Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ontap_select_deploy_administration_utility
(Netapp)| Repositories | https://github.com/torvalds/linux |
| #Vulnerabilities | 157 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-05-27 | CVE-2020-14301 | An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command. | Ontap_select_deploy_administration_utility, Codeready_linux_builder, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_update_services_for_sap_solutions, Enterprise_linux_tus, Libvirt | 6.5 | ||
| 2021-06-01 | CVE-2021-23017 | A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. | Nginx, Fedora, Ontap_select_deploy_administration_utility, Openresty, Blockchain_platform, Communications_control_plane_monitor, Communications_fraud_monitor, Communications_operations_monitor, Communications_session_border_controller, Enterprise_communications_broker, Enterprise_session_border_controller, Enterprise_telephony_fraud_monitor, Goldengate | 7.7 | ||
| 2021-06-01 | CVE-2021-3516 | There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability. | Debian_linux, Fedora, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, Ontap_select_deploy_administration_utility, Zfs_storage_appliance_kit, Enterprise_linux, Jboss_core_services, Xmllint | 7.8 | ||
| 2021-06-02 | CVE-2021-3520 | There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well. | Lz4, Active_iq_unified_manager, Cloud_backup, Ontap_select_deploy_administration_utility, Communications_cloud_native_core_policy, Zfs_storage_appliance_kit, Universal_forwarder | 9.8 | ||
| 2021-06-02 | CVE-2021-3530 | A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash. | Binutils, Ontap_select_deploy_administration_utility | 7.5 | ||
| 2021-07-09 | CVE-2021-3541 | A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service. | Active_iq_unified_manager, Cloud_backup, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Manageability_software_development_kit, Ontap_select_deploy_administration_utility, Smi\-S_provider, Snapdrive, Zfs_storage_appliance_kit, Jboss_core_services, Libxml2 | 6.5 | ||
| 2021-07-22 | CVE-2021-35942 | The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations. | Debian_linux, Glibc, Active_iq_unified_manager, E\-Series_santricity_os_controller, Hci_management_node, Ontap_select_deploy_administration_utility, Solidfire | 9.1 | ||
| 2021-07-30 | CVE-2021-37600 | An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments. | Util\-Linux, Ontap_select_deploy_administration_utility | 5.5 | ||
| 2021-08-05 | CVE-2021-3580 | A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service. | Debian_linux, Ontap_select_deploy_administration_utility, Nettle, Enterprise_linux | 7.5 | ||
| 2021-09-06 | CVE-2021-3770 | vim is vulnerable to Heap-based Buffer Overflow | Fedora, Ontap_select_deploy_administration_utility, Vim | 7.8 |