Netapp

Active Iq Unified Manager

846 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2021-3520

  • EPSS 0.13%
  • Veröffentlicht 02.06.2021 13:15:13
  • Zuletzt bearbeitet 21.11.2024 06:21:44

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. Th...

7.8

CVE-2020-25670

Exploit
  • EPSS 0.06%
  • Veröffentlicht 26.05.2021 11:15:08
  • Zuletzt bearbeitet 21.11.2024 05:18:25

A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.

7.8

CVE-2020-25671

Exploit
  • EPSS 0.13%
  • Veröffentlicht 26.05.2021 11:15:08
  • Zuletzt bearbeitet 21.11.2024 05:18:25

A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.

5.5

CVE-2020-25673

Exploit
  • EPSS 0.13%
  • Veröffentlicht 26.05.2021 11:15:08
  • Zuletzt bearbeitet 21.11.2024 05:18:25

A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.

7.5

CVE-2020-25672

  • EPSS 2.29%
  • Veröffentlicht 25.05.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 05:18:25

A memory leak vulnerability was found in Linux kernel in llcp_sock_connect

8.6

CVE-2021-3517

  • EPSS 0.08%
  • Veröffentlicht 19.05.2021 14:15:07
  • Zuletzt bearbeitet 02.12.2025 22:16:07

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-o...

8.8

CVE-2021-3518

  • EPSS 0.23%
  • Veröffentlicht 18.05.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:44

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, inte...

5.9

CVE-2021-3537

  • EPSS 0.11%
  • Veröffentlicht 14.05.2021 20:15:16
  • Zuletzt bearbeitet 21.11.2024 06:21:47

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could...

6.1

CVE-2020-13529

Exploit
  • EPSS 0.07%
  • Veröffentlicht 10.05.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 05:01:26

An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and...

7.5

CVE-2021-25215

  • EPSS 2.52%
  • Veröffentlicht 29.04.2021 01:15:08
  • Zuletzt bearbeitet 21.11.2024 05:54:33

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable ...