Netapp

Active Iq Unified Manager

850 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-10757

Exploit
  • EPSS 0.71%
  • Veröffentlicht 09.06.2020 13:15:10
  • Zuletzt bearbeitet 21.11.2024 04:56:00

A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.

6.7

CVE-2020-13776

  • EPSS 0.14%
  • Veröffentlicht 03.06.2020 03:15:10
  • Zuletzt bearbeitet 09.06.2025 16:15:31

systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because...

6.5

CVE-2020-10719

  • EPSS 0.17%
  • Veröffentlicht 26.05.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:55:55

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.

6.1

CVE-2020-7656

Exploit
  • EPSS 1.11%
  • Veröffentlicht 19.05.2020 21:15:10
  • Zuletzt bearbeitet 21.11.2024 05:37:33

jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be...

6.5

CVE-2020-13143

  • EPSS 2.98%
  • Veröffentlicht 18.05.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:44

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753...

5.3

CVE-2020-12888

  • EPSS 0.1%
  • Veröffentlicht 15.05.2020 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:00:29

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

5.5

CVE-2020-12769

Exploit
  • EPSS 0.06%
  • Veröffentlicht 09.05.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:15

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

6.7

CVE-2020-12770

  • EPSS 0.04%
  • Veröffentlicht 09.05.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:15

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.

5.5

CVE-2020-12771

Exploit
  • EPSS 0.05%
  • Veröffentlicht 09.05.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:15

An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.

6.4

CVE-2020-10690

  • EPSS 0.13%
  • Veröffentlicht 08.05.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:55:51

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes ...