Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
element software vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-26987
Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions before 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Managemen...
Vmware Spring Boot
Netapp Element Plug-in For Vcenter Server
Netapp Management Services For Element Software And Netapp Hci
Netapp Solidfire \\& Hci Management Node
5.3
CVSSv3
CVE-2020-27223
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high ...
Eclipse Jetty 9.4.6
Eclipse Jetty 9.4.36
Eclipse Jetty
Eclipse Jetty 10.0.0
Eclipse Jetty 11.0.0
Apache Spark 3.1.1
Apache Nifi 1.13.0
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Snapmanager -
Netapp Hci -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp E-series Santricity Web Services -
Netapp Element Plug-in For Vcenter Server -
Netapp E-series Santricity Os Controller
Netapp Management Services For Element Software -
Debian Debian Linux 10.0
Apache Solr 8.8.1
Oracle Rest Data Services
2 Github repositories
8.8
CVSSv3
CVE-2021-22112
Spring Security 5.4.x before 5.4.4, 5.3.x before 5.3.8.RELEASE, 5.2.x before 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programm...
Vmware Spring Security
Pivotal Software Spring Security
Oracle Hospitality Cruise Shipboard Property Management System 20.1.0
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Communications Unified Inventory Management 7.4.1
Oracle Insurance Policy Administration 11.3.0
Oracle Insurance Policy Administration 11.2.0
Oracle Communications Element Manager
Oracle Mysql Enterprise Monitor
1 Github repository
5.6
CVSSv3
CVE-2020-29511
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an malicious user to craft inputs that behave in conflicting ways during different stages of processing in affected ...
Golang Go
Netapp Trident -
7
CVSSv3
CVE-2020-29368
An issue exists in __split_huge_pmd in mm/huge_memory.c in the Linux kernel prior to 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
Linux Linux Kernel
Netapp Cloud Backup -
Netapp Element Software -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Bootstrap Os -
Netapp H410c Firmware -
6.5
CVSSv3
CVE-2020-8582
Element Software versions before 12.2 and HCI versions before 1.8P1 are susceptible to a vulnerability which could allow an authenticated user to view sensitive information.
Netapp Hci
Netapp Element Os
7.5
CVSSv3
CVE-2020-8583
Element Software versions before 12.2 and HCI versions before 1.8P1 are susceptible to a vulnerability which could allow an malicious user to discover sensitive information by intercepting its transmission within an https session.
Netapp Hci
Netapp Element Os
7.8
CVSSv3
CVE-2020-6156
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance USDC file format path element token index.
Pixar Openusd 20.05
7.8
CVSSv3
CVE-2020-28341
An issue exists on Samsung mobile devices with Q(10.0) (Exynos990 chipsets) software. The S3K250AF Secure Element CC EAL 5+ chip allows malicious users to execute arbitrary code and obtain sensitive information via a buffer overflow. The Samsung ID is SVE-2020-18632 (November 202...
Google Android 10.0
6.5
CVSSv3
CVE-2020-3429
A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent malicious user to cause denial of service (DoS) condition on an affected device. The vulnerability...
Cisco Ios Xe 16.12.1s
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »