Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nfs vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-13164
In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.
Wireshark Wireshark
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.5
CVSSv3
CVE-2019-10054
An issue exists in Suricata 4.1.3. The function process_reply_record_v3 lacks a check for the length of reply.data. It causes an invalid memory access and the program crashes within the nfs/nfs3.rs file.
Suricata-ids Suricata 4.1.3
7.5
CVSSv3
CVE-2019-15538
An issue exists in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel up to and including 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fai...
Linux Linux Kernel 5.3
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Netapp Data Availability Services -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Aff A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp H610s Firmware -
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Fedoraproject Fedora 29
7.5
CVSSv3
CVE-2018-16871
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machi...
Linux Linux Kernel
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Mrg Realtime 2.0
Redhat Developer Tools 1.0
Netapp Cloud Backup -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
7.5
CVSSv3
CVE-2019-2838
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Oracle Solaris. Su...
Oracle Solaris 11.4
7.5
CVSSv3
CVE-2019-11541
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, and 8.2RX prior to 8.2R12.1, users using SAML authentication with the Reuse Existing NC (Pulse) Session option may see authentication leaks.
Pulsesecure Pulse Connect Secure 8.2r1.1
Pulsesecure Pulse Connect Secure 8.2r2.0
Pulsesecure Pulse Connect Secure 8.2r4.0
Pulsesecure Pulse Connect Secure 8.2r5.0
Pulsesecure Pulse Connect Secure 8.2r1.0
Pulsesecure Pulse Connect Secure 8.2r4.1
Pulsesecure Pulse Connect Secure 8.2r3.1
Pulsesecure Pulse Connect Secure 8.2r3.0
Pulsesecure Pulse Connect Secure 8.3rx
Pulsesecure Pulse Connect Secure 9.0r1
Pulsesecure Pulse Connect Secure 9.0r2
Pulsesecure Pulse Connect Secure 9.0r2.1
Pulsesecure Pulse Connect Secure 9.0r3
Pulsesecure Pulse Connect Secure 9.0r3.1
Pulsesecure Pulse Connect Secure 9.0r3.2
Pulsesecure Pulse Connect Secure 9.0rx
Pulsesecure Pulse Connect Secure 8.2r5.1
Pulsesecure Pulse Connect Secure 8.2r6.0
Pulsesecure Pulse Connect Secure 8.2r7.0
Pulsesecure Pulse Connect Secure 8.2r7.1
Pulsesecure Pulse Connect Secure 8.2rx
Ivanti Connect Secure 8.2
7.5
CVSSv3
CVE-2018-17158
In FreeBSD prior to 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. Unprivileged remote users with access to the NFS server can crash the system by sending a specially crafted NFSv4 r...
Freebsd Freebsd 11.2
Freebsd Freebsd
7.5
CVSSv3
CVE-2018-17159
In FreeBSD prior to 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. Unprivileged remote users with access to the NFS server can cause a resource exhaustion by forcing the server to allocate an arbitrarily large memory ...
Freebsd Freebsd 11.2
Freebsd Freebsd
7.5
CVSSv3
CVE-2018-2718
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Solaris. Successful at...
Oracle Solaris 11.3
Oracle Solaris 10.0
7.5
CVSSv3
CVE-2018-2764
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Solaris. Successful...
Oracle Solaris 10
Oracle Solaris 11.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »