Netapp

Active Iq Unified Manager

846 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4

CVE-2022-21417

  • EPSS 0.44%
  • Veröffentlicht 19.04.2022 21:15:14
  • Zuletzt bearbeitet 21.11.2024 06:44:39

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mu...

4.9

CVE-2022-21418

  • EPSS 0.32%
  • Veröffentlicht 19.04.2022 21:15:14
  • Zuletzt bearbeitet 21.11.2024 06:44:39

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

4

CVE-2022-21423

  • EPSS 0.35%
  • Veröffentlicht 19.04.2022 21:15:14
  • Zuletzt bearbeitet 21.11.2024 06:44:40

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c...

5.3

CVE-2022-22968

  • EPSS 16.18%
  • Veröffentlicht 14.04.2022 21:15:08
  • Zuletzt bearbeitet 21.11.2024 06:47:42

In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and...

8

CVE-2015-20107

Exploit
  • EPSS 0.8%
  • Veröffentlicht 13.04.2022 16:15:08
  • Zuletzt bearbeitet 03.11.2025 22:15:43

In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untruste...

7

CVE-2022-28796

  • EPSS 0.1%
  • Veröffentlicht 08.04.2022 05:15:07
  • Zuletzt bearbeitet 21.11.2024 06:57:57

jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.

5.5

CVE-2022-1056

Exploit
  • EPSS 0.07%
  • Veröffentlicht 28.03.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:39:56

Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.

6.8

CVE-2021-4203

Exploit
  • EPSS 0.07%
  • Veröffentlicht 25.03.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:37:08

A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak in...

7.5

CVE-2018-25032

Exploit
  • EPSS 0.08%
  • Veröffentlicht 25.03.2022 09:15:08
  • Zuletzt bearbeitet 21.08.2025 20:37:11

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

8.8

CVE-2022-27223

  • EPSS 0.43%
  • Veröffentlicht 16.03.2022 00:15:09
  • Zuletzt bearbeitet 21.11.2024 06:55:26

In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.