Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens sinec infrastructure network services vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv2
CVE-2021-37712
The npm package "tar" (aka node-tar) prior to 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. Th...
Npmjs Tar
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
4.4
CVSSv2
CVE-2021-37713
The npm package "tar" (aka node-tar) prior to 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be outside of the extraction target directory is no...
Npmjs Tar
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
4.4
CVSSv2
CVE-2021-37701
The npm package "tar" (aka node-tar) prior to 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. Thi...
Npmjs Tar
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
4.4
CVSSv2
CVE-2021-39134
`@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed in...
Npmjs Arborist
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
4.4
CVSSv2
CVE-2021-39135
`@npmcli/arborist`, the library that calculates dependency trees and manages the node_modules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into...
Npmjs Arborist
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
5.8
CVSSv2
CVE-2021-3712
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Tenable Tenable.sc
Tenable Nessus Network Monitor
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Server
Oracle Mysql Workbench
2 Github repositories
5
CVSSv2
CVE-2021-22939
If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted.
Nodejs Node.js
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Oracle Mysql Cluster
Oracle Jd Edwards Enterpriseone Tools
Netapp Nextgen Api -
Siemens Sinec Infrastructure Network Services
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2021-22931
Node.js prior to 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijac...
Nodejs Node.js
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Netapp Nextgen Api -
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Oracle Mysql Cluster
Siemens Sinec Infrastructure Network Services
5
CVSSv2
CVE-2021-22940
Node.js prior to 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.
Nodejs Node.js
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Oracle Jd Edwards Enterpriseone Tools
Netapp Nextgen Api -
Siemens Sinec Infrastructure Network Services
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2021-22922
When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different...
Haxx Curl
Fedoraproject Fedora 33
Netapp Cloud Backup -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Oracle Mysql Server
Siemens Sinec Infrastructure Network Services
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »