Netapp

Clustered Data Ontap

144 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-8579

  • EPSS 0.39%
  • Veröffentlicht 27.10.2020 14:15:15
  • Zuletzt bearbeitet 21.11.2024 05:39:04

Clustered Data ONTAP versions 9.7 through 9.7P7 are susceptible to a vulnerability which allows an attacker with access to an intercluster LIF to cause a Denial of Service (DoS).

6.5

CVE-2020-7069

  • EPSS 8.35%
  • Veröffentlicht 02.10.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:36:36

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and inc...

5.3

CVE-2020-7070

Exploit
  • EPSS 26.09%
  • Veröffentlicht 02.10.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:36:37

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode ...

8.2

CVE-2020-24718

Exploit
  • EPSS 0.1%
  • Veröffentlicht 25.09.2020 04:23:04
  • Zuletzt bearbeitet 21.11.2024 05:15:57

bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel sy...

6.5

CVE-2020-24977

Exploit
  • EPSS 0.55%
  • Veröffentlicht 04.09.2020 00:15:10
  • Zuletzt bearbeitet 21.11.2024 05:16:15

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

5.5

CVE-2020-8576

  • EPSS 0.22%
  • Veröffentlicht 02.09.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:39:03

Clustered Data ONTAP versions prior to 9.3P19, 9.5P14, 9.6P9 and 9.7 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data or disclosure of sensitive information.

9.8

CVE-2020-11984

Exploit
  • EPSS 76.31%
  • Veröffentlicht 07.08.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:59:02

Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE

7.5

CVE-2020-11993

Exploit
  • EPSS 38.85%
  • Veröffentlicht 07.08.2020 16:15:11
  • Zuletzt bearbeitet 01.05.2025 15:40:19

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLev...

5.3

CVE-2020-14155

  • EPSS 0.15%
  • Veröffentlicht 15.06.2020 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:02:45

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

7.2

CVE-2020-7456

  • EPSS 0.15%
  • Veröffentlicht 09.06.2020 19:15:10
  • Zuletzt bearbeitet 21.11.2024 05:37:10

In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-STABLE before r361919, 11.3-RELEASE before p10, and 11.4-RC2 before p1, an invalid memory location may be used for HID items if the push/pop level is not restored within the processi...