Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vasa provider vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-6904
Versions of VASA Provider for Clustered Data ONTAP before 7.0P1 contain a web server that accepts plain text authentication. This could allow an unauthenticated malicious user to obtain authentication credentials.
Netapp Vasa Provider
10
CVSSv2
CVE-2017-4997
EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system.
Dell Emc Vasa Provider Virtual Appliance
6.8
CVSSv2
CVE-2018-19931
An issue exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils up to and including 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.
Gnu Binutils
Netapp Vasa Provider
Canonical Ubuntu Linux 18.04
NA
CVE-2022-45103
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file ...
Dell Powermax Os 5978
Dell Unisphere 360
Dell Emc Unisphere For Powermax
Dell Emc Unisphere For Powermax Virtual Appliance
Dell Solutions Enabler
Dell Emc Solutions Enabler Virtual Appliance
Dell Vasa Provider
Dell Emc Vasa Provider Virtual Appliance
Dell Powermax Os -
NA
CVE-2022-31233
Unisphere for PowerMax versions prior to 9.2.3.15 contain a privilege escalation vulnerability. An adjacent malicious user may potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to.
Dell Powermax Os 5978
Dell Unisphere For Powermax
Dell Unisphere For Powermax Virtual Appliance
Dell Unisphere 360
Dell Solutions Enabler
Dell Solutions Enabler Virtual Appliance
Dell Evasa Provider Virtual Appliance
Dell Vasa
4.3
CVSSv2
CVE-2020-13954
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web...
Apache Cxf
Netapp Snap Creator Framework -
Netapp Vasa Provider For Clustered Data Ontap
Oracle Retail Order Broker Cloud Service 15.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Communications Messaging Server 8.1
Oracle Communications Messaging Server 8.0.2
Oracle Business Intelligence 5.9.0.0.0
6.9
CVSSv2
CVE-2019-11486
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel prior to 5.0.8 has multiple race conditions.
Linux Linux Kernel
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 15.1
Netapp Active Iq -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Vasa Provider For Clustered Data Ontap 9.7
Netapp Storage Replication Adapter For Clustered Data Ontap 9.7
Netapp Virtual Storage Console 9.7
4.4
CVSSv2
CVE-2017-10125
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows physical access to compromise Java SE. While the vulnerability is in Java SE, attacks ...
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Netapp Cloud Backup -
Netapp Oncommand Balance -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Insight -
Netapp Virtual Storage Console
Netapp E-series Santricity Storage Manager -
Netapp Oncommand Unified Manager -
Netapp Active Iq Unified Manager
Netapp Vasa Provider For Clustered Data Ontap
Netapp Oncommand Shift -
Netapp Oncommand Performance Manager -
Netapp Plug-in For Symantec Netbackup -
Netapp E-series Santricity Os Controller
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Oncommand Unified Manager
Netapp Vasa Provider For Clustered Data Ontap 6.0
1.9
CVSSv2
CVE-2019-3901
A race condition in perf_event_open() allows local malicious users to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execv...
Linux Linux Kernel
Debian Debian Linux 8.0
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Active Iq Unified Manager For Vmware Vsphere
Netapp Virtual Storage Console For Vmware Vsphere
Netapp Storage Replication Adapter For Clustered Data Ontap For Vmware Vsphere
Netapp Cn1610 Firmware -
NA
CVE-2022-34397
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized.
Dell Solutions Enabler Virtual Appliance
Dell Evasa Provider Virtual Appliance
Dell Unisphere For Powermax Virtual Appliance
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »