Lucene search
K
NetappCloud Volumes Ontap Mediator

10 matches found

CVE
CVE
added 2024/02/26 12:0 a.m.8476 views

CVE-2024-26462

CVE-2024-26462 affects krb5 1.21.2 and is a memory-leak vulnerability in /krb5/src/kdc/ndr.c. The issue can cause memory exhaustion and potential denial of service; exploitation status is not provided in the documents, but related advisories/patches indicate upgrading to 1.21.3 or newer to mitiga...

5.5CVSS9.1AI score0.00437EPSS
CVE
CVE
added 2024/02/26 12:0 a.m.6819 views

CVE-2024-26458

CVE-2024-26458 is documented in IBM Security Bulletins as affecting IBM Application Gateway (versions 23.10–25.09) with Kerberos 5 (krb5) 1.21.2 memory leak in /krb5/src/lib/rpc/pmap_rmt.c. IBM lists remediation: update to fixed IBM Application Gateway release and container image. Upgrading via d...

5.3CVSS9.1AI score0.00815EPSS
CVE
CVE
added 2024/02/26 12:0 a.m.4075 views

CVE-2024-26461

CVE-2024-26461 affects Kerberos 5 (krb5) 1.21.2, with a memory leak in /krb5/src/lib/gssapi/krb5/k5sealv3.c. Several advisories (e.g., AlmaLinux ALSA-2024:3268, Astra Linux bulletin, CBLMARINER entries) confirm the issue and indicate a patched version: krb5 1.21.3-1 (or newer). The connected docu...

7.5CVSS9.1AI score0.01128EPSS
CVE
CVE
added 2020/07/13 12:0 a.m.2545 views

CVE-2019-20907

CVE-2019-20907 affects Python’s tarfile handling (Lib/tarfile.py) up to Python 3.8.3. A crafted TAR archive can trigger an infinite loop when opened via tarfile.open because _proc_pax lacks header validation. Connected advisories confirm the issue is treated as a tarfile DoS, with patches release...

7.5CVSS7.6AI score0.06304EPSS
CVE
CVE
added 2022/03/15 5:5 p.m.1352 views

CVE-2022-0778

CVE-2022-0778 describes an infinite loop in BN_mod_sqrt() when parsing certain ASN.1 elliptic-curve parameters, enabling DoS during certificate or key processing. Affected OpenSSL versions include 1.0.2, 1.1.1, and 3.0 (specific ranges: 1.0.2 (1.0.2–1.0.2zc), 1.1.1 (1.1.1–1.1.1m), 3.0 (3.0.0–3.0....

7.5CVSS7.8AI score0.70561EPSS
In wildWeb
CVE
CVE
added 2021/03/25 2:25 p.m.813 views

CVE-2021-3449

CVE-2021-3449 affects OpenSSL 1.1.1.x where a TLSv1.2 server may crash (DoS) if it receives a renegotiation ClientHello that omits the signature_algorithms extension but includes signature_algorithms_cert. The issue is a NULL pointer dereference leading to a denial of service; OpenSSL clients are...

5.9CVSS6.7AI score0.62906EPSS
CVE
CVE
added 2021/03/25 2:25 p.m.564 views

CVE-2021-3450

CVE-2021-3450 affects OpenSSL 1.1.1h–1.1.1j where a bug in the X509_V_FLAG_X509_STRICT path overwrote a prior CA-check result, bypassing the non-CA certificates prohibition unless a programmed purpose is used. When a purpose is configured, the certificate chain is still rejected; the issue is fix...

7.4CVSS7.6AI score0.18339EPSS
CVE
CVE
added 2020/07/30 8:5 p.m.375 views

CVE-2020-16166

CVE-2020-16166 affects the Linux kernel by allowing remote observers to infer the network RNG internal state via drivers/char/random.c and kernel/time/timer.c. Affected platforms show fixes across multiple distributions: Debian LTS (linux package updates to 4.9.240-1/ -2; multiple CVEs), IBM advi...

4.3CVSS5.6AI score0.05228EPSS
CVE
CVE
added 2022/02/26 3:14 a.m.299 views

CVE-2020-36516

CVE-2020-36516 : Linux kernel (through 5.16.11) contains a flaw in the mixed IPID assignment method with a hash-based IPID policy that allows an off-path attacker to inject data into or terminate a victim’s TCP session. The issue affects the kernel’s TCP/IP handling and is documented in multiple ...

5.9CVSS6.2AI score0.00678EPSS
CVE
CVE
added 2022/05/25 2:49 p.m.123 views

CVE-2022-1678

CVE-2022-1678 affects Linux kernel 4.18–4.19, with memory/netns leaks due to improper sock reference handling in TCP pacing. Public Nessus/Unity advisories confirm the issue and reference kernel commits addressing the vulnerability; exploitation is described as remote via TCP pacing. Mitigation/r...

7.5CVSS7.2AI score0.02913EPSS