Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
storage vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-25122
sidekiq-unique-jobs is an open source project which prevents simultaneous Sidekiq jobs with the same unique arguments to run. Specially crafted GET request parameters handled by any of the following endpoints of sidekiq-unique-jobs' "admin" web UI, allow a super-us...
NA
CVE-2023-47218
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 2...
1 Metasploit module
2 Github repositories
1 Article
2.7
CVSSv3
CVE-2024-23760
Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows malicious users to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot.
Gambio Gambio 4.9.2.0
5.5
CVSSv3
CVE-2024-22312
IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 278748.
Ibm Storage Defender Resiliency Service 2.0
7.8
CVSSv3
CVE-2024-22313
IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 278749.
Ibm Storage Defender Resiliency Service 2.0
7.2
CVSSv3
CVE-2023-50957
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. IBM X-Force ID: 275783.
Ibm Storage Defender Resiliency Service 2.0
7.5
CVSSv3
CVE-2023-6518
Plaintext Storage of a Password vulnerability in Mia Technology Inc. MIA-MED allows Read Sensitive Strings Within an Executable.This issue affects MIA-MED: prior to 1.0.7.
Miateknoloji Mia-med
7.5
CVSSv3
CVE-2023-47700
IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.6 products could allow a remote malicious user to spoof a trusted system that would not be correctly validated by the Storwize server. This could lead to a user connecting to a malicious host, b...
Ibm Storage Virtualize 8.6
5.3
CVSSv3
CVE-2023-39196
Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an malicious user to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Cont...
Apache Ozone
5.3
CVSSv3
CVE-2024-24936
In JetBrains TeamCity prior to 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
Jetbrains Teamcity
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »