Netapp

Active Iq Unified Manager

841 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2021-20305

  • EPSS 0.35%
  • Published 05.04.2021 22:15:12
  • Last modified 21.11.2024 05:46:19

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possi...

5.9

CVE-2021-3449

  • EPSS 13.18%
  • Published 25.03.2021 15:15:13
  • Last modified 21.11.2024 06:21:33

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but incl...

7.5

CVE-2019-19343

  • EPSS 0.51%
  • Published 23.03.2021 21:15:13
  • Last modified 21.11.2024 04:34:36

A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1...

9.8

CVE-2021-20231

Exploit
  • EPSS 0.92%
  • Published 12.03.2021 19:15:13
  • Last modified 21.11.2024 05:46:10

A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.

7.5

CVE-2021-22884

Exploit
  • EPSS 0.27%
  • Published 03.03.2021 18:15:14
  • Last modified 21.11.2024 05:50:50

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over ne...

5.8

CVE-2021-20220

  • EPSS 0.31%
  • Published 23.02.2021 18:15:13
  • Last modified 21.11.2024 05:46:09

A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an a...

7.5

CVE-2021-27218

  • EPSS 5.06%
  • Published 15.02.2021 17:15:13
  • Last modified 21.11.2024 05:57:37

An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.

7.5

CVE-2021-27219

Exploit
  • EPSS 0.34%
  • Published 15.02.2021 17:15:13
  • Last modified 21.11.2024 05:57:37

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corrupti...

7.2

CVE-2021-23337

Exploit
  • EPSS 0.86%
  • Published 15.02.2021 13:15:12
  • Last modified 21.11.2024 05:51:31

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

5.5

CVE-2021-21290

Exploit
  • EPSS 0.02%
  • Published 08.02.2021 20:15:12
  • Last modified 21.11.2024 05:47:56

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems inv...