Netapp

Active Iq Unified Manager

841 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-0865

Exploit
  • EPSS 0.07%
  • Veröffentlicht 10.03.2022 17:44:57
  • Zuletzt bearbeitet 21.11.2024 06:39:33

Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.

5.5

CVE-2022-26336

  • EPSS 0.05%
  • Veröffentlicht 04.03.2022 16:15:10
  • Zuletzt bearbeitet 21.11.2024 06:53:46

A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application uses poi-scratchpad ...

7.5

CVE-2022-23308

  • EPSS 0.06%
  • Veröffentlicht 26.02.2022 05:15:08
  • Zuletzt bearbeitet 05.05.2025 17:17:56

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

8.8

CVE-2022-24407

  • EPSS 0.74%
  • Veröffentlicht 24.02.2022 15:15:29
  • Zuletzt bearbeitet 21.11.2024 06:50:21

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.

7.4

CVE-2021-20322

  • EPSS 0.13%
  • Veröffentlicht 18.02.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 05:46:22

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass ...

4.9

CVE-2022-25258

  • EPSS 0.09%
  • Veröffentlicht 16.02.2022 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:51:53

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function ...

4.7

CVE-2021-3753

Exploit
  • EPSS 0.01%
  • Veröffentlicht 16.02.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:20

A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulne...

7.5

CVE-2022-0391

Exploit
  • EPSS 0.95%
  • Veröffentlicht 09.02.2022 23:15:16
  • Zuletzt bearbeitet 21.11.2024 06:38:31

A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r...

7.5

CVE-2022-23913

Exploit
  • EPSS 0.23%
  • Veröffentlicht 04.02.2022 23:15:15
  • Zuletzt bearbeitet 21.11.2024 06:49:27

In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.

5.5

CVE-2021-22570

  • EPSS 0.15%
  • Veröffentlicht 26.01.2022 14:15:08
  • Zuletzt bearbeitet 21.11.2024 05:50:20

Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the...