Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hitachi web server 02 02 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-40335
A vulnerability exists in the HTTP web interface where the web interface does not sufficiently verify if a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. This cause a Cross Site Request Forgery (CSRF), which if exploited c...
Hitachienergy Modular Switchgear Monitoring Firmware
7.5
CVSSv3
CVE-2022-0778
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Cloud Volumes Ontap Mediator -
Netapp A250 Firmware -
Netapp 500f Firmware -
Fedoraproject Fedora 34
Fedoraproject Fedora 36
Tenable Nessus
Mariadb Mariadb
Nodejs Node.js
10 Github repositories
9.8
CVSSv3
CVE-2022-22720
Apache HTTP Server 2.4.52 and previous versions fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Zfs Storage Appliance Kit 8.8
Apple Macos
Apple Mac Os X 10.15.7
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1179 Github repositories
28 Articles
5.5
CVSSv3
CVE-2020-13938
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
Apache Http Server
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Netapp Cloud Backup -
5.9
CVSSv3
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by...
Openssl Openssl
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Hyper Converged Infrastructure -
Netapp Cloud Backup -
Netapp Santricity Smi-s Provider -
Netapp Element Software -
Netapp Snapdrive -
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Unified Manager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Service Processor -
3 Github repositories
7.5
CVSSv3
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
308 Github repositories
4 Articles
NA
CVE-2009-4776
Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote malicious users to have an unkno...
Hitachi Ucosminexus Application Server 06-70-\\/e
Hitachi Ucosminexus Application Server 06-70-\\/f
Hitachi Ucosminexus Application Server 06-71-\\/g
Hitachi Ucosminexus Application Server 06-71
Hitachi Ucosminexus Application Server 06-72-\\/d
Hitachi Ucosminexus Application Server 6.7
Hitachi Ucosminexus Application Server 7
Hitachi Ucosminexus Application Server 8
Hitachi Ucosminexus Collaboration 06-35-\\/f
Hitachi Ucosminexus Collaboration 06-35
Hitachi Ucosminexus Developer 06-70-\\/f
Hitachi Ucosminexus Developer 07-60
Hitachi Ucosminexus Developer 08-00
Hitachi Ucosminexus Developer 6.7
Hitachi Ucosminexus Operator 7
Hitachi Ucosminexus Operator 8
Hitachi Ucosminexus Service Architect 07-00
Hitachi Ucosminexus Service Architect 07-60
Hitachi Ucosminexus Application Server 06-70-\\/n
Hitachi Ucosminexus Application Server 06-70
Hitachi Ucosminexus Application Server 06-70f
Hitachi Ucosminexus Application Server 07-00
NA
CVE-2008-5719
Cross-site scripting (XSS) vulnerability in Hitachi Groupmax Web Workflow SDK Set for Active Server Pages prior to 06-52-/C and Hitachi Groupmax Workflow - Development Kit for Active Server Pages prior to 06-52-/A allows remote malicious users to inject arbitrary web script or HT...
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 06-52
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 06-51
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-20
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-20 C
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-11 B
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-11 A
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-00 B
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-00 A
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 3-10 A
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 3-10 B
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 05-00
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 05-00 B
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 05-00 A
Hitachi Groupmax Workflow To Development Kit For Active Server Pages 06-51
Hitachi Groupmax Workflow To Development Kit For Active Server Pages
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 06-52 A
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 06-01
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 06-00
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 06-03
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 06-02
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-11
Hitachi Groupmax Web Workflow Sdk Set For Active Server Pages 05-11 E
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started