Every CVE whose affected-product data names Netapp Snapprotect, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2019-10125 — CVSS 9.8 (critical): An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an…
CVE-2018-20836 — CVSS 8.1 (high): An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in…
CVE-2019-11815 — CVSS 8.1 (high): An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a…
CVE-2015-8960 — CVSS 8.1 (high): The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for…
CVE-2019-9162 — CVSS 7.8 (high): In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks…
CVE-2018-20669 — CVSS 7.8 (high): An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_…
CVE-2019-3843 — CVSS 7.8 (high): It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the…
CVE-2019-3844 — CVSS 7.8 (high): It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries…
CVE-2019-3900 — CVSS 7.7 (high): An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming…
CVE-2019-9003 — CVSS 7.5 (high): In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for…
CVE-2019-11486 — CVSS 7.0 (high): The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
CVE-2019-3874 — CVSS 6.5 (medium): The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a…
CVE-2019-1559 — CVSS 5.9 (medium): If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive…
CVE-2019-3882 — CVSS 5.5 (medium): A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device…
CVE-2019-3901 — CVSS 4.7 (medium): A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in…
CVE-2018-20839 — CVSS 4.3 (medium): systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as…