Vulnerabilities > Netapp > Active IQ Unified Manager

DATE CVE VULNERABILITY TITLE RISK
2022-09-21 CVE-2022-38178 Memory Leak vulnerability in multiple products
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak.
network
low complexity
isc debian fedoraproject netapp CWE-401
7.5
2022-09-09 CVE-2022-2526 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in systemd.
network
low complexity
systemd-project netapp CWE-416
critical
9.8
2022-09-01 CVE-2022-2764 A flaw was found in Undertow.
network
low complexity
redhat netapp
4.9
2022-08-31 CVE-2022-1259 Resource Exhaustion vulnerability in multiple products
A flaw was found in Undertow.
network
low complexity
redhat netapp CWE-400
7.5
2022-08-31 CVE-2022-1319 Unchecked Return Value vulnerability in multiple products
A flaw was found in Undertow.
network
low complexity
redhat netapp CWE-252
7.5
2022-08-29 CVE-2022-1199 Use After Free vulnerability in multiple products
A flaw was found in the Linux kernel.
network
low complexity
linux redhat netapp CWE-416
7.5
2022-08-25 CVE-2022-23235 Unspecified vulnerability in Netapp Active IQ Unified Manager
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when AutoSupport has been disabled.
network
low complexity
netapp
5.3
2022-08-24 CVE-2021-4209 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in GnuTLS.
network
low complexity
gnu redhat netapp CWE-476
6.5
2022-08-23 CVE-2021-3800 Information Exposure vulnerability in multiple products
A flaw was found in glib before version 2.63.6.
local
low complexity
gnome debian netapp CWE-200
5.5
2022-08-23 CVE-2022-35278 Cross-site Scripting vulnerability in multiple products
In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.
network
low complexity
apache netapp CWE-79
6.1