Active Iq Unified Manager Security Vulnerabilities and Issues — Active Iq Unified Manager CVE List

Lucene search

NetappActive Iq Unified Manager

10 matches found

CVE•added 2021/07/09 5:15 p.m.•404 views

CVE-2021-3541

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

6.5CVSS7AI score0.00065EPSS

CVE•added 2021/07/21 3:15 p.m.•389 views

CVE-2021-2389

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Su...

7.1CVSS5.4AI score0.00494EPSS

CVE•added 2021/07/22 6:15 p.m.•364 views

CVE-2021-35942

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but ...

9.1CVSS9.4AI score0.01204EPSS

CVE•added 2021/07/13 8:15 a.m.•359 views

CVE-2021-36090

When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package.

7.5CVSS7.5AI score0.00279EPSS

CVE•added 2021/07/21 3:15 p.m.•357 views

CVE-2021-2372

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Su...

4.4CVSS4.5AI score0.00234EPSS

CVE•added 2021/07/22 6:15 p.m.•334 views

CVE-2021-36222

ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.

7.5CVSS7.4AI score0.05576EPSS

CVE•added 2021/07/13 8:15 a.m.•278 views

CVE-2021-35515

When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package.

7.5CVSS7.2AI score0.0012EPSS

CVE•added 2021/07/13 8:15 a.m.•274 views

CVE-2021-35517

When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar package.

7.5CVSS7.5AI score0.00314EPSS

CVE•added 2021/07/13 8:15 a.m.•254 views

CVE-2021-35516

When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz package.

7.5CVSS7.3AI score0.00311EPSS

CVE•added 2021/07/19 3:15 p.m.•115 views

CVE-2021-35043

OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). This was demonstrated by a javascript: URL with &#00058 as the replacement for the : character.

6.1CVSS5.9AI score0.00331EPSS