Vulnerabilities (CVE)

Filtered by vendor Netapp Subscribe
Filtered by product Active Iq Unified Manager
Total 663 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3626 3 Debian, Libtiff, Netapp 3 Debian Linux, Libtiff, Active Iq Unified Manager 2023-03-31 N/A 6.5 MEDIUM
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
CVE-2022-3598 3 Debian, Libtiff, Netapp 3 Debian Linux, Libtiff, Active Iq Unified Manager 2023-03-31 N/A 6.5 MEDIUM
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.
CVE-2019-11068 7 Canonical, Debian, Fedoraproject and 4 more 22 Ubuntu Linux, Debian Linux, Fedora and 19 more 2023-03-24 7.5 HIGH 9.8 CRITICAL
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
CVE-2019-16168 8 Canonical, Debian, Fedoraproject and 5 more 20 Ubuntu Linux, Debian Linux, Fedora and 17 more 2023-03-23 4.3 MEDIUM 6.5 MEDIUM
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
CVE-2022-1587 4 Fedoraproject, Netapp, Pcre and 1 more 17 Fedora, Active Iq Unified Manager, H300s and 14 more 2023-03-16 6.4 MEDIUM 9.1 CRITICAL
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.
CVE-2022-1586 4 Fedoraproject, Netapp, Pcre and 1 more 17 Fedora, Active Iq Unified Manager, H300s and 14 more 2023-03-16 6.4 MEDIUM 9.1 CRITICAL
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
CVE-2022-23239 1 Netapp 1 Active Iq Unified Manager 2023-03-10 N/A 4.8 MEDIUM
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting (XSS) attack.
CVE-2022-23240 1 Netapp 1 Active Iq Unified Manager 2023-03-10 N/A 6.5 MEDIUM
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors.
CVE-2022-43945 2 Linux, Netapp 12 Linux Kernel, Active Iq Unified Manager, H300s and 9 more 2023-03-08 N/A 7.5 HIGH
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2019-15098 5 Canonical, Debian, Linux and 2 more 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
CVE-2019-15212 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
CVE-2019-13990 4 Apache, Netapp, Oracle and 1 more 30 Tomee, Active Iq Unified Manager, Cloud Secure Agent and 27 more 2023-03-03 7.5 HIGH 9.8 CRITICAL
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
CVE-2019-15217 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
CVE-2019-15218 6 Canonical, Debian, Linux and 3 more 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
CVE-2019-15219 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
CVE-2019-15220 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
CVE-2019-15221 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
CVE-2019-15222 3 Linux, Netapp, Opensuse 8 Linux Kernel, Active Iq Unified Manager, Baseboard Management Controller H410c and 5 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.
CVE-2019-15223 3 Canonical, Linux, Netapp 8 Ubuntu Linux, Linux Kernel, Active Iq Unified Manager and 5 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.
CVE-2019-15216 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.