Check CVE Id
Check CWE Id
'Active iq performance analytics services'
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
Oncommand workflow automation
Clustered data ontap
Oncommand system manager
Snap creator framework
Virtual storage console for vmware vsphere
Oncommand unified manager for clustered data ontap
Ontap select administration utility
Oncommand unified manager core package
Service level manager
Hyper converged infrastructure
Solidfire element os
Oncommand unified manager
Santricity smi-s provider
Data ontap edge
Element software management node
Solidfire element os management node
Santricity cloud connector
E-series santricity os controller
Ontap select deploy
Steelstore cloud integrated storage
Storage automation store
Ontap select deploy utility
Active iq performance analytics services
Ontap select deploy administration utility
Element software management
Fas/aff baseboard management controller
E-series santricity management plug-ins
E-series santricity web services proxy
Aff baseboard management controller
Fas baseboard management controller
Storagegrid webscale nas bridge
Oncommand api services
E-series santricity management
E-series santricity storage manager
E-series santricity web services
Back to Top