Netapp

Active Iq Unified Manager

846 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2019-11815

Exploit
  • EPSS 1.19%
  • Veröffentlicht 08.05.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:21:49

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.

9.3

CVE-2018-20836

  • EPSS 3.96%
  • Veröffentlicht 07.05.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:02:16

An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.

9.8

CVE-2019-11068

  • EPSS 1.01%
  • Veröffentlicht 10.04.2019 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:28

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is su...

10

CVE-2019-10125

Exploit
  • EPSS 4.27%
  • Veröffentlicht 27.03.2019 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:18:27

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and t...

5.9

CVE-2019-1559

  • EPSS 4.96%
  • Veröffentlicht 27.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:36:48

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid...

9.8

CVE-2019-3822

Exploit
  • EPSS 27.87%
  • Veröffentlicht 06.02.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:36

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents...

5.3

CVE-2019-7317

Exploit
  • EPSS 0.57%
  • Veröffentlicht 04.02.2019 08:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:00

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

6.4

CVE-2019-2503

  • EPSS 0.15%
  • Veröffentlicht 16.01.2019 19:30:34
  • Zuletzt bearbeitet 21.11.2024 04:41:00

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low p...

4.9

CVE-2019-2510

  • EPSS 0.12%
  • Veröffentlicht 16.01.2019 19:30:34
  • Zuletzt bearbeitet 21.11.2024 04:41:01

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access v...

8.1

CVE-2019-2435

  • EPSS 3.24%
  • Veröffentlicht 16.01.2019 19:30:32
  • Zuletzt bearbeitet 21.11.2024 04:40:52

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with net...