NetApp Active Iq Performance Analytics Services
By the Year
In 2024 there have been 0 vulnerabilities in NetApp Active Iq Performance Analytics Services . Active Iq Performance Analytics Services did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 12 | 5.78 |
| 2018 | 5 | 6.74 |
It may take a day or so for new Active Iq Performance Analytics Services vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent NetApp Active Iq Performance Analytics Services Security Vulnerabilities
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190
CVE-2019-15902
5.6 - Medium
- September 04, 2019
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.
Information Disclosure
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference
CVE-2019-15098
4.6 - Medium
- August 16, 2019
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
NULL Pointer Dereference
An issue was discovered in the Linux kernel before 4.18.7
CVE-2018-20855
3.3 - Low
- July 26, 2019
An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.
Buffer Overflow
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs
CVE-2019-7612
9.8 - Critical
- March 25, 2019
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.
Credentials Management Errors
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms
CVE-2019-9948
9.1 - Critical
- March 23, 2019
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.
Directory traversal
An issue was discovered in sd-bus in systemd 239
CVE-2019-6454
5.5 - Medium
- March 21, 2019
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).
Memory Corruption
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
CVE-2019-7222
5.5 - Medium
- March 21, 2019
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
CVE-2019-7221
7.8 - High
- March 21, 2019
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
Dangling pointer
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read
CVE-2018-19985
4.6 - Medium
- March 21, 2019
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
Out-of-bounds Read
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes
CVE-2018-16888
4.7 - Medium
- January 14, 2019
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable.
Improper Privilege Management
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'
CVE-2018-16866
3.3 - Low
- January 11, 2019
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
Information Disclosure
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13
CVE-2019-5489
5.5 - Medium
- January 07, 2019
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.
Cleartext Transmission of Sensitive Information
Grafana before 4.6.5 and 5.x before 5.3.3
CVE-2018-19039
6.5 - Medium
- December 13, 2018
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
Information Disclosure
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function
CVE-2018-14634
7.8 - High
- September 25, 2018
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
Integer Overflow or Wraparound
An issue was discovered in the Linux kernel before 4.8
CVE-2018-16597
5.5 - Medium
- September 21, 2018
An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.
AuthZ
An issue was discovered in the Linux kernel through 4.18.8
CVE-2018-17182
7.8 - High
- September 19, 2018
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
Dangling pointer
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
CVE-2018-12099
6.1 - Medium
- June 11, 2018
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for NetApp Storagegrid Webscale Nas Bridge or by NetApp? Click the Watch button to subscribe.
