Netapp

Active Iq Unified Manager

841 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2020-9391

Exploit
  • EPSS 0.16%
  • Veröffentlicht 25.02.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:40:32

An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to ...

7.1

CVE-2020-9383

  • EPSS 0.07%
  • Veröffentlicht 25.02.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:40:31

An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.

5.5

CVE-2020-8992

  • EPSS 0.06%
  • Veröffentlicht 14.02.2020 05:15:13
  • Zuletzt bearbeitet 21.11.2024 05:39:47

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

7.1

CVE-2020-8648

Exploit
  • EPSS 0.04%
  • Veröffentlicht 06.02.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:39:11

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

7.5

CVE-2019-9674

  • EPSS 1.24%
  • Veröffentlicht 04.02.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:52:05

Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.

6.5

CVE-2019-20446

  • EPSS 0.97%
  • Veröffentlicht 02.02.2020 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:38:30

In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows expon...

7.5

CVE-2019-14888

  • EPSS 0.24%
  • Veröffentlicht 23.01.2020 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:36

A vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.

2.4

CVE-2019-20386

  • EPSS 0.15%
  • Veröffentlicht 21.01.2020 06:15:11
  • Zuletzt bearbeitet 09.06.2025 16:15:30

An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.

5.3

CVE-2019-18282

  • EPSS 0.39%
  • Veröffentlicht 16.01.2020 16:15:16
  • Zuletzt bearbeitet 21.11.2024 04:32:58

The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and beca...

6.5

CVE-2020-2686

  • EPSS 0.49%
  • Veröffentlicht 15.01.2020 17:15:26
  • Zuletzt bearbeitet 21.11.2024 05:25:59

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple prot...