Netapp

Active Iq Unified Manager

846 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-27534

Exploit
  • EPSS 0.1%
  • Veröffentlicht 30.03.2023 20:15:07
  • Zuletzt bearbeitet 23.04.2025 17:16:28

A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path re...

5.9

CVE-2023-27535

Exploit
  • EPSS 0.07%
  • Veröffentlicht 30.03.2023 20:15:07
  • Zuletzt bearbeitet 09.06.2025 15:15:28

An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if...

5.9

CVE-2023-27536

Exploit
  • EPSS 0.01%
  • Veröffentlicht 30.03.2023 20:15:07
  • Zuletzt bearbeitet 14.02.2025 16:15:33

An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION opt...

5.9

CVE-2023-27537

Exploit
  • EPSS 0.11%
  • Veröffentlicht 30.03.2023 20:15:07
  • Zuletzt bearbeitet 21.11.2024 07:53:07

A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the doc...

5.5

CVE-2023-27538

Exploit
  • EPSS 0.01%
  • Veröffentlicht 30.03.2023 20:15:07
  • Zuletzt bearbeitet 09.06.2025 15:15:29

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previous...

5.3

CVE-2023-28486

  • EPSS 0.1%
  • Veröffentlicht 16.03.2023 01:15:47
  • Zuletzt bearbeitet 21.11.2024 07:55:12

Sudo before 1.9.13 does not escape control characters in log messages.

5.3

CVE-2023-28487

  • EPSS 0.1%
  • Veröffentlicht 16.03.2023 01:15:47
  • Zuletzt bearbeitet 21.11.2024 07:55:12

Sudo before 1.9.13 does not escape control characters in sudoreplay output.

6.5

CVE-2022-23240

  • EPSS 0.08%
  • Veröffentlicht 28.02.2023 23:15:11
  • Zuletzt bearbeitet 18.03.2025 15:15:40

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors.

4.8

CVE-2022-23239

  • EPSS 0.07%
  • Veröffentlicht 28.02.2023 23:15:10
  • Zuletzt bearbeitet 21.11.2024 06:48:14

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting (XSS) attack.

9.1

CVE-2023-23914

Exploit
  • EPSS 0.18%
  • Veröffentlicht 23.02.2023 20:15:13
  • Zuletzt bearbeitet 12.03.2025 19:15:35

A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan...