Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp virtual storage console vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-36946
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel up to and including 5.18.14 allows remote malicious users to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negat...
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Hci Compute Node -
Netapp Solidfire \\& Hci Storage Node -
Netapp Solidfire Enterprise Sds -
2 Github repositories
5.3
CVSSv3
CVE-2021-28164
In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web....
Eclipse Jetty 9.4.37
Eclipse Jetty 9.4.38
Netapp Santricity Cloud Connector -
Netapp Snapcenter -
Netapp E-series Performance Analyzer -
Netapp E-series Santricity Web Services -
Netapp Virtual Storage Console
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap
Netapp Cloud Manager -
Netapp Snapcenter Plug-in -
Netapp E-series Santricity Os Controller
Netapp Element Plug-in For Vcenter Server -
Oracle Banking Digital Experience 20.1
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Siebel Core - Automation
Oracle Communications Session Route Manager
Oracle Banking Digital Experience 21.1
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
2 Github repositories
2.7
CVSSv3
CVE-2021-28163
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that m...
Eclipse Jetty 11.0.0
Eclipse Jetty 10.0.0
Eclipse Jetty 11.0.1
Eclipse Jetty 10.0.1
Eclipse Jetty
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Apache Solr 8.8.1
Apache Ignite
Netapp Santricity Cloud Connector -
Netapp Snapcenter -
Netapp E-series Performance Analyzer -
Netapp E-series Santricity Web Services -
Netapp Virtual Storage Console
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap
Netapp Cloud Manager -
Netapp Snapcenter Plug-in -
Netapp Element Plug-in For Vcenter Server -
Netapp E-series Santricity Os Controller
Oracle Banking Digital Experience 20.1
7
CVSSv3
CVE-2020-27216
In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creatin...
Eclipse Jetty 11.0.0
Eclipse Jetty 10.0.0
Eclipse Jetty
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Vasa Provider
Netapp Virtual Storage Console
Netapp Storage Replication Adapter
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Services Gatekeeper 7.0
Oracle Communications Element Manager
Oracle Flexcube Core Banking
Oracle Communications Application Session Controller 3.9m0p2
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Jd Edwards Enterpriseone Tools
Oracle Communications Converged Application Server - Service Controller 6.2
Oracle Siebel Core - Automation
Apache Beam 2.21.0
Apache Beam 2.22.0
Apache Beam 2.23.0
5.3
CVSSv3
CVE-2020-12888
The VFIO PCI driver in the Linux kernel up to and including 5.6.13 mishandles attempts to access disabled memory space.
Linux Linux Kernel
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Bootstrap Os -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
7.5
CVSSv3
CVE-2020-11868
ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows an off-path malicious user to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
Ntp Ntp 4.2.8
Ntp Ntp
Redhat Enterprise Linux 7.0
Netapp Clustered Data Ontap -
Netapp Virtual Storage Console
Netapp Data Ontap -
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node Firmware -
Netapp Fabric-attached Storage 8300 Firmware -
Netapp Fabric-attached Storage 8700 Firmware -
Netapp Fabric-attached Storage A400 Firmware -
Netapp All Flash Fabric-attached Storage 8300 Firmware -
Netapp All Flash Fabric-attached Storage 8700 Firmware -
Netapp All Flash Fabric-attached Storage A400 Firmware -
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Leap 15.2
8.1
CVSSv3
CVE-2019-11815
An issue exists in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel prior to 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.
Linux Linux Kernel
Linux Linux Kernel 5.1
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Leap 42.3
Netapp Active Iq Unified Manager
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Solidfire -
Netapp Storage Replication Adapter 7.2
Netapp Vasa Provider For Clustered Data Ontap
Netapp Virtual Storage Console
Netapp Hci Compute Node -
Netapp Hci Storage Node -
Netapp Cn1610 Firmware -
8.1
CVSSv3
CVE-2018-20836
An issue exists in the Linux kernel prior to 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
F5 Traffix Signaling Delivery Controller 5.1.0
F5 Traffix Signaling Delivery Controller 5.0.0
Netapp Virtual Storage Console
Netapp Active Iq Unified Manager
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire \\& Hci Management Node -
Netapp Snapprotect -
Netapp Hci Compute Node -
Netapp Solidfire \\& Hci Storage Node -
Netapp Storage Replication Adapter For Clustered Data Ontap -
Opensuse Leap 15.0
Opensuse Leap 15.1
7.7
CVSSv3
CVE-2019-3900
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could ...
Linux Linux Kernel
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Active Iq Unified Manager For Vmware Vsphere
Netapp Virtual Storage Console For Vmware Vsphere
Netapp Storage Replication Adapter For Clustered Data Ontap For Vmware Vsphere
Netapp Cn1610 Firmware -
Oracle Sd-wan Edge 8.2
Fedoraproject Fedora 28
5.5
CVSSv3
CVE-2019-3882
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cau...
Linux Linux Kernel 3.10
Linux Linux Kernel 4.14
Linux Linux Kernel 4.18
Fedoraproject Fedora
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Active Iq Unified Manager For Vmware Vsphere
Netapp Virtual Storage Console For Vmware Vsphere
Netapp Storage Replication Adapter For Clustered Data Ontap For Vmware Vsphere
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »