Netapp: >> Data Availability Services Security Vulnerabilities
Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-14
Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-11-14
Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access.
CVSS Score
4.4
EPSS Score
0.002
Published
2019-11-14
Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-14
Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-14
Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-11-14
Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-11-14
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-11-07
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free.
CVSS Score
7.0
EPSS Score
0.011
Published
2019-11-04
CVE-2019-2215
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
Known exploited
CVSS Score
7.8
EPSS Score
0.468
Published
2019-10-11