Netapp Cn1610 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Netapp Cn1610 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2019-10126 — CVSS 9.8 (critical): A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mw…
CVE-2019-10125 — CVSS 9.8 (critical): An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an…
CVE-2019-3846 — CVSS 8.8 (high): A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting…
CVE-2019-11815 — CVSS 8.1 (high): An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a…
CVE-2018-20669 — CVSS 7.8 (high): An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_…
CVE-2019-3843 — CVSS 7.8 (high): It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the…
CVE-2019-3844 — CVSS 7.8 (high): It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries…
CVE-2019-9162 — CVSS 7.8 (high): In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks…
CVE-2019-3900 — CVSS 7.7 (high): An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming…
CVE-2019-12615 — CVSS 7.5 (high): An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked…
CVE-2016-8610 — CVSS 7.5 (high): A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined…
CVE-2019-9003 — CVSS 7.5 (high): In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for…
CVE-2019-3874 — CVSS 6.5 (medium): The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a…
CVE-2018-0734 — CVSS 5.9 (medium): The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in…
CVE-2019-1559 — CVSS 5.9 (medium): If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive…
CVE-2018-0735 — CVSS 5.9 (medium): The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in…
CVE-2019-3882 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device…
CVE-2018-15473 — CVSS 5.3 (medium): OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after…
CVE-2018-15919 — CVSS 5.3 (medium): Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a…
CVE-2017-15906 — CVSS 5.3 (medium): The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows…
CVE-2019-3901 — CVSS 4.7 (medium): A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in…
CVE-2018-20839 — CVSS 4.3 (medium): systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as…