Product:

Cloud_backup

(Netapp)
Repositories https://github.com/openbsd/src
https://github.com/torvalds/linux
https://github.com/madler/zlib
https://github.com/openssh/openssh-portable
#Vulnerabilities 352
Date Id Summary Products Score Patch Annotated
2019-12-22 CVE-2019-19922 kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster... Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Aff_baseboard_management_controller, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, Fas\/aff_baseboard_management_controller, Hci_baseboard_management_controller, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller, Steelstore_cloud_integrated_storage, Sd\-Wan_edge 5.5
2017-10-26 CVE-2017-15906 The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. Debian_linux, Active_iq_unified_manager, Cloud_backup, Clustered_data_ontap, Cn1610_firmware, Data_ontap_edge, Hci_management_node, Oncommand_unified_manager_core_package, Solidfire, Steelstore_cloud_integrated_storage, Storage_replication_adapter_for_clustered_data_ontap, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console, Openssh, Sun_zfs_storage_appliance_kit, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation 5.3
2019-11-14 CVE-2019-11113 Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access. Graphics_driver, Cloud_backup, Data_availability_services, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage 4.4
2019-11-14 CVE-2019-11089 Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access. Graphics_driver, Cloud_backup, Data_availability_services, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage 5.5
2019-11-14 CVE-2019-11111 Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access. Graphics_driver, Cloud_backup, Data_availability_services, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage 7.8
2019-11-14 CVE-2019-14574 Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Graphics_driver, Cloud_backup, Data_availability_services, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage 5.5
2019-11-14 CVE-2019-14590 Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. Graphics_driver, Cloud_backup, Data_availability_services, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage 5.5
2019-11-14 CVE-2019-14591 Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Graphics_driver, Cloud_backup, Data_availability_services, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage 5.5
2019-12-24 CVE-2019-19947 In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c. Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Aff_baseboard_management_controller, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, Fas\/aff_baseboard_management_controller, Hci_baseboard_management_controller, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller, Steelstore_cloud_integrated_storage 4.6
2017-10-19 CVE-2017-10274 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to... Debian_linux, Active_iq_unified_manager, Cloud_backup, E\-Series_santricity_management_plug\-Ins, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_web_services, Element_software, Oncommand_balance, Oncommand_insight, Oncommand_performance_manager, Oncommand_shift, Oncommand_unified_manager, Oncommand_workflow_automation, Plug\-In_for_symantec_netbackup, Snapmanager, Steelstore_cloud_integrated_storage, Storage_replication_adapter_for_clustered_data_ontap, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console, Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation 6.8