Active Iq Unified Manager Security Vulnerabilities and Issues — Active Iq Unified Manager CVE List

Lucene search

NetappActive Iq Unified Manager

10 matches found

CVE•added 2022/10/24 2:15 p.m.•397 views

CVE-2022-43680

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

7.5CVSS7.7AI score0.00244EPSS

CVE•added 2022/10/31 8:15 p.m.•374 views

CVE-2022-31690

Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client (via the browser) to the Authorization Server which...

8.1CVSS7.8AI score0.00194EPSS

CVE•added 2022/10/26 8:15 p.m.•189 views

CVE-2022-3705

A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to ad...

7.5CVSS6.7AI score0.00182EPSS

CVE•added 2022/10/21 8:15 p.m.•183 views

CVE-2022-3649

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch t...

7CVSS6.6AI score0.00078EPSS

CVE•added 2022/10/31 8:15 p.m.•158 views

CVE-2022-31692

Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies securit...

9.8CVSS9.2AI score0.06322EPSS

CVE•added 2022/10/21 4:15 p.m.•158 views

CVE-2022-3627

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7...

6.5CVSS7AI score0.00019EPSS

CVE•added 2022/10/21 4:15 p.m.•152 views

CVE-2022-3598

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.

6.5CVSS6.6AI score0.00032EPSS

CVE•added 2022/10/21 4:15 p.m.•148 views

CVE-2022-3597

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7...

6.5CVSS6.9AI score0.00017EPSS

CVE•added 2022/10/21 4:15 p.m.•146 views

CVE-2022-3599

LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.

6.5CVSS6.8AI score0.00024EPSS

CVE•added 2022/10/21 4:15 p.m.•120 views

CVE-2022-3626

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236...

6.5CVSS6.9AI score0.00026EPSS