Ontap Tools Security Vulnerabilities and Issues — Ontap Tools CVE List

Lucene search

NetappOntap Tools

12 matches found

CVE•added 2024/03/10 5:15 a.m.•8298 views

CVE-2024-28757

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

7.5CVSS7.4AI score0.00474EPSS

CVE•added 2024/04/04 8:15 p.m.•4761 views

CVE-2023-38709

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

7.3CVSS7.1AI score0.05161EPSS

CVE•added 2021/01/26 9:15 p.m.•4284 views

CVE-2021-3156

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

7.8CVSS8.3AI score0.92492EPSS

In wild

CVE•added 2020/06/04 1:15 p.m.•526 views

CVE-2020-13817

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path atta...

7.4CVSS7.2AI score0.00375EPSS

CVE•added 2021/04/01 3:15 p.m.•522 views

CVE-2021-28165

In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.

7.8CVSS7.3AI score0.10227EPSS

CVE•added 2024/07/05 7:15 p.m.•416 views

CVE-2024-39689

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from GLOBALTRUST. Certifi 2024.7.04 removes root certificates from ...

7.5CVSS6AI score0.21233EPSS

CVE•added 2024/07/03 8:15 p.m.•395 views

CVE-2024-34750

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of a...

7.5CVSS7.7AI score0.16902EPSS

CVE•added 2024/09/03 4:15 p.m.•373 views

CVE-2024-6119

Issue summary: Applications performing certificate name checks (e.g., TLSclients checking server certificates) may attempt to read an invalid memoryaddress resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial ofser...

7.5CVSS6.5AI score0.02704EPSS

CVE•added 2024/03/21 9:15 a.m.•337 views

CVE-2024-29131

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.

7.3CVSS5.8AI score0.00203EPSS

CVE•added 2024/01/15 8:15 p.m.•307 views

CVE-2024-0565

An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.

7.4CVSS7.2AI score0.00067EPSS

CVE•added 2025/04/24 12:15 p.m.•278 views

CVE-2025-27820

A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release

7.5CVSS6.9AI score0.00043EPSS

CVE•added 2023/05/30 10:15 p.m.•273 views

CVE-2023-2953

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

7.5CVSS7.3AI score0.0111EPSS