Netapp

Active Iq Unified Manager

846 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2025-21492

  • EPSS 0.2%
  • Veröffentlicht 21.01.2025 21:15:13
  • Zuletzt bearbeitet 09.04.2025 16:07:30

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via ...

9.8

CVE-2024-52533

Exploit
  • EPSS 2.46%
  • Veröffentlicht 11.11.2024 23:15:05
  • Zuletzt bearbeitet 17.06.2025 01:23:56

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.

5.9

CVE-2024-50602

  • EPSS 0.13%
  • Veröffentlicht 27.10.2024 05:15:04
  • Zuletzt bearbeitet 15.10.2025 17:54:22

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

7.5

CVE-2024-9823

  • EPSS 0.59%
  • Veröffentlicht 14.10.2024 15:15:14
  • Zuletzt bearbeitet 03.11.2025 20:17:05

There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofM...

4.3

CVE-2024-47554

  • EPSS 0.17%
  • Veröffentlicht 03.10.2024 12:15:02
  • Zuletzt bearbeitet 10.07.2025 21:10:32

Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from...

9.2

CVE-2024-47561

  • EPSS 0.49%
  • Veröffentlicht 03.10.2024 11:15:13
  • Zuletzt bearbeitet 10.07.2025 21:04:01

Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code. Users are recommended to upgrade to version 1.11.4  or 1.12.0, which fix this issue.

7.5

CVE-2024-7254

  • EPSS 0.09%
  • Veröffentlicht 19.09.2024 01:15:10
  • Zuletzt bearbeitet 26.09.2025 17:10:19

Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknown...

6.5

CVE-2024-8096

Exploit
  • EPSS 0.41%
  • Veröffentlicht 11.09.2024 10:15:02
  • Zuletzt bearbeitet 30.07.2025 19:42:16

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. ...

4.3

CVE-2024-8372

Exploit
  • EPSS 0.02%
  • Veröffentlicht 09.09.2024 15:15:12
  • Zuletzt bearbeitet 20.11.2025 18:00:14

Improper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This...

4.3

CVE-2024-8373

Exploit
  • EPSS 0.02%
  • Veröffentlicht 09.09.2024 15:15:12
  • Zuletzt bearbeitet 20.11.2025 18:00:14

Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attack...