Steelstore Cloud Integrated Storage

steelstore_cloud_integrated_storage

Vendor: Netapp • 211 CVEs

CVEs (211)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-11113 2Intel Netapp 5Cloud Backup Data Availability ServicesGraphics Driver+2 more Nov 21, 2024 Nov 14, 2019 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local ac...Show more Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access.Show less
CVE-2019-11111 2Intel Netapp 5Cloud Backup Data Availability ServicesGraphics Driver+2 more Nov 21, 2024 Nov 14, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2019-11089 2Intel Netapp 5Cloud Backup Data Availability ServicesGraphics Driver+2 more Nov 21, 2024 Nov 14, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2019-11112 2Intel Netapp 4Cloud Backup Data Availability ServicesGraphics Driver+1 more Nov 21, 2024 Nov 14, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2019-18805 5Broadcom LinuxNetapp+2 more 17Active Iq Unified Manager Aff A400 FirmwareAff A700s Firmware+14 more Nov 21, 2024 Nov 7, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc...Show more An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.Show less
CVE-2019-18683 6Broadcom CanonicalDebian+3 more 188300 Firmware 8700 FirmwareA400 Firmware+15 more Nov 21, 2024 Nov 4, 2019 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the...Show more An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.Show less
CVE-2019-17531 5Debian FasterxmlNetapp+2 more 22Banking Platform Communications Billing And Revenue ManagementCommunications Calendar Server+19 more Nov 21, 2024 Oct 12, 2019 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the se...Show more A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.Show less
CVE-2019-2215 5Canonical DebianGoogle+2 more 77A220 Firmware A320 FirmwareA800 Firmware+74 more Oct 24, 2025 Oct 11, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installat...Show more A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095Show less
CVE-2019-16905 3Netapp OpenbsdSiemens 5Cloud Backup OpensshScalance X204rna Ecc Firmware+2 more Apr 23, 2025 Oct 9, 2019 N/A· v4 7.8 HIGH· v3 4.4 MEDIUM· v2 OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corru...Show more OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.Show less
CVE-2019-17267 5Debian FasterxmlNetapp+2 more 12Active Iq Unified Manager Customer Management And Segmentation FoundationDebian Linux+9 more Nov 21, 2024 Oct 7, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.
CVE-2019-16943 6Debian FasterxmlFedoraproject+3 more 26Active Iq Unified Manager Banking PlatformCommunications Billing And Revenue Management+23 more Nov 21, 2024 Oct 1, 2019 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the se...Show more A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.Show less
CVE-2019-16942 6Debian FasterxmlFedoraproject+3 more 28Active Iq Unified Manager Banking PlatformCommunications Billing And Revenue Management+25 more Nov 21, 2024 Oct 1, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the se...Show more A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.Show less
CVE-2019-16995 3Linux NetappOpensuse 17Aff A700s Firmware Data Availability ServicesH300e Firmware+14 more Nov 21, 2024 Sep 30, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.
CVE-2019-14816 7Canonical DebianFedoraproject+4 more 39A220 Firmware A320 FirmwareA700s Firmware+36 more Nov 21, 2024 Sep 20, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute ar...Show more There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.Show less
CVE-2019-14814 6Canonical DebianLinux+3 more 34A220 Firmware A320 FirmwareA700s Firmware+31 more Nov 21, 2024 Sep 20, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly exec...Show more There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.Show less
CVE-2019-14835 8Canonical DebianFedoraproject+5 more 34Aff A700s Firmware Data Availability ServicesDebian Linux+31 more Nov 21, 2024 Sep 17, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged gu...Show more A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.Show less
CVE-2019-5482 6Debian FedoraprojectHaxx+3 more 17Cloud Backup Communications Operations MonitorCommunications Session Border Controller+14 more Apr 15, 2026 Sep 16, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
CVE-2019-11184 2Intel Netapp 2423106 Firmware 4109t Firmware4110 Firmware+239 more Nov 21, 2024 Sep 16, 2019 N/A· v4 4.8 MEDIUM· v3 2.3 LOW· v2 A race condition in specific microprocessors using Intel (R) DDIO cache allocation and RDMA may allow an authenticated user to potentially enable partial information disclosure via adjacent access.
CVE-2019-16335 6Debian FasterxmlFedoraproject+3 more 17Banking Platform Customer Management And Segmentation FoundationDebian Linux+14 more Nov 21, 2024 Sep 15, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.
CVE-2019-14540 6Debian FasterxmlFedoraproject+3 more 19Banking Platform Customer Management And Segmentation FoundationDebian Linux+16 more Nov 21, 2024 Sep 15, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.

Previous 1...678...11 Next