Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hitachi web server 01 01 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-31813
Apache HTTP Server 2.4.53 and previous versions may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.
Apache Http Server
Netapp Clustered Data Ontap -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
9.8
CVSSv3
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the ...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire & Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
7 Github repositories
1 Article
7.5
CVSSv3
CVE-2022-0778
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Cloud Volumes Ontap Mediator -
Netapp A250 Firmware -
Netapp 500f Firmware -
Fedoraproject Fedora 34
Fedoraproject Fedora 36
Tenable Nessus
Mariadb Mariadb
Nodejs Node.js
10 Github repositories
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1182 Github repositories
28 Articles
7.5
CVSSv3
CVE-2020-25710
A flaw was found in OpenLDAP in versions prior to 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
Openldap Openldap
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Web Server 2.0.0
Redhat Enterprise Linux 5.0
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Core Services -
Debian Debian Linux 9.0
Fedoraproject Fedora 33
7.8
CVSSv3
CVE-2021-3156
Sudo prior to 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Sudo Project Sudo 1.9.5
Sudo Project Sudo
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Oncommand Unified Manager Core Package -
Mcafee Web Gateway 8.2.17
Mcafee Web Gateway 9.2.8
Mcafee Web Gateway 10.0.4
Synology Diskstation Manager 6.2
Synology Diskstation Manager Unified Controller 3.0
Synology Skynas Firmware -
Synology Vs960hd Firmware -
Beyondtrust Privilege Management For Mac
Beyondtrust Privilege Management For Unix/linux
Oracle Micros Compact Workstation 3 Firmware 310
Oracle Micros Es400 Firmware
Oracle Micros Kitchen Display System Firmware 210
Oracle Micros Workstation 5a Firmware 5a
143 Github repositories
1 Article
9.8
CVSSv3
CVE-2020-1938
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exp...
Apache Tomcat
Apache Geode 1.12.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Instantis Enterprisetrack
Oracle Mysql Enterprise Monitor
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
57 Github repositories
1 Article
NA
CVE-2009-4776
Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote malicious users to have an unkno...
Hitachi Ucosminexus Application Server 06-70-/e
Hitachi Ucosminexus Developer 06-70
Hitachi Ucosminexus Application Server 06-70
Hitachi Ucosminexus Service Architect 07-60
Hitachi Ucosminexus Operator 7
Hitachi Ucosminexus Client 07-60
Hitachi Ucosminexus Application Server 06-72
Hitachi Ucosminexus Service Platform 6.7
Hitachi Ucosminexus Application Server 07-00
Hitachi Ucosminexus Application Server 07-10
Hitachi Ucosminexus Collaboration 06-35
Hitachi Ucosminexus Application Server 06-70-/f
Hitachi Ucosminexus Application Server 06-70f
Hitachi Ucosminexus Developer 6
Hitachi Ucosminexus Application Server 07-60
Hitachi Ucosminexus Application Server 6.7
Hitachi Ucosminexus Developer 8
Hitachi Ucosminexus Developer 06-71-/f
Hitachi Ucosminexus Service Architect 7
Hitachi Ucosminexus Collaboration 06-35-/f
Hitachi Ucosminexus Operator 6.7
Hitachi Ucosminexus Application Server 06-70-/g
NA
CVE-2008-5719
Cross-site scripting (XSS) vulnerability in Hitachi Groupmax Web Workflow SDK Set for Active Server Pages prior to 06-52-/C and Hitachi Groupmax Workflow - Development Kit for Active Server Pages prior to 06-52-/A allows remote malicious users to inject arbitrary web script or HT...
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 03-10 A
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 05-11
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-11 E
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 06-52
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 06-50
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-11 A
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 03-10 D
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 05-10 A
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 3-10 B
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-10 B
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 03-10 C
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 05-20 A
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-20 A
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 05-00 A
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 03-10 B
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 06-01
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 05-11 A
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-20 B
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 06-03 A
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 06-01
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-11 D
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 05-10
NA
CVE-2007-5809
Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote malicious users to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page.
Hitachi Web Server 02 02
Hitachi Ucosminexus Application Server Standard
Hitachi Ucosminexus Developer Standard
Hitachi Web Server 01 02 D
Hitachi Web Server 02 00
Hitachi Cosminexus Application Server Enterprise
Hitachi Web Server 02 04 B
Hitachi Ucosminexus Developer Light
Hitachi Cosminexus Developer Standard Version 6
Hitachi Ucosminexus Service Platform
Hitachi Web Server 03 00
Hitachi Cosminexus Application Server Standard
Hitachi Web Server 01 02 E
Hitachi Cosminexus Server
Hitachi Web Server 03 00 01
Hitachi Ucosminexus Application Server Enterprise
Hitachi Ucosminexus Developer Professional
Hitachi Web Server 01 00
Hitachi Web Server 01 01
Hitachi Cosminexus Developer Professional Version 6
Hitachi Web Server 02 06 A
Hitachi Cosminexus Developer Light Version 6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »