Netapp

Active Iq Unified Manager

848 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-3626

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.10.2022 16:15:11
  • Zuletzt bearbeitet 07.05.2025 16:15:20

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff f...

6.5

CVE-2022-3627

Exploit
  • EPSS 0.03%
  • Veröffentlicht 21.10.2022 16:15:11
  • Zuletzt bearbeitet 07.05.2025 15:15:54

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff fro...

6.5

CVE-2022-3597

Exploit
  • EPSS 0.03%
  • Veröffentlicht 21.10.2022 16:15:10
  • Zuletzt bearbeitet 07.05.2025 21:15:56

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff fro...

7.5

CVE-2022-38177

  • EPSS 1.04%
  • Veröffentlicht 21.09.2022 11:15:09
  • Zuletzt bearbeitet 28.05.2025 16:15:26

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

7.5

CVE-2022-38178

  • EPSS 1.17%
  • Veröffentlicht 21.09.2022 11:15:09
  • Zuletzt bearbeitet 28.05.2025 16:15:26

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

9.8

CVE-2022-2526

  • EPSS 0.25%
  • Veröffentlicht 09.09.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:01:11

A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other...

4.9

CVE-2022-2764

  • EPSS 0.12%
  • Veröffentlicht 01.09.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 07:01:39

A flaw was found in Undertow. Denial of service can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations.

7.5

CVE-2022-1259

  • EPSS 0.24%
  • Veröffentlicht 31.08.2022 16:15:09
  • Zuletzt bearbeitet 21.11.2024 06:40:21

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.

7.5

CVE-2022-1319

  • EPSS 1.02%
  • Veröffentlicht 31.08.2022 16:15:09
  • Zuletzt bearbeitet 21.11.2024 06:40:28

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400...

7.5

CVE-2022-1199

  • EPSS 0.08%
  • Veröffentlicht 29.08.2022 15:15:10
  • Zuletzt bearbeitet 23.04.2025 18:15:47

A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.