Vulnerabilities > Netapp > Active IQ Unified Manager

DATE CVE VULNERABILITY TITLE RISK
2021-02-15 CVE-2021-27218 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2021-02-15 CVE-2021-23337 Code Injection vulnerability in multiple products
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
network
low complexity
lodash oracle netapp siemens CWE-94
6.5
2021-02-08 CVE-2021-21290 Creation of Temporary File in Directory with Incorrect Permissions vulnerability in multiple products
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
local
low complexity
netty debian quarkus oracle netapp CWE-379
5.5
2021-01-26 CVE-2021-3156 Off-by-one Error vulnerability in multiple products
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
7.8
2021-01-20 CVE-2021-2011 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API).
network
high complexity
oracle fedoraproject netapp mariadb
5.9
2021-01-20 CVE-2021-2010 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API).
network
high complexity
oracle fedoraproject netapp
4.2
2021-01-20 CVE-2021-2007 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API).
network
high complexity
oracle fedoraproject netapp mariadb
3.7
2021-01-20 CVE-2021-2006 Vulnerability in the MySQL Client product of Oracle MySQL (component: C API).
network
high complexity
oracle fedoraproject netapp
5.3
2021-01-20 CVE-2021-1998 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle fedoraproject netapp
3.8
2021-01-19 CVE-2021-20190 Deserialization of Untrusted Data vulnerability in multiple products
A flaw was found in jackson-databind before 2.9.10.7.
network
high complexity
fasterxml netapp apache debian oracle CWE-502
8.1