Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Virtual_storage_console_for_vmware_vsphere
(Netapp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-04-25 | CVE-2019-3900 | An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Active_iq_unified_manager_for_vmware_vsphere, Cn1610_firmware, Hci_management_node, Snapprotect, Solidfire, Storage_replication_adapter_for_clustered_data_ontap_for_vmware_vsphere, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console_for_vmware_vsphere, Sd\-Wan_edge, Enterprise_linux | 7.7 | ||
| 2019-04-24 | CVE-2019-3882 | A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Active_iq_unified_manager_for_vmware_vsphere, Cn1610_firmware, Hci_management_node, Snapprotect, Solidfire, Storage_replication_adapter_for_clustered_data_ontap_for_vmware_vsphere, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console_for_vmware_vsphere, Leap | 5.5 | ||
| 2019-04-22 | CVE-2019-3901 | A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execve() syscall with setuid execution before perf_event_alloc() actually attaches to it, allowing an attacker to bypass the ptrace_may_access() check and the perf_event_exit_task(current) call that is performed in... | Debian_linux, Linux_kernel, Active_iq_unified_manager_for_vmware_vsphere, Cn1610_firmware, Hci_management_node, Snapprotect, Solidfire, Storage_replication_adapter_for_clustered_data_ontap_for_vmware_vsphere, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console_for_vmware_vsphere | 4.7 | ||
| 2017-02-07 | CVE-2016-5711 | NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a non-unique certificate, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors. | Virtual_storage_console_for_vmware_vsphere | 9.8 |