Active IQ Unified Manager

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-29	CVE-2022-1199	A flaw was found in the Linux kernel. network low complexity linux redhat netapp	7.5
2022-08-25	CVE-2022-23235	Unspecified vulnerability in Netapp Active IQ Unified Manager Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when AutoSupport has been disabled. network low complexity netapp	5.3
2022-08-24	CVE-2021-4209	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in GnuTLS. network low complexity gnu redhat netapp CWE-476	6.5
2022-08-23	CVE-2021-3800	A flaw was found in glib before version 2.63.6. local low complexity gnome debian netapp	5.5
2022-08-23	CVE-2022-35278	Cross-site Scripting vulnerability in multiple products In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue. network low complexity apache netapp CWE-79	6.1
2022-08-05	CVE-2022-37434	Out-of-bounds Write vulnerability in multiple products zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. network low complexity zlib fedoraproject debian netapp apple stormshield CWE-787 critical	9.8
2022-07-29	CVE-2022-34526	Out-of-bounds Write vulnerability in multiple products A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. network low complexity libtiff fedoraproject netapp debian CWE-787	6.5
2022-07-27	CVE-2022-36946	nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. network low complexity linux debian netapp	7.5
2022-07-27	CVE-2022-36879	An issue was discovered in the Linux kernel through 5.18.14. local low complexity linux debian netapp	5.5
2022-07-19	CVE-2022-34169	Incorrect Conversion between Numeric Types vulnerability in multiple products The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. network low complexity apache debian oracle fedoraproject netapp azul CWE-681	7.5