Netapp Data Availability Services — known CVE vulnerabilities
Every CVE whose affected-product data names Netapp Data Availability Services, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (61)
CVE-2019-18805 — CVSS 9.8 (critical): An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer…
CVE-2019-14821 — CVSS 8.8 (high): An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements…
CVE-2019-19816 — CVSS 7.8 (high): In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write…
CVE-2019-14835 — CVSS 7.8 (high): A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue…
CVE-2019-11111 — CVSS 7.8 (high): Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an…
CVE-2019-11112 — CVSS 7.8 (high): Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an…
CVE-2019-14816 — CVSS 7.8 (high): There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that…
CVE-2019-14814 — CVSS 7.8 (high): There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel…
CVE-2019-19447 — CVSS 7.8 (high): In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a…
CVE-2019-19448 — CVSS 7.8 (high): In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs…
CVE-2019-19069 — CVSS 7.5 (high): A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause…
CVE-2020-5398 — CVSS 7.5 (high): In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is…
CVE-2019-15538 — CVSS 7.5 (high): An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp…
CVE-2019-16995 — CVSS 7.5 (high): In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port…
CVE-2019-19044 — CVSS 7.5 (high): Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers…
CVE-2019-19050 — CVSS 7.5 (high): A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause…
CVE-2019-19052 — CVSS 7.5 (high): A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a…
CVE-2019-19053 — CVSS 7.5 (high): A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers…
CVE-2019-19060 — CVSS 7.5 (high): A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to…
CVE-2019-19061 — CVSS 7.5 (high): A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows…
CVE-2020-9383 — CVSS 7.1 (high): An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds…
CVE-2019-18683 — CVSS 7.0 (high): An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on…
CVE-2019-5108 — CVSS 6.5 (medium): An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this…
CVE-2020-8992 — CVSS 5.5 (medium): ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service…
CVE-2019-20054 — CVSS 5.5 (medium): In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to…
CVE-2019-19922 — CVSS 5.5 (medium): kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a…
CVE-2019-11089 — CVSS 5.5 (medium): Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated…
CVE-2020-9391 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address…
CVE-2019-14574 — CVSS 5.5 (medium): Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to…
CVE-2019-14590 — CVSS 5.5 (medium): Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to…
CVE-2019-14591 — CVSS 5.5 (medium): Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to…
CVE-2019-20095 — CVSS 5.5 (medium): mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did…
CVE-2019-19813 — CVSS 5.5 (medium): In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can…
CVE-2019-15118 — CVSS 5.5 (medium): check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
CVE-2019-18282 — CVSS 5.3 (medium): The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f…
CVE-2019-17569 — CVSS 4.8 (medium): The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the…
CVE-2020-1935 — CVSS 4.8 (medium): In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line…
CVE-2019-19054 — CVSS 4.7 (medium): A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows…
CVE-2019-19965 — CVSS 4.7 (medium): In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port…
CVE-2019-15221 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the…
CVE-2019-15098 — CVSS 4.6 (medium): drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an…
CVE-2019-15211 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the…
CVE-2019-15212 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the…
CVE-2019-15213 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the…
CVE-2019-15215 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the…
CVE-2019-15216 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the…
CVE-2019-15217 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the…
CVE-2019-15218 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the…
CVE-2019-15219 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the…
CVE-2019-15220 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the…
CVE-2019-15222 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the…
CVE-2019-15223 — CVSS 4.6 (medium): An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the…
CVE-2019-19063 — CVSS 4.6 (medium): Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow…
CVE-2019-19947 — CVSS 4.6 (medium): In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb…
CVE-2019-19966 — CVSS 4.6 (medium): In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial…
CVE-2019-19318 — CVSS 4.4 (medium): In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in…
CVE-2019-11113 — CVSS 4.4 (medium): Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may…
CVE-2019-19057 — CVSS 3.3 (low): Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through…
CVE-2018-20855 — CVSS 3.3 (low): An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp…