Netapp

Active Iq Unified Manager

848 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-22884

Exploit
  • EPSS 0.5%
  • Veröffentlicht 03.03.2021 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:50:50

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over ne...

5.8

CVE-2021-20220

  • EPSS 0.18%
  • Veröffentlicht 23.02.2021 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:46:09

A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an a...

7.5

CVE-2021-27218

  • EPSS 5.21%
  • Veröffentlicht 15.02.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:57:37

An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.

7.5

CVE-2021-27219

Exploit
  • EPSS 2.13%
  • Veröffentlicht 15.02.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:57:37

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corrupti...

7.2

CVE-2021-23337

Exploit
  • EPSS 0.74%
  • Veröffentlicht 15.02.2021 13:15:12
  • Zuletzt bearbeitet 21.11.2024 05:51:31

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

5.5

CVE-2021-21290

Exploit
  • EPSS 0.02%
  • Veröffentlicht 08.02.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:47:56

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems inv...

7.8

CVE-2021-3156

Warnung Exploit
  • EPSS 92.46%
  • Veröffentlicht 26.01.2021 21:15:12
  • Zuletzt bearbeitet 10.11.2025 14:41:45

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

5.5

CVE-2021-1998

  • EPSS 0.28%
  • Veröffentlicht 20.01.2021 15:15:45
  • Zuletzt bearbeitet 21.11.2024 05:45:46

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro...

6.3

CVE-2021-2006

  • EPSS 1.12%
  • Veröffentlicht 20.01.2021 15:15:45
  • Zuletzt bearbeitet 21.11.2024 06:02:09

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to c...

4.3

CVE-2021-2007

  • EPSS 0.53%
  • Veröffentlicht 20.01.2021 15:15:45
  • Zuletzt bearbeitet 21.11.2024 06:02:09

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with ne...