Ontap Select Deploy Administration Utility Security Vulnerabilities and Issues — Ontap Select Deploy Administration Utility CVE List

Lucene search

NetappOntap Select Deploy Administration Utility

11 matches found

CVE•added 2023/10/03 6:15 p.m.•1173 views

CVE-2023-4911

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS8.2AI score0.74608EPSS

CVE•added 2023/04/19 12:15 a.m.•1065 views

CVE-2023-27043

The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is gran...

5.3CVSS5.8AI score0.00115EPSS

CVE•added 2023/02/17 3:15 p.m.•996 views

CVE-2023-24329

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

7.5CVSS7.8AI score0.0105EPSS

CVE•added 2023/02/03 6:15 a.m.•806 views

CVE-2023-25136

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-p...

6.5CVSS6.8AI score0.90536EPSS

CVE•added 2023/07/25 9:15 p.m.•595 views

CVE-2023-37920

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by...

9.8CVSS9AI score0.00112EPSS

CVE•added 2023/08/31 10:15 a.m.•413 views

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a mor...

7.5CVSS7.4AI score0.00953EPSS

CVE•added 2023/07/14 12:15 p.m.•389 views

CVE-2023-2975

Issue summary: The AES-SIV cipher implementation contains a bug that causesit to ignore empty associated data entries which are unauthenticated asa consequence. Impact summary: Applications that use the AES-SIV algorithm and want toauthenticate empty data entries as associated data can be misled by...

5.3CVSS6.7AI score0.00137EPSS

CVE•added 2023/02/15 6:15 p.m.•233 views

CVE-2023-0361

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to s...

7.4CVSS7.3AI score0.02943EPSS

CVE•added 2023/07/17 9:15 p.m.•173 views

CVE-2023-38403

iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.

7.5CVSS7.6AI score0.01253EPSS

CVE•added 2023/08/22 7:16 p.m.•169 views

CVE-2022-48064

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.

5.5CVSS6AI score0.00009EPSS

CVE•added 2023/08/22 7:16 p.m.•167 views

CVE-2022-48065

GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.

5.5CVSS6.1AI score0.00019EPSS