Netapp

Oncommand Unified Manager

169 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-5494

  • EPSS 0.21%
  • Veröffentlicht 10.05.2019 19:29:07
  • Zuletzt bearbeitet 21.11.2024 04:45:02

OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.

7.8

CVE-2019-0211

Warnung Exploit
  • EPSS 85.73%
  • Veröffentlicht 08.04.2019 22:29:00
  • Zuletzt bearbeitet 04.04.2025 15:34:11

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with...

7.5

CVE-2019-0217

  • EPSS 34.78%
  • Veröffentlicht 08.04.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:16:30

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictio...

7.5

CVE-2019-9894

  • EPSS 0.94%
  • Veröffentlicht 21.03.2019 16:01:17
  • Zuletzt bearbeitet 21.11.2024 04:52:31

A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.

7.5

CVE-2019-9897

  • EPSS 2.02%
  • Veröffentlicht 21.03.2019 16:01:17
  • Zuletzt bearbeitet 21.11.2024 04:52:31

Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.

9.8

CVE-2019-9898

  • EPSS 4.44%
  • Veröffentlicht 21.03.2019 16:01:17
  • Zuletzt bearbeitet 21.11.2024 04:52:32

Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.

5.9

CVE-2019-1559

  • EPSS 5.05%
  • Veröffentlicht 27.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:36:48

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid...

2.5

CVE-2019-2513

  • EPSS 0.22%
  • Veröffentlicht 16.01.2019 19:30:35
  • Zuletzt bearbeitet 21.11.2024 04:41:01

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MyS...

6.5

CVE-2019-2529

  • EPSS 0.21%
  • Veröffentlicht 16.01.2019 19:30:35
  • Zuletzt bearbeitet 21.11.2024 04:41:03

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged at...

4.9

CVE-2019-2530

  • EPSS 0.41%
  • Veröffentlicht 16.01.2019 19:30:35
  • Zuletzt bearbeitet 21.11.2024 04:41:03

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multipl...