Netapp

Active Iq Unified Manager

846 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-14356

Exploit
  • EPSS 0.69%
  • Veröffentlicht 19.08.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:03:05

A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.

7.8

CVE-2020-8574

  • EPSS 0.16%
  • Veröffentlicht 03.08.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:03

Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service enabled allowing unauthorized code execution to local users.

4.4

CVE-2020-8575

  • EPSS 0.06%
  • Veröffentlicht 03.08.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:03

Active IQ Unified Manager for VMware vSphere and Windows versions prior to 9.5 are susceptible to a vulnerability which allows administrative users to cause Denial of Service (DoS).

4.3

CVE-2020-16166

  • EPSS 1.68%
  • Veröffentlicht 30.07.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:06:53

The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c...

6.4

CVE-2020-15707

Exploit
  • EPSS 0.04%
  • Veröffentlicht 29.07.2020 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:06:04

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffe...

9.3

CVE-2020-8174

Exploit
  • EPSS 1.55%
  • Veröffentlicht 24.07.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:38:26

napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.

4

CVE-2020-14725

  • EPSS 0.16%
  • Veröffentlicht 24.07.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:03:59

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro...

7.4

CVE-2020-15778

Exploit
  • EPSS 61.48%
  • Veröffentlicht 24.07.2020 14:15:12
  • Zuletzt bearbeitet 28.07.2025 18:12:45

scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous arg...

4.9

CVE-2020-14702

  • EPSS 0.42%
  • Veröffentlicht 15.07.2020 18:15:34
  • Zuletzt bearbeitet 21.11.2024 05:03:55

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m...

7.2

CVE-2020-14697

  • EPSS 0.68%
  • Veröffentlicht 15.07.2020 18:15:33
  • Zuletzt bearbeitet 21.11.2024 05:03:54

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m...