Netapp

Ontap Tools

30 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-28757

Exploit
  • EPSS 0.64%
  • Veröffentlicht 10.03.2024 05:15:06
  • Zuletzt bearbeitet 28.03.2025 19:15:21

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

9.8

CVE-2024-1351

  • EPSS 0.2%
  • Veröffentlicht 07.03.2024 17:15:12
  • Zuletzt bearbeitet 11.03.2025 16:56:35

Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer certificate validation which may result in untrusted connections to succeed. This may effectively reduce the security guarantees provided by TLS and open connect...

4.4

CVE-2023-52433

  • EPSS 0.02%
  • Veröffentlicht 20.02.2024 13:15:08
  • Zuletzt bearbeitet 25.03.2025 16:14:59

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elem...

7.4

CVE-2024-0565

  • EPSS 0.07%
  • Veröffentlicht 15.01.2024 20:15:43
  • Zuletzt bearbeitet 21.11.2024 08:46:53

An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.

6.5

CVE-2023-36054

  • EPSS 0.65%
  • Veröffentlicht 07.08.2023 19:15:09
  • Zuletzt bearbeitet 21.11.2024 08:09:15

lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate t...

7.5

CVE-2023-2953

  • EPSS 1.11%
  • Veröffentlicht 30.05.2023 22:15:10
  • Zuletzt bearbeitet 10.01.2025 22:15:23

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

10

CVE-2021-44228

Warnung Exploit
  • EPSS 94.36%
  • Veröffentlicht 10.12.2021 10:15:09
  • Zuletzt bearbeitet 08.08.2025 18:52:00

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An atta...

7.8

CVE-2021-28165

Exploit
  • EPSS 13.15%
  • Veröffentlicht 01.04.2021 15:15:14
  • Zuletzt bearbeitet 27.08.2025 21:15:37

In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.

7.8

CVE-2021-3156

Warnung Exploit
  • EPSS 92.26%
  • Veröffentlicht 26.01.2021 21:15:12
  • Zuletzt bearbeitet 03.04.2025 19:47:48

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

7.4

CVE-2020-13817

  • EPSS 0.38%
  • Veröffentlicht 04.06.2020 13:15:11
  • Zuletzt bearbeitet 05.05.2025 17:15:59

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated ...