Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
active iq vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-7612
A sensitive data disclosure flaw was found in the way Logstash versions prior to 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.
Elastic Logstash
Netapp Active Iq Performance Analytics Services -
5.3
CVSSv3
CVE-2023-28486
Sudo prior to 1.9.13 does not escape control characters in log messages.
Sudo Project Sudo
Netapp Active Iq Unified Manager -
5.3
CVSSv3
CVE-2023-28487
Sudo prior to 1.9.13 does not escape control characters in sudoreplay output.
Sudo Project Sudo
Netapp Active Iq Unified Manager -
3.3
CVSSv3
CVE-2018-20855
An issue exists in the Linux kernel prior to 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.
Linux Linux Kernel
Opensuse Leap 15.0
Opensuse Leap 15.1
Netapp Active Iq Performance Analytics Services -
Netapp Active Iq Unified Manager
Netapp Data Availability Services -
Netapp Element Software -
5.5
CVSSv3
CVE-2023-45862
An issue exists in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel prior to 6.2.5. An object could potentially extend beyond the end of an allocation.
Linux Linux Kernel
Netapp Active Iq Unified Manager -
Netapp H410c Firmware -
4.8
CVSSv3
CVE-2021-20220
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an malicious user to poison a web-...
Redhat Undertow
Netapp Active Iq Unified Manager -
Netapp Oncommand Workflow Automation -
6.5
CVSSv3
CVE-2018-3721
lodash node module prior to 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modif...
Lodash Lodash
Netapp Active Iq Unified Manager -
Netapp System Manager 9.0
3 Github repositories
6.5
CVSSv3
CVE-2022-3598
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.
Libtiff Libtiff
Netapp Active Iq Unified Manager -
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2021-3800
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.
Gnome Glib
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
6.5
CVSSv3
CVE-2020-25711
A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations. When authz is enabled, any user with authentication can perform operations like shutting down the server without the ADMIN role.
Infinispan Infinispan
Redhat Data Grid 8.0
Netapp Active Iq Unified Manager -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »