
fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NF
6.5MEDIUM
 CVE-2021-38160
all versions
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted devic
7.8HIGH
 CVE-2021-22926
all versions
libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLC
7.5HIGH
 CVE-2021-22925
all versions
curl supports the -t command line option, known as CURLOPT_TELNETOPTIONSin libcurl. This rarely used option is used to send va
5.3MEDIUM
 CVE-2021-22923
all versions
When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink
5.3MEDIUM
 CVE-2021-22922
all versions
When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the met
6.5MEDIUM
 CVE-2021-35942
all versions
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wor
9.1CRITICAL
 CVE-2021-33910
all versions
basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involv
5.5MEDIUM
 CVE-2021-33909
all versions
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to
7.8HIGH
 CVE-2021-34429
all versions
For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to acce
5.3MEDIUM
 CVE-2021-22555
all versions
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker t
8.3HIGH
 CVE-2021-3522
all versions
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
5.5MEDIUM
 CVE-2021-3517
all versions
There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a
8.6HIGH
 CVE-2021-2163
all versions
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries)
5.3MEDIUM
 CVE-2021-2161
all versions
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries)
5.9MEDIUM
 CVE-2021-29154
all versions
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute
7.8HIGH
 CVE-2021-22890
all versions
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad han
3.7LOW
 CVE-2021-22876
all versions
curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leak
5.3MEDIUM
 CVE-2021-28041
all versions
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent
7.1HIGH
 CVE-2020-27223
all versions
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multi
5.2MEDIUM
 CVE-2021-3156
all versions
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalatio
7.8HIGH
 CVE-2021-23240
all versions
selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate pri
7.8HIGH
 CVE-2021-23239
all versions
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests b
2.5LOW
 CVE-2020-8584
all versions
Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote attacker
9.8CRITICAL
 CVE-2020-8286
all versions
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the O
7.5HIGH
 CVE-2020-8285
all versions
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match pa
7.5HIGH
 CVE-2020-8284
all versions
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and p
3.7LOW
 CVE-2020-16599
all versions
A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Bi
5.5MEDIUM
 CVE-2020-1971
all versions
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPar
5.9MEDIUM
 CVE-2020-29369
all versions
An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions
7.0HIGH
 CVE-2020-29368
all versions
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation
7.0HIGH
 CVE-2019-17006
all versions
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the app
9.8CRITICAL
 CVE-2020-14803
all versions
Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 1
5.3MEDIUM
 CVE-2020-14798
all versions
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affec
3.1LOW
 CVE-2020-14797
all versions
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affec
3.7LOW
 CVE-2020-14796
all versions
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affec
3.1LOW
 CVE-2020-14792
all versions
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported versions that are affecte
4.2MEDIUM
 CVE-2020-14781
all versions
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supported versions that are affected a
3.7LOW
 CVE-2020-14779
all versions
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are a
3.7LOW
 CVE-2020-15862
all versions
Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arb
7.8HIGH
 CVE-2020-14356
all versions
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot
7.8HIGH
 CVE-2020-16166
all versions
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the i
3.7LOW
 CVE-2020-15778
all versions
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in th
7.4HIGH
 CVE-2020-14145
all versions
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiati
5.9MEDIUM
 CVE-2020-10732
all versions
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account t
3.3LOW
 CVE-2020-13817
all versions
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system t
7.4HIGH
 CVE-2020-13143
all versions
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without consi
6.5MEDIUM
 CVE-2020-12888
all versions
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
5.3MEDIUM
 CVE-2020-12771
all versions
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coa
5.5MEDIUM
 CVE-2020-12770
all versions
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, ak
6.7MEDIUM
 CVE-2020-12769
all versions
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent c
5.5MEDIUM
 CVE-2020-10690
all versions
There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while re
6.5MEDIUM
 CVE-2020-12653
all versions
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifie
7.8HIGH
 CVE-2020-1752
all versions
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out.
7.0HIGH
 CVE-2020-11884
all versions
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated
7.0HIGH
 CVE-2020-11868
all versions
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a se
7.5HIGH
 CVE-2020-8835
all versions
In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32
7.8HIGH
 CVE-2020-10029
all versions
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-b
5.5MEDIUM
 CVE-2020-9391
all versions
An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the
5.5MEDIUM
 CVE-2020-9383
all versions
An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of
7.1HIGH
 CVE-2020-8992
all versions
ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of se
5.5MEDIUM
 CVE-2019-18282
all versions
The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441
5.3MEDIUM
 CVE-2019-20095
all versions
mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases t
5.5MEDIUM
 CVE-2019-19965
all versions
In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandlin
4.7MEDIUM
 CVE-2019-5108
all versions
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vu
6.5MEDIUM
 CVE-2019-19816
all versions
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds
7.8HIGH
 CVE-2019-19813
all versions
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system
5.5MEDIUM
 CVE-2019-19448
all versions
In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a sy
7.8HIGH
 CVE-2019-19462
all versions
relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay bloc
5.5MEDIUM
 CVE-2019-18276
all versions
An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effe
7.8HIGH
 CVE-2019-19318
all versions
In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in
4.4MEDIUM
 CVE-2019-19069
all versions
A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers
7.5HIGH
 CVE-2019-19050
all versions
A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers
7.5HIGH
 CVE-2019-18805
all versions
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed in
9.8CRITICAL
 CVE-2019-18683
all versions
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalat
7.0HIGH
 CVE-2019-17498
all versions
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabli
8.1HIGH
 CVE-2019-2215
all versions
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is requ
7.8HIGH
 CVE-2019-15166
all versions
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
1.6LOW
 CVE-2019-16995
all versions
In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a
7.5HIGH
 CVE-2019-5094
all versions
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 p
7.5HIGH
 CVE-2019-14816
all versions
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel,
7.8HIGH
 CVE-2019-14814
all versions
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux k
7.8HIGH
 CVE-2019-14821
all versions
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor im
8.8HIGH
 CVE-2019-14835
all versions
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates
7.8HIGH
 CVE-2019-15538
all versions
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a
7.5HIGH
 CVE-2019-15118
all versions
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
5.5MEDIUM
 CVE-2019-14444
all versions
apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access v
5.5MEDIUM
 CVE-2019-1010204
all versions
GNU binutils gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Compari
5.5MEDIUM
 CVE-2019-13272
all versions
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wa
7.8HIGH
 CVE-2019-10126
all versions
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/
9.8CRITICAL
 CVE-2019-12615
all versions
An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unc
7.5HIGH
 CVE-2019-3846
all versions
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while co
8.8HIGH
 CVE-2019-5436
all versions
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.
7.8HIGH
 CVE-2019-11815
all versions
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading
8.1HIGH
 CVE-2019-3844
all versions
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binar
7.8HIGH
 CVE-2019-3843
all versions
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run
7.8HIGH
 CVE-2019-3900
all versions
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incom
7.7HIGH
 CVE-2019-3882
all versions
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If
5.5MEDIUM
 CVE-2019-11486
all versions
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
7.0HIGH
 CVE-2019-3901
all versions
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in
4.7MEDIUM
 CVE-2019-11068
all versions
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access e
9.8CRITICAL
 CVE-2019-10125
all versions
An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if
9.8CRITICAL
 CVE-2019-3874
all versions
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to
6.5MEDIUM
 CVE-2019-9924
all versions
rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any comm
7.8HIGH
 CVE-2018-20669
all versions
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/
7.8HIGH
 CVE-2019-1559
all versions
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to
5.9MEDIUM
 CVE-2019-9162
all versions
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 leng
7.8HIGH
 CVE-2019-9075
all versions
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a hea
7.8HIGH
 CVE-2019-9074
all versions
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an ou
5.5MEDIUM
 CVE-2019-9073
all versions
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an at
5.5MEDIUM
 CVE-2019-9072
all versions
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an at
5.5MEDIUM
 CVE-2019-9071
all versions
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_template
5.5MEDIUM
 CVE-2019-9003
all versions
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arrangin
7.5HIGH
 CVE-2019-5736
all versions
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and
8.6HIGH
 CVE-2017-7658
all versions
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations
9.8CRITICAL
 CVE-2017-5715
all versions
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of i
5.6MEDIUM
 CVE-2017-15906
all versions
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, whic
5.3MEDIUM
 CVE-2016-9131
all versions
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a den
7.5HIGH
 CVE-2007-2768
all versions
OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin