Netapp: >> Active Iq Performance Analytics Services Security Vulnerabilities
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.
CVSS Score
5.5
EPSS Score
0.003
Published
2019-01-07
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
CVSS Score
6.5
EPSS Score
0.022
Published
2018-12-13
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
CVSS Score
7.8
EPSS Score
0.029
Published
2018-09-25
An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-09-21
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
CVSS Score
7.8
EPSS Score
0.016
Published
2018-09-19
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-06-11
Page 2