Netapp

Ontap Select Deploy Administration Utility

178 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.1

CVE-2025-1181

Exploit
  • EPSS 0.24%
  • Published 11.02.2025 08:15:31
  • Last modified 21.05.2025 20:35:11

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiat...

6.3

CVE-2025-1178

Exploit
  • EPSS 0.21%
  • Published 11.02.2025 07:15:29
  • Last modified 21.05.2025 20:35:24

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be la...

3.4

CVE-2025-0167

Exploit
  • EPSS 0.08%
  • Published 05.02.2025 10:15:22
  • Last modified 30.07.2025 19:41:45

When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `de...

3.4

CVE-2024-11053

Exploit
  • EPSS 0.29%
  • Published 11.12.2024 08:15:05
  • Last modified 30.07.2025 17:39:25

When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an e...

6.5

CVE-2024-8096

Exploit
  • EPSS 0.21%
  • Published 11.09.2024 10:15:02
  • Last modified 30.07.2025 19:42:16

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. ...

7.5

CVE-2024-6119

  • EPSS 4.4%
  • Published 03.09.2024 16:15:07
  • Last modified 03.06.2025 10:51:54

Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal term...

7.5

CVE-2024-39689

  • EPSS 21.23%
  • Published 05.07.2024 19:15:10
  • Last modified 15.02.2025 00:15:13

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from `GLOBALTRUST`...

8.1

CVE-2024-6387

Media report Exploit
  • EPSS 38.58%
  • Published 01.07.2024 13:15:06
  • Last modified 30.09.2025 13:52:23

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to aut...

8.8

CVE-2024-21989

  • EPSS 0.19%
  • Published 17.04.2024 20:15:07
  • Last modified 10.02.2025 19:27:49

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges.

9.8

CVE-2024-21990

  • EPSS 0.2%
  • Published 17.04.2024 20:15:07
  • Last modified 10.02.2025 19:29:29

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials.