Lucene search
K
NetappOntap Select Deploy Administration Utility

179 matches found

CVE
CVE
added 2021/09/26 12:0 a.m.17250 views

CVE-2021-41617

CVE-2021-41617 affects OpenSSH sshd (versions 6.2–8.x prior to 8.8) where certain non-default configurations allow local privilege escalation because supplemental groups are not initialized as expected when AuthorizedKeysCommand/AuthorizedPrincipalsCommand run under a different user. This can cau...

7CVSS7.5AI score0.02367EPSS
CVE
CVE
added 2020/06/29 5:33 p.m.16503 views

CVE-2020-14145

The CVE-2020-14145 entry concerns the OpenSSH client, with versions 5.7–8.4 (and notes that 8.5/8.6 may also be affected) exhibiting an observable discrepancy in the algorithm negotiation that leads to information leakage. The impact is a potential man-in-the-middle attack during initial connecti...

5.9CVSS5.6AI score0.02057EPSS
CVE
CVE
added 2024/02/26 12:0 a.m.8477 views

CVE-2024-26462

CVE-2024-26462 affects krb5 1.21.2 and is a memory-leak vulnerability in /krb5/src/kdc/ndr.c. The issue can cause memory exhaustion and potential denial of service; exploitation status is not provided in the documents, but related advisories/patches indicate upgrading to 1.21.3 or newer to mitiga...

5.5CVSS9.1AI score0.00437EPSS
CVE
CVE
added 2021/09/15 7:32 p.m.7868 views

CVE-2016-20012

CVE-2016-20012 : OpenSSH up to 8.7 may leak information by testing whether a given username/public key combination is known to the SSH server, since a challenge is sent only if that combo could be valid for a login. This could enable user enumeration. The IBM bulletin notes the vendor does not re...

5.3CVSS5.4AI score0.05326EPSS
CVE
CVE
added 2024/07/01 12:37 p.m.7795 views

CVE-2024-6387

CVE-2024-6387 is a remote code-execution vulnerability in OpenSSH’s server (sshd) caused by a race condition in a signal handler that may run after a client fails to authenticate within LoginGraceTime. The issue is exploitable by an unauthenticated, remote attacker on glibc-based Linux systems, p...

8.1CVSS8.5AI score0.99506EPSS
In wild
CVE
CVE
added 2024/02/26 12:0 a.m.6824 views

CVE-2024-26458

CVE-2024-26458 is documented in IBM Security Bulletins as affecting IBM Application Gateway (versions 23.10–25.09) with Kerberos 5 (krb5) 1.21.2 memory leak in /krb5/src/lib/rpc/pmap_rmt.c. IBM lists remediation: update to fixed IBM Application Gateway release and container image. Upgrading via d...

5.3CVSS9.1AI score0.00815EPSS
CVE
CVE
added 2021/06/01 12:28 p.m.6321 views

CVE-2021-23017

CVE-2021-23017 affects nginx's resolver. A security issue arises from an off-by-one in ngx_resolver_copy when DNS labels are followed by a root-domain pointer, allowing a crafted UDP response to overwrite the least significant byte of the next heap chunk metadata. This can lead to a worker proces...

7.7CVSS6.3AI score0.53461EPSS
CVE
CVE
added 2021/01/26 12:0 a.m.4733 views

CVE-2021-3156

CVE-2021-3156 is a heap-based buffer overflow in sudo that enables privilege escalation to root. The issue arises in the argument parsing path and is exploitable via commands using sudoedit -s with a trailing backslash, leading to memory corruption. Affected release information in the provided do...

7.8CVSS8.3AI score0.99295EPSS
In wild
CVE
CVE
added 2024/02/26 12:0 a.m.4077 views

CVE-2024-26461

CVE-2024-26461 affects Kerberos 5 (krb5) 1.21.2, with a memory leak in /krb5/src/lib/gssapi/krb5/k5sealv3.c. Several advisories (e.g., AlmaLinux ALSA-2024:3268, Astra Linux bulletin, CBLMARINER entries) confirm the issue and indicate a patched version: krb5 1.21.3-1 (or newer). The connected docu...

7.5CVSS9.1AI score0.01128EPSS
CVE
CVE
added 2022/03/25 12:0 a.m.3261 views

CVE-2018-25032

CVE-2018-25032 affects zlib prior to 1.2.12 and causes memory corruption during deflate when the input contains many distant matches. The linked Astra Linux advisory reiterates the zlib memory corruption in zlib before 1.2.12, and multiple Mariner/CBL advisories show affected packages (e.g., teck...

7.5CVSS8.1AI score0.52063EPSS
CVE
CVE
added 2022/04/13 12:0 a.m.2934 views

CVE-2015-20107

The CVE-2015-20107 issue affects CPython’s mailcap module through Python 3.10.8 (and back-ported fixes to 3.7–3.9). Root cause: mailcap.findmatch does not escape system-mailcap commands, enabling shell-command injection when untrusted input is used (e.g., via unvalidated filenames/arguments). Doc...

8CVSS7.8AI score0.07269EPSS
CVE
CVE
added 2024/04/17 5:27 p.m.2470 views

CVE-2024-2961

CVE-2024-2961 affects the GNU C Library (glibc) versions 2.39 and older. The iconv() implementation may overflow the output buffer by up to 4 bytes when converting strings to ISO-2022-CN-EXT, potentially crashing the application or overwriting adjacent memory. Publicly documented in glibc advisor...

7.3CVSS8.4AI score0.8833EPSS
In wild
CVE
CVE
added 2016/11/10 9:0 p.m.2138 views

CVE-2016-5195

CVE-2016-5195 (Dirty COW) : A race condition in the Linux kernel’s memory management (mm/gup.c) allows a local user to gain write access to read‑only mappings via a faulty copy‑on‑write handling. Affected: kernel 2.x–4.x prior to 4.8.3. Exploitation was observed in the wild around Oct 2016. Impac...

7.2CVSS7.8AI score0.83524EPSS
In wild
CVE
CVE
added 2020/11/03 12:0 a.m.2124 views

CVE-2020-15999

CVE-2020-15999 corresponds to a heap-based buffer overflow in FreeType that can be triggered by crafted font/PNG data, potentially via a malicious HTML page, affecting freetype usage in Google Chrome before 86.0.4240.111. Public advisories describe the issue as a heap overflow in Load_SBit_Png an...

9.6CVSS7.1AI score0.5063EPSS
In wild
CVE
CVE
added 2021/01/19 12:0 a.m.2048 views

CVE-2021-3177

CVE-2021-3177: A buffer overflow in PyCArg_repr of Python’s ctypes (_ctypes/callproc.c) may allow remote code execution when untrusted floating-point input is passed (e.g., 1e300 to c_double.from_param) due to unsafe use of sprintf. Affected: Python 3.x up to 3.9.1. Remediation exists in multiple...

9.8CVSS9.3AI score0.23293EPSS
CVE
CVE
added 2021/05/20 12:0 a.m.1885 views

CVE-2021-3426

CVE-2021-3426 corresponds to a vulnerability in Python’s pydoc where the getfile feature could be abused to read arbitrary files. The linked sources confirm the issue affects Python versions prior to specific releases (e.g., Python before 3.8.9, 3.9.3, and 3.10.0a7 per the CVE description) and no...

5.7CVSS5.6AI score0.01863EPSS
CVE
CVE
added 2023/10/03 5:25 p.m.1373 views

CVE-2023-4911

CVE-2023-4911 is a buffer overflow in the GNU C Library ld.so when processing GLIBC_TUNABLES, enabling local privilege escalation via malicious GLIBC_TUNABLES values when launching binaries with SUID. Affected: glibc, with versions older than 2.38-6 (per CBLMARINER:34733) and older listings notin...

7.8CVSS8.2AI score0.81422EPSS
In wild
CVE
CVE
added 2023/04/18 12:0 a.m.1279 views

CVE-2023-27043

CVE-2023-27043 : The Python email module (email/_parseaddr.py) misparses e-mail addresses with a special character, causing the addr-spec to be taken from the wrong RFC2822 header field. This can allow bypassing domain-based signup protections (e.g., restricting to @company.example.com). The Astr...

5.3CVSS5.8AI score0.02527EPSS
CVE
CVE
added 2023/02/17 12:0 a.m.1275 views

CVE-2023-24329

The CVE-2023-24329 issue is in Python's urllib.parse (before 3.11.4) where URLs starting with blank characters bypass blocklists. In practice, this can undermine domain/protocol filtering and potentially enable SSRF or related impacts as described. Affected versions include Python releases prior ...

7.5CVSS7.8AI score0.20459EPSS
CVE
CVE
added 2022/06/21 2:45 p.m.1250 views

CVE-2022-2068

The Connected documents corroborate CVE-2022-2068 as a real OpenSSL issue: c_rehash can pass certificate filenames to shell commands, enabling local command execution. Fixed in OpenSSL 3.0.4 (affecting 3.0.0–3.0.3), in OpenSSL 1.1.1p (affecting 1.1.1–1.1.1o), and in OpenSSL 1.0.2zf (affecting 1.0...

10CVSS9.2AI score0.96275EPSS
CVE
CVE
added 2022/08/05 12:0 a.m.1225 views

CVE-2022-37434

CVE-2022-37434 describes a heap-based buffer over-read/overflow in zlib’s inflate() (inflate.c) when handling a large gzip header extra field. The vulnerability is limited to code paths that call inflateGetHeader, and is fixed in subsequent zlib revisions. Connected advisories indicate affected e...

9.8CVSS9.9AI score0.16004EPSS
CVE
CVE
added 2022/03/04 12:0 a.m.1095 views

CVE-2021-3737

CVE-2021-3737 is a vulnerability in Python’s HTTP client where an improperly handled HTTP response from a server could cause the client script to enter an infinite loop, leading to CPU-based DoS and affecting availability. The issue is documented across multiple advisories and packages (e.g., Pyt...

7.5CVSS7.6AI score0.11586EPSS
CVE
CVE
added 2022/08/23 12:0 a.m.1047 views

CVE-2022-31676

Summary: CVE-2022-31676 affects VMware Tools / open-vm-tools (versions including 12.0.0, 11.x.y, 10.x.y). A local non-administrative guest OS user can escalate privileges to root inside the VM. Root cause / impact: Local privilege escalation within the guest VM as described in multiple security a...

7.8CVSS7.8AI score0.0054EPSS
CVE
CVE
added 2023/02/03 12:0 a.m.945 views

CVE-2023-25136

OpenSSH sshd 9.1 contains a pre-authentication double-free in the handling of options.kex_algorithms, fixed in 9.2. Public reports note a remote, unauthenticated attacker could potentially jump to arbitrary addresses in sshd’s address space, with one third-party saying remote code execution is th...

6.5CVSS6.8AI score0.89955EPSS
CVE
CVE
added 2019/02/27 11:0 p.m.927 views

CVE-2019-1559

OpenSSL vulnerability CVE-2019-1559 describes a padding-oracle weakness where, if an application encounters a fatal protocol error and then calls SSL_shutdown() twice (to send close_notify and to receive one), the server may respond differently to a 0-byte record with invalid padding versus inval...

5.9CVSS6.3AI score0.17139EPSS
CVE
CVE
added 2022/03/07 12:0 a.m.878 views

CVE-2021-3733

CVE-2021-3733 describes a Regular Expression Denial of Service (ReDoS) in urllib’s AbstractBasicAuthHandler. An attacker who controls a malicious HTTP server that a client connects to can trigger a ReDoS during an authentication request with a crafted payload, potentially affecting availability o...

6.5CVSS7.1AI score0.04675EPSS
CVE
CVE
added 2022/02/09 12:0 a.m.878 views

CVE-2022-0391

CVE-2022-0391 affects the Python urllib.parse.urlparse path handling, where input is not sanitized and allows literal CR/LF characters, enabling crafted URLs to trigger injection-like issues. Public docs (Python history, Debian LTS/DLA notes, Astra Linux bulletin) corroborate that the vulnerabili...

7.5CVSS7.4AI score0.08325EPSS
CVE
CVE
added 2021/02/15 12:15 p.m.820 views

CVE-2021-23336

CVE-2021-23336 affects Python CPython across multiple branches (0 and before 3.6.13; 3.7.0 before 3.7.10; 3.8.0 before 3.8.8; 3.9.0 before 3.9.2). The vulnerability is Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs using parameter cloaking with semicolons, causing the pr...

5.9CVSS7.6AI score0.35963EPSS
CVE
CVE
added 2021/03/25 2:25 p.m.813 views

CVE-2021-3449

CVE-2021-3449 affects OpenSSL 1.1.1.x where a TLSv1.2 server may crash (DoS) if it receives a renegotiation ClientHello that omits the signature_algorithms extension but includes signature_algorithms_cert. The issue is a NULL pointer dereference leading to a denial of service; OpenSSL clients are...

5.9CVSS6.7AI score0.62906EPSS
CVE
CVE
added 2022/08/24 12:0 a.m.811 views

CVE-2021-4189

CVE-2021-4189 affects Python’s FTP (ftplib) client: in PASV mode it trusts the host from the PASV response by default, enabling a malicious FTP server to trick clients into connecting back to an attacker-specified IP/port (potential port scanning). Debian LTS postings and other advisories explici...

5.3CVSS6.2AI score0.02602EPSS
CVE
CVE
added 2023/07/25 8:45 p.m.723 views

CVE-2023-37920

CVE-2023-37920 affects the Python Certifi package: Certifi before 2023.07.22 includes the e-Tugra root certificates, which were removed in 2023.07.22 due to security concerns. The vulnerability is documented with high/critical impact in CVSS vectors across sources, and advisories across multiple ...

9.8CVSS9AI score0.00468EPSS
CVE
CVE
added 2022/02/23 12:0 a.m.705 views

CVE-2022-24407

CVE-2022-24407 affects Cyrus SASL 2.1.17–2.1.27 (before 2.1.28); the SQL plugin (plugins/sql.c) fails to escape passwords in SQL INSERT/UPDATE, allowing a remote attacker to execute arbitrary SQL commands. This can enable privilege/escalation scenarios as described in vendor advisories. The mitig...

8.8CVSS9.1AI score0.04123EPSS
CVE
CVE
added 2019/09/09 4:7 p.m.696 views

CVE-2019-16168

CVE-2019-16168 affects SQLite up to version 3.29.0, whereLoopAddBtreeIndex in sqlite3.c may crash a browser/application due to missing validation of sqlite_stat1 sz, described as a severe division by zero in the query planner. Connected documents show multiple advisories referencing the fix in SQ...

6.5CVSS7AI score0.04253EPSS
CVE
CVE
added 2021/06/02 12:32 p.m.673 views

CVE-2021-3520

CVE-2021-3520 affects the lz4 library and is caused by an integer overflow that can lead to memmove being called with a negative size, resulting in out-of-bounds writes or a crash. Documented impacts emphasize availability (with possible confidentiality/integrity impact). Concrete remediation det...

9.8CVSS9.3AI score0.03216EPSS
CVE
CVE
added 2021/04/05 9:31 p.m.654 views

CVE-2021-20305

CVE-2021-20305 affects Nettle prior to 3.7.2 where signature verification (GOST DSA, EDDSA, ECDSA) calls ECC multiply with out-of-range scalars, potentially producing incorrect results and allowing an attacker to force an invalid signature (leading to assertion failure or validation issues). Docu...

8.1CVSS6.7AI score0.01607EPSS
CVE
CVE
added 2021/05/14 7:50 p.m.618 views

CVE-2021-3537

Summary: CVE-2021-3537 affects libxml2 up to 2.9.11. In XML mixed content parsing, errors were not propagated, causing a NULL dereference when an untrusted document is parsed in recovery mode and post-validated, with availability as the highest impact. The connected documents confirm the vulnerab...

5.9CVSS7AI score0.03503EPSS
In wild
CVE
CVE
added 2021/05/19 1:45 p.m.614 views

CVE-2021-3517

CVE-2021-3517 is a libxml2 vulnerability affecting versions before 2.9.11. A flaw in the xml entity encoding functionality could allow processing of a crafted XML file to trigger an out‑of‑bounds read, with availability impact and potential confidentiality/integrity impact if memory information i...

8.6CVSS8.4AI score0.0828EPSS
CVE
CVE
added 2019/03/21 8:13 p.m.613 views

CVE-2019-3855

CVE-2019-3855 is a libssh2 integer overflow in the transport read path that may cause an out-of-bounds write when processing server packets. The issue appears in libssh2 prior to 1.8.1 and could enable code exposure or other impact if a user connects to a malicious SSH server. Connected advisorie...

9.3CVSS8.7AI score0.09219EPSS
CVE
CVE
added 2021/01/04 12:0 a.m.608 views

CVE-2019-25013

CVE-2019-25013 affects the GNU C Library (glibc) iconv, where processing invalid multi-byte input in EUC-KR can cause a buffer over-read. Connected advisories confirm the issue and map it to glibc versions affected (through 2.32) and note that Debian, AlmaLinux/Alma or Amazon Linux advisories add...

7.1CVSS6.8AI score0.03538EPSS
CVE
CVE
added 2022/11/09 12:0 a.m.594 views

CVE-2022-45061

CVE-2022-45061 affects Python’s IDNA decoder; an unnecessary quadratic path may cause CPU DoS when processing long hostnames (e.g., in Location headers). Affects Python before 3.11.1; the fix is planned/has been released in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16. Affected advisories (e.g., AL...

7.5CVSS7.7AI score0.02453EPSS
CVE
CVE
added 2019/10/21 12:0 a.m.583 views

CVE-2019-17498

CVE-2019-17498 is an integer overflow in libssh2’s SSH_MSG_DISCONNECT bounds check (packet.c) on v1.9.0 and earlier. This can let a crafted SSH server cause an out-of-bounds memory read, enabling information disclosure or denial of service on the client. Public advisories confirm patches/upgrades...

8.1CVSS8.1AI score0.03793EPSS
CVE
CVE
added 2020/01/21 10:53 p.m.573 views

CVE-2019-20388

CVE-2019-20388 affects libxml2 2.9.10. The Broadcom advisory BSNSA36819 confirms a memory leak in xmlSchemaValidateStream (xmlschemas.c) that can impact availability (memory exhaustion) when processing XML schemas. Affected component: libxml2’s xmlSchemaValidateStream; root cause relates to a lea...

7.5CVSS7.6AI score0.04268EPSS
CVE
CVE
added 2021/03/25 2:25 p.m.564 views

CVE-2021-3450

CVE-2021-3450 affects OpenSSL 1.1.1h–1.1.1j where a bug in the X509_V_FLAG_X509_STRICT path overwrote a prior CA-check result, bypassing the non-CA certificates prohibition unless a programmed purpose is used. When a purpose is configured, the certificate chain is still rejected; the issue is fix...

7.4CVSS7.6AI score0.18339EPSS
CVE
CVE
added 2023/08/31 9:45 a.m.542 views

CVE-2023-20900

CVE-2023-20900 is a vulnerability in Open VMware Tools (open-vm-tools) where a malicious actor with Guest Operation Privileges may elevate to a higher privilege via a more-privileged Guest Alias in the VM. The connected documents confirm Open VM Tools is affected and describe a SAML token signatu...

7.5CVSS7.4AI score0.01193EPSS
CVE
CVE
added 2021/05/26 10:10 p.m.537 views

CVE-2021-25217

CVE-2021-25217 affects ISC DHCP (DHCP client/server) across multiple branches (notably 4.1-ESV-R16, 4.4.0–4.4.2; other 4.0/4.3 may be affected but untested). The vulnerability is a stack-based buffer overrun in parsing statements with colon-separated hex digits in config or lease files, potential...

7.4CVSS7.7AI score0.06118EPSS
CVE
CVE
added 2023/07/14 11:16 a.m.535 views

CVE-2023-2975

OpenSSL’s AES-SIV implementation has a bug where empty associated data is not authenticated, potentially allowing misordering/removal of empty AD entries. The issue is CVE-2023-2975. Multiple advisories (AlmaLinux ALAS2023-2023-306 and Broadcom/Brocade updates) confirm patches are available; reme...

5.3CVSS6.7AI score0.00525EPSS
CVE
CVE
added 2022/08/03 12:0 a.m.520 views

CVE-2022-35737

CVE-2022-35737 affects SQLite, with vulnerable versions 1.0.12–3.39.x, before 3.39.2. The issue is an array-bounds overflow triggered by very large string arguments to a C API, which can cause a crash and, in some advisories, potentially allow arbitrary code execution. The documented fix is to up...

7.5CVSS7.8AI score0.17981EPSS
CVE
CVE
added 2024/07/05 6:39 p.m.511 views

CVE-2024-39689

Certifi-2024-39689 involves insufficient verification of data authenticity via the GlobalTrust root certificate. The issue stems from Certifi removing GLOBALTRUST roots in 2024.7.04, in line with Mozilla’s trust-store removals prompted by long-running compliance issues. Broadcom/BSNSA36222 confir...

7.5CVSS6AI score0.01049EPSS
CVE
CVE
added 2020/04/09 2:49 a.m.510 views

CVE-2020-11655

SQLite through 3.31.1 is vulnerable to denial of service via a malformed window-function query caused by improper AggInfo initialization (CVE-2020-11655). Affected is the sqlite3 library used across distributions and apps; exploitation leads to segmentation faults. Remediation in the connected ad...

7.5CVSS7.9AI score0.04223EPSS
CVE
CVE
added 2021/07/09 4:2 p.m.507 views

CVE-2021-3541

CVE-2021-3541 describes a vulnerability in libxml2 where exponential entity expansion can bypass protections and cause a denial of service. The Initial Description confirms the flaw and its DoS impact, and connected documents (e.g., Astra Linux bulletin and BSNSA entries) reiterate libxml2 involv...

6.5CVSS7AI score0.01861EPSS
Total number of security vulnerabilities179