6 matches found
CVE-2019-7317
CVE-2019-7317 is a use-after-free involving png_image_free in libpng. A connected document ties this to the FLTK package, affecting versions less than 1.3.8-1, and states that upgrading to a later FLTK version resolves the issue. If applying this advisory, upgrade FLTK to 1.3.8-1 or newer for rem...
CVE-2022-23235
CVE-2022-23235 affects Active IQ Unified Manager on VMware vSphere, Linux, and Windows prior to version 9.10P1. The underlying issue is exposure of cluster, node, and Active IQ data via AutoSupport telemetry data that is sent even when AutoSupport is disabled, enabling information disclosure. Aff...
CVE-2020-8574
CVE-2020-8574 affects NetApp Active IQ Unified Manager for Linux prior to 9.6, where the Java Management Extensions (JMX) RMI service is enabled, enabling unauthorized code execution by local users. The connected sources confirm the issue is tied to the pre-9.6 Linux builds and describe local acc...
CVE-2022-23240
Active IQ Unified Manager for VMware vSphere, Linux, and Windows versions prior to 9.11P1 is affected. A vulnerability allows unauthorized users to update EMS Subscriptions through unspecified vectors. The affected product is NetApp Active IQ Unified Manager; the root cause and exact exploit path...
CVE-2022-23239
CVE-2022-23239 affects NetApp Active IQ Unified Manager prior to 9.11P1. The Red Hat and NVD/NVD-derived entries describe a Stored Cross-Site Scripting (XSS) vulnerability exploitable by administrative users via the web interface, caused by insufficient protection of the page structure. Affected ...
CVE-2020-8575
CVE-2020-8575 affects NetApp Active IQ Unified Manager for VMware vSphere and Windows prior to 9.5. Multiple connected documents (Red Hat, CNVD, CVE lists) consistently describe a vulnerability that allows administrative users to cause Denial of Service (DoS). The precise root cause, vulnerable c...