Vulnerabilities > Netapp > Active IQ Unified Manager

DATE CVE VULNERABILITY TITLE RISK
2023-10-18 CVE-2023-38545 Out-of-bounds Write vulnerability in multiple products
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only.
network
low complexity
haxx fedoraproject netapp microsoft CWE-787
critical
9.8
2023-10-14 CVE-2023-45862 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5.
local
low complexity
linux netapp CWE-770
5.5
2023-10-05 CVE-2023-40745 Integer Overflow or Wraparound vulnerability in multiple products
LibTIFF is vulnerable to an integer overflow.
network
low complexity
libtiff fedoraproject redhat netapp CWE-190
6.5
2023-09-21 CVE-2023-41993 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
The issue was addressed with improved checks.
8.8
2023-09-12 CVE-2023-4813 Use After Free vulnerability in multiple products
A flaw was found in glibc.
network
high complexity
gnu redhat fedoraproject netapp CWE-416
5.9
2023-09-12 CVE-2023-4863 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
8.8
2023-08-23 CVE-2023-41105 Untrusted Search Path vulnerability in multiple products
An issue was discovered in Python 3.11 through 3.11.4.
network
low complexity
python netapp CWE-426
7.5
2023-08-22 CVE-2020-19188 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
network
low complexity
gnu netapp CWE-787
6.5
2023-08-22 CVE-2020-19189 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
network
low complexity
gnu netapp debian CWE-787
6.5
2023-08-22 CVE-2020-19190 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
network
low complexity
gnu netapp CWE-787
6.5