ReportizFlow
Filtered by vendor Netapp
Subscriptions
Filtered by product Active Iq Unified Manager
Subscriptions
Total
846 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-16943 | 6 Debian, Fasterxml, Fedoraproject and 3 more | 36 Debian Linux, Jackson-databind, Fedora and 33 more | 2024-11-21 | 9.8 Critical |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling. | ||||
| CVE-2019-16942 | 6 Debian, Fasterxml, Fedoraproject and 3 more | 37 Debian Linux, Jackson-databind, Fedora and 34 more | 2024-11-21 | 9.8 Critical |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling. | ||||
| CVE-2019-15223 | 4 Canonical, Linux, Netapp and 1 more | 9 Ubuntu Linux, Linux Kernel, Active Iq Unified Manager and 6 more | 2024-11-21 | 4.6 Medium |
| An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver. | ||||
| CVE-2019-15222 | 3 Linux, Netapp, Opensuse | 8 Linux Kernel, Active Iq Unified Manager, Data Availability Services and 5 more | 2024-11-21 | 4.6 Medium |
| An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver. | ||||
| CVE-2019-15221 | 6 Canonical, Debian, Linux and 3 more | 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more | 2024-11-21 | 4.6 Medium |
| An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. | ||||
| CVE-2019-15220 | 5 Canonical, Debian, Linux and 2 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-11-21 | 4.6 Medium |
| An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. | ||||
| CVE-2019-15219 | 5 Canonical, Debian, Linux and 2 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-11-21 | 4.6 Medium |
| An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. | ||||
| CVE-2019-15218 | 6 Canonical, Debian, Linux and 3 more | 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more | 2024-11-21 | 4.6 Medium |
| An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver. | ||||
| CVE-2019-15217 | 6 Canonical, Debian, Linux and 3 more | 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more | 2024-11-21 | 4.6 Medium |
| An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. | ||||
| CVE-2019-15216 | 5 Canonical, Debian, Linux and 2 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-11-21 | 4.6 Medium |
| An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. | ||||
| CVE-2019-15215 | 5 Canonical, Debian, Linux and 2 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-11-21 | 4.6 Medium |
| An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. | ||||
| CVE-2019-15212 | 5 Canonical, Debian, Linux and 2 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-11-21 | 4.6 Medium |
| An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. | ||||
| CVE-2019-15211 | 5 Canonical, Debian, Linux and 2 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-11-21 | 4.6 Medium |
| An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory. | ||||
| CVE-2019-15118 | 5 Canonical, Debian, Linux and 2 more | 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more | 2024-11-21 | 5.5 Medium |
| check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. | ||||
| CVE-2019-15098 | 5 Canonical, Debian, Linux and 2 more | 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more | 2024-11-21 | 4.6 Medium |
| drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. | ||||
| CVE-2019-14888 | 2 Netapp, Redhat | 10 Active Iq Unified Manager, Jboss Data Grid, Jboss Enterprise Application Platform and 7 more | 2024-11-21 | 7.5 High |
| A vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL. | ||||
| CVE-2019-14379 | 7 Apple, Debian, Fasterxml and 4 more | 37 Xcode, Debian Linux, Jackson-databind and 34 more | 2024-11-21 | 9.8 Critical |
| SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. | ||||
| CVE-2019-13990 | 6 Apache, Atlassian, Netapp and 3 more | 35 Tomee, Jira Service Management, Active Iq Unified Manager and 32 more | 2024-11-21 | 9.8 Critical |
| initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. | ||||
| CVE-2019-12615 | 2 Linux, Netapp | 10 Linux Kernel, Active Iq Unified Manager, Aff A700s and 7 more | 2024-11-21 | 7.5 High |
| An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). | ||||
| CVE-2019-11815 | 5 Canonical, Debian, Linux and 2 more | 15 Ubuntu Linux, Debian Linux, Linux Kernel and 12 more | 2024-11-21 | 8.1 High |
| An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup. | ||||