Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
storage vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-39196
Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an malicious user to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Cont...
Apache Ozone
5.3
CVSSv3
CVE-2024-24936
In JetBrains TeamCity prior to 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
Jetbrains Teamcity
7.5
CVSSv3
CVE-2023-47148
IBM Storage Protect Plus Server 10.1.0 up to and including 10.1.15.2 Admin Console could allow a remote malicious user to obtain sensitive information due to improper validation of unsecured endpoints which could be used in further attacks against the system. IBM X-Force ID: 2705...
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2023-46159
IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to cause a denial of service from RGW. IBM X-Force ID: 268906.
Ibm Storage Ceph 5.3z1
Ibm Storage Ceph 6.1z1
Ibm Storage Ceph 5.3z5
9.8
CVSSv3
CVE-2024-24561
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and previous versions, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice() function uses a n...
Vyperlang Vyper
8.8
CVSSv3
CVE-2024-24747
MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for `s3:*` actions, but also `admin:*` actions. Which means unless somewhere above in the access-key hierarchy, the `admin` rights are denied, a...
Minio Minio 2024-01-31t20-20-33z
7.1
CVSSv3
CVE-2024-21840
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 up to and including 04.9.2.
Hitachi Storage Plug-in
8.8
CVSSv3
CVE-2023-43317
An issue in Coign CRM Portal v.06.06 allows a remote malicious user to escalate privileges via the userPermissionsList parameter in Session Storage component.
Coign Coign 06.06
1 Github repository
5.3
CVSSv3
CVE-2024-23685
Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types.
Openlibraryfoundation Mod-remote-storage
5.4
CVSSv3
CVE-2023-50963
IBM Storage Defender - Data Protect 1.0.0 up to and including 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an malicious user to conduct various attacks against the vulnerable system, including cross-sit...
Ibm Storage Defender Data Protect
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »