Product:

Ontap_select_deploy_administration_utility

(Netapp)
Repositories https://github.com/torvalds/linux
#Vulnerabilities 157
Date Id Summary Products Score Patch Annotated
2022-08-23 CVE-2021-3975 A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash. Ubuntu_linux, Debian_linux, Fedora, Ontap_select_deploy_administration_utility, Codeready_linux_builder, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Libvirt 6.5
2022-08-23 CVE-2022-31676 VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine. Debian_linux, Fedora, Ontap_select_deploy_administration_utility, Tools 7.8
2022-08-24 CVE-2021-3998 A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data. Glibc, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Ontap_select_deploy_administration_utility 7.5
2022-08-24 CVE-2021-4189 A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible. Debian_linux, Ontap_select_deploy_administration_utility, Python, Enterprise_linux, Software_collections 5.3
2022-08-24 CVE-2021-4214 A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service. Debian_linux, Libpng, Ontap_select_deploy_administration_utility 5.5
2022-08-29 CVE-2022-2953 LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. Debian_linux, Libtiff, Ontap_select_deploy_administration_utility 5.5
2022-08-31 CVE-2022-39046 An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap. Glibc, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Ontap_select_deploy_administration_utility 5.3
2022-08-31 CVE-2022-1354 A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service. Debian_linux, Fedora, Libtiff, Ontap_select_deploy_administration_utility, Enterprise_linux 5.5
2022-08-31 CVE-2022-1355 A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service. Debian_linux, Fedora, Libtiff, Ontap_select_deploy_administration_utility, Enterprise_linux 6.1
2022-09-01 CVE-2020-35527 In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause. Ontap_select_deploy_administration_utility, Sqlite 9.8