Vulnerabilities > Netapp > Active IQ Unified Manager > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-19 | CVE-2022-21449 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). | 7.5 |
2022-04-19 | CVE-2022-21476 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). | 7.5 |
2022-04-13 | CVE-2015-20107 | Command Injection vulnerability in multiple products In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. | 7.6 |
2022-04-08 | CVE-2022-28796 | Race Condition vulnerability in multiple products jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition. | 7.0 |
2022-03-25 | CVE-2018-25032 | Out-of-bounds Write vulnerability in multiple products zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | 7.5 |
2022-03-16 | CVE-2022-27223 | Improper Validation of Array Index vulnerability in multiple products In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. | 8.8 |
2022-03-11 | CVE-2020-36518 | Out-of-bounds Write vulnerability in multiple products jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. | 7.5 |
2022-03-10 | CVE-2022-26488 | Untrusted Search Path vulnerability in multiple products In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. | 7.0 |
2022-03-10 | CVE-2022-0891 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact | 7.1 |
2022-02-26 | CVE-2022-23308 | Use After Free vulnerability in multiple products valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. | 7.5 |