Netapp

Active Iq Unified Manager

846 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2024-26462

Exploit
  • EPSS 0.02%
  • Veröffentlicht 29.02.2024 01:44:18
  • Zuletzt bearbeitet 25.03.2025 20:15:21

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.

7.5

CVE-2024-22201

  • EPSS 0.45%
  • Veröffentlicht 26.02.2024 16:27:56
  • Zuletzt bearbeitet 13.02.2025 18:16:46

Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file d...

8.1

CVE-2024-22243

  • EPSS 55.8%
  • Veröffentlicht 23.02.2024 05:15:08
  • Zuletzt bearbeitet 13.02.2025 18:16:47

Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/6...

7.5

CVE-2024-1635

  • EPSS 8.33%
  • Veröffentlicht 19.02.2024 22:15:48
  • Zuletzt bearbeitet 07.05.2025 12:27:53

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immedia...

7.5

CVE-2023-6516

  • EPSS 0.18%
  • Veröffentlicht 13.02.2024 14:15:46
  • Zuletzt bearbeitet 21.11.2024 08:44:00

To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that ca...

7.5

CVE-2023-5517

  • EPSS 0.16%
  • Veröffentlicht 13.02.2024 14:15:45
  • Zuletzt bearbeitet 21.11.2024 08:41:55

A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an a...

7.5

CVE-2023-5679

  • EPSS 0.14%
  • Veröffentlicht 13.02.2024 14:15:45
  • Zuletzt bearbeitet 29.03.2025 00:15:16

A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18...

5.3

CVE-2023-5680

  • EPSS 0.09%
  • Veröffentlicht 13.02.2024 14:15:45
  • Zuletzt bearbeitet 21.11.2024 08:42:15

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11....

7.5

CVE-2024-0567

Exploit
  • EPSS 1.19%
  • Veröffentlicht 16.01.2024 14:15:48
  • Zuletzt bearbeitet 21.11.2024 08:46:53

A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, r...

7.8

CVE-2023-31102

  • EPSS 37.4%
  • Veröffentlicht 03.11.2023 04:15:20
  • Zuletzt bearbeitet 21.11.2024 08:01:25

Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive.