Active Iq Unified Manager Vmware Vsphere NetApp Active Iq Unified Manager Vmware Vsphere

Do you want an email whenever new security vulnerabilities are reported in NetApp Active Iq Unified Manager Vmware Vsphere?

By the Year

In 2024 there have been 0 vulnerabilities in NetApp Active Iq Unified Manager Vmware Vsphere . Active Iq Unified Manager Vmware Vsphere did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 1 7.50
2021 0 0.00
2020 0 0.00
2019 5 6.64
2018 0 0.00

It may take a day or so for new Active Iq Unified Manager Vmware Vsphere vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent NetApp Active Iq Unified Manager Vmware Vsphere Security Vulnerabilities

An issue was discovered in libxml2 before 2.10.3

CVE-2022-40303 7.5 - High - November 23, 2022

An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.

Integer Overflow or Wraparound

A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.

CVE-2019-3846 8.8 - High - June 03, 2019

A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.

Heap-based Buffer Overflow

An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6

CVE-2019-3900 7.7 - High - April 25, 2019

An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.

Infinite Loop

A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit

CVE-2019-3882 5.5 - Medium - April 24, 2019

A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.

Allocation of Resources Without Limits or Throttling

A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs

CVE-2019-3901 4.7 - Medium - April 22, 2019

A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execve() syscall with setuid execution before perf_event_alloc() actually attaches to it, allowing an attacker to bypass the ptrace_may_access() check and the perf_event_exit_task(current) call that is performed in install_exec_creds() during privileged execve() calls. This issue affects kernel versions before 4.8.

Improper Locking

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem

CVE-2019-3874 6.5 - Medium - March 25, 2019

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.

Resource Exhaustion

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for NetApp Solidfire or by NetApp? Click the Watch button to subscribe.

NetApp
Vendor

subscribe