Netapp

Ontap Select Deploy Administration Utility

178 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.1

CVE-2025-1181

Exploit
  • EPSS 0.24%
  • Veröffentlicht 11.02.2025 08:15:31
  • Zuletzt bearbeitet 21.05.2025 20:35:11

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiat...

6.3

CVE-2025-1178

Exploit
  • EPSS 0.21%
  • Veröffentlicht 11.02.2025 07:15:29
  • Zuletzt bearbeitet 21.05.2025 20:35:24

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be la...

3.4

CVE-2025-0167

Exploit
  • EPSS 0.08%
  • Veröffentlicht 05.02.2025 10:15:22
  • Zuletzt bearbeitet 30.07.2025 19:41:45

When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `de...

3.4

CVE-2024-11053

Exploit
  • EPSS 0.29%
  • Veröffentlicht 11.12.2024 08:15:05
  • Zuletzt bearbeitet 30.07.2025 17:39:25

When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an e...

6.5

CVE-2024-8096

Exploit
  • EPSS 0.21%
  • Veröffentlicht 11.09.2024 10:15:02
  • Zuletzt bearbeitet 30.07.2025 19:42:16

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. ...

7.5

CVE-2024-6119

  • EPSS 4.4%
  • Veröffentlicht 03.09.2024 16:15:07
  • Zuletzt bearbeitet 03.06.2025 10:51:54

Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal term...

7.5

CVE-2024-39689

  • EPSS 21.23%
  • Veröffentlicht 05.07.2024 19:15:10
  • Zuletzt bearbeitet 15.02.2025 00:15:13

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from `GLOBALTRUST`...

8.1

CVE-2024-6387

Medienbericht Exploit
  • EPSS 38.58%
  • Veröffentlicht 01.07.2024 13:15:06
  • Zuletzt bearbeitet 30.09.2025 13:52:23

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to aut...

8.8

CVE-2024-21989

  • EPSS 0.19%
  • Veröffentlicht 17.04.2024 20:15:07
  • Zuletzt bearbeitet 10.02.2025 19:27:49

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges.

9.8

CVE-2024-21990

  • EPSS 0.2%
  • Veröffentlicht 17.04.2024 20:15:07
  • Zuletzt bearbeitet 10.02.2025 19:29:29

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials.