Netapp

Active Iq Unified Manager

846 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-3597

Exploit
  • EPSS 0.03%
  • Veröffentlicht 21.10.2022 16:15:10
  • Zuletzt bearbeitet 07.05.2025 21:15:56

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff fro...

7.5

CVE-2022-38177

  • EPSS 1.32%
  • Veröffentlicht 21.09.2022 11:15:09
  • Zuletzt bearbeitet 28.05.2025 16:15:26

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

7.5

CVE-2022-38178

  • EPSS 1.48%
  • Veröffentlicht 21.09.2022 11:15:09
  • Zuletzt bearbeitet 28.05.2025 16:15:26

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

9.8

CVE-2022-2526

  • EPSS 0.25%
  • Veröffentlicht 09.09.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:01:11

A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other...

4.9

CVE-2022-2764

  • EPSS 0.12%
  • Veröffentlicht 01.09.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 07:01:39

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.

7.5

CVE-2022-1259

  • EPSS 0.21%
  • Veröffentlicht 31.08.2022 16:15:09
  • Zuletzt bearbeitet 21.11.2024 06:40:21

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.

7.5

CVE-2022-1319

  • EPSS 0.26%
  • Veröffentlicht 31.08.2022 16:15:09
  • Zuletzt bearbeitet 21.11.2024 06:40:28

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400...

7.5

CVE-2022-1199

  • EPSS 0.15%
  • Veröffentlicht 29.08.2022 15:15:10
  • Zuletzt bearbeitet 23.04.2025 18:15:47

A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.

5.3

CVE-2022-23235

  • EPSS 0.24%
  • Veröffentlicht 25.08.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 06:48:14

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via Auto...

6.5

CVE-2021-4209

  • EPSS 0.3%
  • Veröffentlicht 24.08.2022 16:15:09
  • Zuletzt bearbeitet 21.11.2024 06:37:09

A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances...