Netapp

Active Iq Unified Manager

848 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2020-14145

  • EPSS 1.25%
  • Veröffentlicht 29.06.2020 18:15:11
  • Zuletzt bearbeitet 18.12.2025 15:15:48

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has ...

8.1

CVE-2020-14195

  • EPSS 9.51%
  • Veröffentlicht 16.06.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:02:50

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).

5.4

CVE-2020-4051

  • EPSS 0.22%
  • Veröffentlicht 15.06.2020 22:15:09
  • Zuletzt bearbeitet 21.11.2024 05:32:13

In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and le...

5.3

CVE-2020-14155

  • EPSS 0.23%
  • Veröffentlicht 15.06.2020 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:02:45

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

8.1

CVE-2020-14060

  • EPSS 8.72%
  • Veröffentlicht 14.06.2020 21:15:09
  • Zuletzt bearbeitet 21.11.2024 05:02:27

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).

8.1

CVE-2020-14061

  • EPSS 6.15%
  • Veröffentlicht 14.06.2020 20:15:10
  • Zuletzt bearbeitet 27.08.2025 21:15:35

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, o...

8.1

CVE-2020-14062

  • EPSS 7.71%
  • Veröffentlicht 14.06.2020 20:15:10
  • Zuletzt bearbeitet 21.11.2024 05:02:28

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).

4.4

CVE-2020-10732

  • EPSS 0.04%
  • Veröffentlicht 12.06.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:55:57

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

7.8

CVE-2020-10757

Exploit
  • EPSS 0.7%
  • Veröffentlicht 09.06.2020 13:15:10
  • Zuletzt bearbeitet 21.11.2024 04:56:00

A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.

6.7

CVE-2020-13776

  • EPSS 0.13%
  • Veröffentlicht 03.06.2020 03:15:10
  • Zuletzt bearbeitet 09.06.2025 16:15:31

systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because...