Vulnerabilities > Netapp > Active IQ Unified Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-21 | CVE-2022-3627 | Out-of-bounds Write vulnerability in multiple products LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
| 2022-09-21 | CVE-2022-38177 | Memory Leak vulnerability in multiple products By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. | 7.5 |
| 2022-09-21 | CVE-2022-38178 | Memory Leak vulnerability in multiple products By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. | 7.5 |
| 2022-09-09 | CVE-2022-2526 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in systemd. | 9.8 |
| 2022-09-01 | CVE-2022-2764 | A flaw was found in Undertow. | 4.9 |
| 2022-08-31 | CVE-2022-1259 | Resource Exhaustion vulnerability in multiple products A flaw was found in Undertow. | 7.5 |
| 2022-08-31 | CVE-2022-1319 | Unchecked Return Value vulnerability in multiple products A flaw was found in Undertow. | 7.5 |
| 2022-08-29 | CVE-2022-1199 | Use After Free vulnerability in multiple products A flaw was found in the Linux kernel. | 7.5 |
| 2022-08-25 | CVE-2022-23235 | Unspecified vulnerability in Netapp Active IQ Unified Manager Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when AutoSupport has been disabled. | 5.3 |
| 2022-08-24 | CVE-2021-4209 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in GnuTLS. | 6.5 |