Vulnerabilities > Netapp > Active IQ Unified Manager

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2022-48564 Resource Exhaustion vulnerability in multiple products
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
network
low complexity
python netapp CWE-400
6.5
6.5
2023-08-22 CVE-2022-48566 Race Condition vulnerability in multiple products
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1.
network
high complexity
python debian netapp CWE-362
5.9
5.9
2023-08-22 CVE-2020-19185 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
network
low complexity
gnu netapp CWE-787
6.5
6.5
2023-08-22 CVE-2020-19186 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
network
low complexity
gnu netapp CWE-787
6.5
6.5
2023-08-22 CVE-2020-19187 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
network
low complexity
gnu netapp CWE-787
6.5
6.5
2023-08-07 CVE-2023-36054 Access of Uninitialized Pointer vulnerability in multiple products
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer.
network
low complexity
mit debian netapp CWE-824
6.5
6.5
2023-07-20 CVE-2022-28734 Out-of-bounds Write vulnerability in multiple products
Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position.
network
high complexity
gnu netapp CWE-787
7.0
7.0
2023-07-18 CVE-2023-22005 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication).
network
high complexity
oracle fedoraproject netapp
4.4
4.4
2023-07-18 CVE-2023-22006 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking).
network
high complexity
oracle debian netapp
3.1
3.1
2023-07-18 CVE-2023-22008 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
network
low complexity
oracle fedoraproject netapp
4.9
4.9