Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ontap Select Deploy Administration Utility Security Vulnerabilities - 2023

cve
cve

CVE-2022-48064

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.

5.5CVSS

6AI Score

0.0005EPSS

2023-08-22 07:16 PM
116
cve
cve

CVE-2022-48065

GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.

5.5CVSS

6.1AI Score

0.0004EPSS

2023-08-22 07:16 PM
123
cve
cve

CVE-2023-0361

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to s...

7.4CVSS

7.3AI Score

0.002EPSS

2023-02-15 06:15 PM
184
cve
cve

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a mor...

7.5CVSS

7.4AI Score

0.001EPSS

2023-08-31 10:15 AM
337
cve
cve

CVE-2023-24329

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

7.5CVSS

7.8AI Score

0.002EPSS

2023-02-17 03:15 PM
768
cve
cve

CVE-2023-25136

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-p...

6.5CVSS

6.8AI Score

0.007EPSS

2023-02-03 06:15 AM
520
4
cve
cve

CVE-2023-2975

Issue summary: The AES-SIV cipher implementation contains a bug that causesit to ignore empty associated data entries which are unauthenticated asa consequence. Impact summary: Applications that use the AES-SIV algorithm and want toauthenticate empty data entries as associated data can be mislead b...

5.3CVSS

6AI Score

0.005EPSS

2023-07-14 12:15 PM
182
cve
cve

CVE-2023-38403

iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.

7.5CVSS

7.6AI Score

0.004EPSS

2023-07-17 09:15 PM
115