Netapp

Active Iq Unified Manager

841 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2022-2764

  • EPSS 0.12%
  • Published 01.09.2022 21:15:09
  • Last modified 21.11.2024 07:01:39

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.

7.5

CVE-2022-1259

  • EPSS 0.18%
  • Published 31.08.2022 16:15:09
  • Last modified 21.11.2024 06:40:21

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.

7.5

CVE-2022-1319

  • EPSS 0.23%
  • Published 31.08.2022 16:15:09
  • Last modified 21.11.2024 06:40:28

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400...

7.5

CVE-2022-1199

  • EPSS 0.15%
  • Published 29.08.2022 15:15:10
  • Last modified 23.04.2025 18:15:47

A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.

5.3

CVE-2022-23235

  • EPSS 0.24%
  • Published 25.08.2022 18:15:09
  • Last modified 21.11.2024 06:48:14

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via Auto...

6.5

CVE-2021-4209

  • EPSS 0.17%
  • Published 24.08.2022 16:15:09
  • Last modified 21.11.2024 06:37:09

A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances...

5.5

CVE-2021-3800

Exploit
  • EPSS 0.06%
  • Published 23.08.2022 16:15:09
  • Last modified 21.11.2024 06:22:28

A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.

6.1

CVE-2022-35278

  • EPSS 1.27%
  • Published 23.08.2022 15:15:11
  • Last modified 21.11.2024 07:11:01

In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.

9.8

CVE-2022-37434

Exploit
  • EPSS 92.68%
  • Published 05.08.2022 07:15:07
  • Last modified 30.05.2025 20:15:30

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib s...

6.5

CVE-2022-34526

Exploit
  • EPSS 0.29%
  • Published 29.07.2022 23:15:08
  • Last modified 21.11.2024 07:09:42

A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.