Vulnerabilities > Netapp > Active IQ Unified Manager
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-16 | CVE-2024-0567 | Improper Verification of Cryptographic Signature vulnerability in multiple products A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. | 7.5 |
2023-11-03 | CVE-2023-31102 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive. | 7.8 |
2023-11-01 | CVE-2023-5178 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. | 8.8 |
2023-10-18 | CVE-2023-38545 | Out-of-bounds Write vulnerability in multiple products This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. | 9.8 |
2023-10-14 | CVE-2023-45862 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. | 5.5 |
2023-10-05 | CVE-2023-40745 | Integer Overflow or Wraparound vulnerability in multiple products LibTIFF is vulnerable to an integer overflow. | 6.5 |
2023-09-21 | CVE-2023-41993 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products The issue was addressed with improved checks. | 8.8 |
2023-09-12 | CVE-2023-4813 | Use After Free vulnerability in multiple products A flaw was found in glibc. | 5.9 |
2023-09-12 | CVE-2023-4863 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. network low complexity google fedoraproject debian mozilla microsoft webmproject netapp bentley bandisoft CWE-787 | 8.8 |
2023-08-23 | CVE-2023-41105 | Untrusted Search Path vulnerability in multiple products An issue was discovered in Python 3.11 through 3.11.4. | 7.5 |