Lucene search
K
NetappOntap Tools

29 matches found

CVE
CVE
added 2024/03/10 12:0 a.m.8334 views

CVE-2024-28757

The CVE-2024-28757 entry concerns libexpat up to version 2.6.1, where XML External Entity (XXE) processing can be triggered when isolated external parsers are used (XML_ExternalEntityParserCreate). The impact is denial of service or resource exhaustion (availability impact: HIGH) with CVSS v3.1 b...

7.5CVSS7.4AI score0.02006EPSS
CVE
CVE
added 2024/07/01 12:37 p.m.7768 views

CVE-2024-6387

CVE-2024-6387 is a remote code-execution vulnerability in OpenSSH’s server (sshd) caused by a race condition in a signal handler that may run after a client fails to authenticate within LoginGraceTime. The issue is exploitable by an unauthenticated, remote attacker on glibc-based Linux systems, p...

8.1CVSS8.5AI score0.99506EPSS
In wild
CVE
CVE
added 2021/12/10 12:0 a.m.6867 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wildWeb
CVE
CVE
added 2024/02/20 12:52 p.m.6331 views

CVE-2023-52433

CVE-2023-52433 refers to a Linux kernel issue in netfilter nft_set_rbtree where new elements within a single transaction may expire before the transaction ends. To avoid a commit path walking over an already released object, the code skips sync garbage collection (GC) for those elements during th...

4.4CVSS5.7AI score0.00265EPSS
CVE
CVE
added 2024/09/19 12:18 a.m.6265 views

CVE-2024-7254

CVE-2024-7254 describes a stack overflow DoS in parsers when handling untrusted Protocol Buffers data with deeply nested SGROUP/group structures. The root cause is unbounded recursion when parsing unknown fields (DiscardUnknownFieldsParser) or Java Protobuf Lite against nested groups or map field...

8.7CVSS6.8AI score0.02772EPSS
CVE
CVE
added 2024/04/04 7:19 p.m.4941 views

CVE-2023-38709

CVE-2023-38709 describes HTTP response splitting in the core of Apache HTTP Server caused by faulty input validation. It affects Apache HTTP Server up to version 2.4.58; multiple advisories (e.g., Astra Linux, AlmaLinux, Alpine Linux) note that upgrading to 2.4.64 fixes the issue. Some sources in...

7.3CVSS7.1AI score0.03914EPSS
CVE
CVE
added 2021/01/26 12:0 a.m.4728 views

CVE-2021-3156

CVE-2021-3156 is a heap-based buffer overflow in sudo that enables privilege escalation to root. The issue arises in the argument parsing path and is exploitable via commands using sudoedit -s with a trailing backslash, leading to memory corruption. Affected release information in the provided do...

7.8CVSS8.3AI score0.99295EPSS
In wild
CVE
CVE
added 2024/07/04 8:36 a.m.4129 views

CVE-2024-39884

CVE-2024-39884 affects Apache HTTP Server (notably 2.4.60 and older) where legacy content-type based configuration (e.g., AddType) could cause source code disclosure for indirectly requested files, potentially exposing local content (e.g., PHP scripts being served). Affected vendors consistently ...

6.2CVSS7.4AI score0.00889EPSS
CVE
CVE
added 2024/04/04 7:20 p.m.3872 views

CVE-2024-24795

CVE-2024-24795 (httpd) describes HTTP response splitting in multiple Apache HTTP Server modules when malicious response headers can be injected into backend applications, enabling HTTP desynchronization. The vulnerability is mitigated by upgrading to Apache HTTP Server 2.4.59, as indicated across...

6.3CVSS7AI score0.02874EPSS
CVE
CVE
added 2024/05/07 12:0 a.m.2788 views

CVE-2024-34397

GLib vulnerability CVE-2024-34397: a GDBus signal-subscription spoofing flaw allows non-trusted local users on shared systems to inject spoofed D-Bus signals, potentially making a GDBus client misbehave (application-dependent impact). Affected: GLib’s GDBus-based clients; vulnerable in GLib up to...

5.2CVSS6.2AI score0.00756EPSS
CVE
CVE
added 2020/06/04 12:31 p.m.563 views

CVE-2020-13817

CVE-2020-13817 affects ntp’s ntpd prior to 4.2.8p14 and 4.3.x prior to 4.3.100. An off‑path attacker can predict transmit timestamps in spoofed UDP packets to remote ntpd, causing a DoS via daemon exit or system time change when the victim relies on unauthenticated IPv4 time sources. Connected so...

7.4CVSS7.2AI score0.04071EPSS
CVE
CVE
added 2021/04/01 2:20 p.m.561 views

CVE-2021-28165

The CVE-2021-28165 issue affects Eclipse Jetty versions 7.2.2–9.4.38, 10.0.0.alpha0–10.0.1, and 11.0.0.alpha0–11.0.1, where handling a large invalid TLS frame can cause CPU usage to reach 100%, leading to resource exhaustion. The underlying cause is described as abnormal processing after receivin...

7.8CVSS7.3AI score0.53861EPSS
CVE
CVE
added 2024/07/05 6:39 p.m.509 views

CVE-2024-39689

Certifi-2024-39689 involves insufficient verification of data authenticity via the GlobalTrust root certificate. The issue stems from Certifi removing GLOBALTRUST roots in 2024.7.04, in line with Mozilla’s trust-store removals prompted by long-running compliance issues. Broadcom/BSNSA36222 confir...

7.5CVSS6AI score0.01049EPSS
CVE
CVE
added 2024/07/03 7:32 p.m.470 views

CVE-2024-34750

CVE-2024-34750 affects Apache Tomcat across multiple lines of the 9.x, 10.x, and 11.x series, where improper handling of HTTP/2 streams leads to miscounting active streams and the use of an infinite timeout, allowing connections to remain open. Root cause: during HTTP/2 processing, Tomcat fails t...

7.5CVSS7.1AI score0.04602EPSS
CVE
CVE
added 2024/09/03 3:58 p.m.453 views

CVE-2024-6119

OpenSSL CVE-2024-6119 causes a denial of service when applications perform certificate name checks (e.g., TLS server name validation). The issue stems from reading an invalid memory address during name comparison (e.g., otherName in X.509) and may terminate the process. Multiple connected advisor...

7.5CVSS6.5AI score0.66594EPSS
CVE
CVE
added 2023/08/07 12:0 a.m.429 views

CVE-2023-36054

MIT Kerberos 5 (krb5) contains a vulnerability CVE-2023-36054 where lib/kadm5/kadm_rpc_xdr.c frees an uninitialized pointer due to improper validation between n_key_data and the key_data array. A remote authenticated user can trigger a kadmind crash. Affected versions include krb5 before 1.20.2 a...

6.5CVSS6.5AI score0.02107EPSS
CVE
CVE
added 2024/10/03 11:32 a.m.393 views

CVE-2024-47554

CVE-2024-47554 affects Apache Commons IO. An Uncontrolled Resource Consumption issue in XmlStreamReader may cause high CPU use when processing malicious input. Vulnerable version range: 2.0 <= v

4.3CVSS6.5AI score0.01241EPSS
CVE
CVE
added 2024/03/15 10:27 a.m.390 views

CVE-2024-28752

CVE-2024-28752 is a SSRF vulnerability in Apache CXF’s Aegis DataBinding. Affected CXF versions are those before 4.0.4, 3.6.3, and 3.5.8; the issue enables SSRF-style attacks on web services that take at least one parameter. Other data bindings (including default) are not impacted. Remediation: u...

9.3CVSS8.2AI score0.05849EPSS
CVE
CVE
added 2024/09/11 10:3 a.m.385 views

CVE-2024-8096

The CVE-2024-8096 issue affects curl’s TLS OCSP stapling verification, where an OCSP response that signals an error other than revoked (e.g., unauthorized) may be treated as valid. This can allow invalid certificates to be accepted when curl uses OCSP stapling, depending on the TLS backend (notab...

6.5CVSS6.6AI score0.00729EPSS
CVE
CVE
added 2024/03/21 9:7 a.m.373 views

CVE-2024-29131

CVE-2024-29131 describes an out-of-bounds write in Apache Commons Configuration, affecting 2.x releases prior to 2.10.1. Fedora advisories and Fedora/OS update entries confirm 2.10.1 as the fixed version. The connected docs provide the fix version but do not include symptom details, exploitation ...

7.3CVSS5.8AI score0.02054EPSS
CVE
CVE
added 2025/02/05 9:15 a.m.364 views

CVE-2025-0167

The CVE-2025-0167 issue affects curl (libcurl) and arises when both using a .netrc for credentials and following HTTP redirects. The root cause, as described across connected documents, is that the netrc entry can omit login and password (or a default entry omits both), which may allow the passwo...

3.4CVSS7AI score0.00663EPSS
CVE
CVE
added 2024/11/07 7:37 a.m.363 views

CVE-2024-38286

The CVE-2024-38286 entry describes an Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat that, under certain configurations, allows an attacker to trigger an OutOfMemoryError by abusing the TLS handshake. Affected versions include Tomcat 11.0.0-M1 through 11.0.0-M...

8.6CVSS8.2AI score0.01702EPSS
CVE
CVE
added 2024/01/15 8:2 p.m.354 views

CVE-2024-0565

CVE-2024-0565 affects the Linux kernel CIFS (SMB) client: receive_encrypted_standard in fs/smb/client/smb2ops.c contains an out-of-bounds read caused by an integer underflow in memcpy length, leading to denial of service. Connected advisories consistently reference this CVE in kernel CIFS decrypt...

7.4CVSS7.2AI score0.01999EPSS
CVE
CVE
added 2025/04/24 11:44 a.m.345 views

CVE-2025-27820

CVE-2025-27820 affects Apache HttpClient 5.4.x, where a PSL validation logic bug disables domain checks, impacting cookie management and hostname verification. Root cause: PSL validation flaw in 5.4.x. Impact: as described, with potential weaknesses in hostname verification and cookie handling; C...

7.5CVSS6.9AI score0.00745EPSS
CVE
CVE
added 2023/05/30 12:0 a.m.328 views

CVE-2023-2953

CVE-2023-2953: OpenLDAP contains a null pointer dereference in ber_memalloc_x(); affected OpenLDAP versions prior to the patched release are vulnerable. Connected advisories confirm a security update to OpenLDAP is available (e.g., OpenLDAP security update notes and Linux distro advisories), with...

7.5CVSS7.3AI score0.01947EPSS
CVE
CVE
added 2024/10/28 2:10 p.m.328 views

CVE-2024-49761

CVE-2024-49761 affects the Ruby ecosystem via the REXML XML toolkit. The vulnerability exists in the REXML gem before 3.3.9, where parsing an XML containing hex numeric character references (&#x...;) with many digits can cause a ReDoS. Ruby 3.2+ is not affected; Ruby 3.1 is the affected maintaine...

8.7CVSS7.3AI score0.01429EPSS
CVE
CVE
added 2024/11/11 12:0 a.m.212 views

CVE-2024-52533

GLib (GNOME GLib) is affected by CVE-2024-52533 due to an off-by-one error in gio/gsocks4aproxy.c, where SOCKS4_CONN_MSG_LEN does not account for a trailing NUL, causing a buffer overflow in versions before 2.82.1. The issue stems from an insufficient buffer size in SOCKS4_CONN_MSG_LEN. A fix has...

9.8CVSS7.5AI score0.01263EPSS
CVE
CVE
added 2024/03/18 10:7 a.m.204 views

CVE-2024-26633

CVE-2024-26633 affects the Linux kernel’s ip6_tunnel code, specifically the NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim(). Syzbot reported that frag_off could be read before enough bytes were pulled into skb->head, causing reads of uninitialized or garbage data. The issue is exposed...

5.5CVSS6.7AI score0.0033EPSS
CVE
CVE
added 2024/03/07 4:10 p.m.150 views

CVE-2024-1351

CVE-2024-1351 (MongoDB TLS peer cert validation bypass) Affected product: MongoDB Server (versions affected as per CVE description): v7.0 before or including 7.0.5; v6.0 before or including 6.0.13; v5.0 before or including 5.0.24; v4.4 before or including 4.4.28. Root cause: When TLS is enabled, ...

9.8CVSS8.7AI score0.005EPSS