Cloud Backup

cloud_backup

Vendor: Netapp • 345 CVEs

CVEs (345)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-20372 5Apple CanonicalF5+2 more 5Cloud Backup LeapNginx+2 more Nov 21, 2024 Jan 9, 2020 N/A· v4 5.3 MEDIUM· v3 4.3 MEDIUM· v2 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a l...Show more NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.Show less
CVE-2019-20095 3Linux NetappOpensuse 148300 Firmware 8700 FirmwareA400 Firmware+11 more Nov 21, 2024 Dec 30, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory...Show more mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service.Show less
CVE-2019-20054 2Linux Netapp 138300 Firmware 8700 FirmwareA400 Firmware+10 more Nov 21, 2024 Dec 28, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.
CVE-2019-19966 4Debian LinuxNetapp+1 more 13Active Iq Unified Manager Aff Baseboard Management ControllerCloud Backup+10 more Nov 21, 2024 Dec 25, 2019 N/A· v4 4.6 MEDIUM· v3 2.1 LOW· v2 In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.
CVE-2019-19965 5Canonical DebianLinux+2 more 168300 Firmware 8700 FirmwareA400 Firmware+13 more Nov 21, 2024 Dec 25, 2019 N/A· v4 4.7 MEDIUM· v3 1.9 LOW· v2 In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f7...Show more In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.Show less
CVE-2019-19925 8Debian NetappOpensuse+5 more 11Backports Sle Cloud BackupDebian Linux+8 more Nov 21, 2024 Dec 24, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
CVE-2019-19924 5Apache NetappOracle+2 more 5Bookkeeper Cloud BackupMysql Workbench+2 more Nov 21, 2024 Dec 24, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.
CVE-2019-19923 8Debian NetappOpensuse+5 more 11Backports Sle Cloud BackupDebian Linux+8 more Nov 21, 2024 Dec 24, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
CVE-2019-19947 4Canonical DebianLinux+1 more 13Active Iq Unified Manager Aff Baseboard Management ControllerCloud Backup+10 more Nov 21, 2024 Dec 24, 2019 N/A· v4 4.6 MEDIUM· v3 2.1 LOW· v2 In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
CVE-2019-5108 5Canonical DebianLinux+2 more 168300 Firmware 8700 FirmwareA400 Firmware+13 more Nov 21, 2024 Dec 23, 2019 N/A· v4 6.5 MEDIUM· v3 3.3 LOW· v2 An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the require...Show more An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.Show less
CVE-2019-19926 8Debian NetappOpensuse+5 more 11Backports Sle Cloud BackupDebian Linux+8 more Nov 21, 2024 Dec 23, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19...Show more multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.Show less
CVE-2019-19922 5Canonical DebianLinux+2 more 14Active Iq Unified Manager Aff Baseboard Management ControllerCloud Backup+11 more Nov 21, 2024 Dec 22, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that...Show more kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)Show less
CVE-2019-19880 8Debian NetappOpensuse+5 more 11Backports Sle Cloud BackupDebian Linux+8 more Nov 21, 2024 Dec 18, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
CVE-2019-19646 5Netapp OracleSiemens+2 more 6Cloud Backup Mysql WorkbenchOntap Select Deploy Administration Utility+3 more Nov 21, 2024 Dec 9, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
CVE-2019-19603 5Apache NetappOracle+2 more 6Cloud Backup GuacamoleMysql Workbench+3 more Nov 21, 2024 Dec 9, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.
CVE-2019-19645 5Netapp OracleSiemens+2 more 6Cloud Backup Mysql WorkbenchOntap Select Deploy Administration Utility+3 more Nov 21, 2024 Dec 9, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
CVE-2019-19448 4Canonical DebianLinux+1 more 18A700s Firmware Active Iq Unified ManagerAff 8300 Firmware+15 more Nov 21, 2024 Dec 8, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-spa...Show more In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure.Show less
CVE-2019-19447 2Linux Netapp 7Active Iq Unified Manager Cloud BackupData Availability Services+4 more Nov 21, 2024 Dec 8, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/s...Show more In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.Show less
CVE-2019-19317 4Netapp OracleSiemens+1 more 5Cloud Backup Mysql WorkbenchOntap Select Deploy Administration Utility+2 more Nov 21, 2024 Dec 5, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2019-19377 2Linux Netapp 5Active Iq Unified Manager Cloud BackupLinux Kernel+2 more Nov 21, 2024 Nov 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.

Previous 1...111213...18 Next