Active Iq Unified Manager Security Vulnerabilities and Issues — Active Iq Unified Manager CVE List

Lucene search

NetappActive Iq Unified Manager

10 matches found

CVE•added 2020/06/29 6:15 p.m.•16135 views

CVE-2020-14145

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports st...

5.9CVSS5.6AI score0.02201EPSS

CVE•added 2020/06/12 2:15 p.m.•508 views

CVE-2020-10732

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

4.4CVSS5.6AI score0.00046EPSS

CVE•added 2020/06/09 1:15 p.m.•446 views

CVE-2020-10757

A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.

7.8CVSS7.5AI score0.00771EPSS

CVE•added 2020/06/14 8:15 p.m.•388 views

CVE-2020-14061

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and orac...

8.1CVSS8.5AI score0.0615EPSS

CVE•added 2020/06/14 8:15 p.m.•368 views

CVE-2020-14062

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).

8.1CVSS8.6AI score0.07706EPSS

CVE•added 2020/06/16 4:15 p.m.•356 views

CVE-2020-14195

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).

8.1CVSS8.5AI score0.09511EPSS

CVE•added 2020/06/14 9:15 p.m.•351 views

CVE-2020-14060

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).

8.1CVSS8.6AI score0.08718EPSS

CVE•added 2020/06/15 5:15 p.m.•284 views

CVE-2020-14155

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

5.3CVSS6.4AI score0.00152EPSS

CVE•added 2020/06/03 3:15 a.m.•184 views

CVE-2020-13776

systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.

6.7CVSS8.1AI score0.00557EPSS

CVE•added 2020/06/15 10:15 p.m.•99 views

CVE-2020-4051

In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or equal to 1.16...

5.4CVSS4.7AI score0.00164EPSS