Netapp

Active Iq Unified Manager

841 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2018-14550

Exploit
  • EPSS 1.78%
  • Published 10.07.2019 12:15:10
  • Last modified 21.11.2024 03:49:17

An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.

5.3

CVE-2019-13118

  • EPSS 1.21%
  • Published 01.07.2019 02:15:09
  • Last modified 21.11.2024 04:24:13

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.

9.8

CVE-2019-10126

  • EPSS 3.84%
  • Published 14.06.2019 14:29:00
  • Last modified 21.11.2024 04:18:28

A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.

9.8

CVE-2019-3888

  • EPSS 0.57%
  • Published 12.06.2019 14:29:04
  • Last modified 21.11.2024 04:42:48

A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUE...

7.8

CVE-2019-12615

  • EPSS 2.03%
  • Published 03.06.2019 22:29:00
  • Last modified 21.11.2024 04:23:11

An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL poin...

9.3

CVE-2019-11815

Exploit
  • EPSS 1.19%
  • Published 08.05.2019 14:29:00
  • Last modified 21.11.2024 04:21:49

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.

9.3

CVE-2018-20836

  • EPSS 1.88%
  • Published 07.05.2019 14:29:00
  • Last modified 21.11.2024 04:02:16

An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.

9.8

CVE-2019-11068

  • EPSS 1.01%
  • Published 10.04.2019 20:29:01
  • Last modified 21.11.2024 04:20:28

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is su...

10

CVE-2019-10125

Exploit
  • EPSS 4.27%
  • Published 27.03.2019 06:29:00
  • Last modified 21.11.2024 04:18:27

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and t...

5.9

CVE-2019-1559

  • EPSS 5.05%
  • Published 27.02.2019 23:29:00
  • Last modified 21.11.2024 04:36:48

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid...