Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hitachi ops center analyzer vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-23498
Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s se...
Grafana Grafana
Grafana Grafana 8.3.0
5.4
CVSSv3
CVE-2022-23552
Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files ...
Grafana Grafana
NA
CVE-2024-2493
Session Hijacking vulnerability in Hitachi Ops Center Analyzer.This issue affects Hitachi Ops Center Analyzer: from 10.0.0-00 prior to 11.0.1-00.
8.3
CVSSv3
CVE-2020-14664
Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version that is affected is Java SE: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful at...
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
Netapp 7-mode Transition Tool -
Netapp Cloud Secure Agent -
Netapp E-series Performance Analyzer -
Netapp E-series Santricity Os Controller
Netapp E-series Santricity Web Services -
Netapp Santricity Unified Manager -
5.3
CVSSv3
CVE-2020-29582
In JetBrains Kotlin prior to 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
Jetbrains Kotlin
Oracle Communications Cloud Native Core Network Slice Selection Function 1.2.1
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0
6.5
CVSSv3
CVE-2022-41915
Netty project is an event-driven asynchronous network application framework. Starting in version 4.1.83.Final and before 4.1.86.Final, when calling `DefaultHttpHeadesr.set` with an _iterator_ of values, header value validation was not performed, allowing malicious header values i...
Netty Netty
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.8
CVSSv3
CVE-2018-10054
H2 1.4.197, as used in Datomic prior to 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code. NOTE: the vendor's position is "h2 is not designed to be run outside of a secure environment."
H2database H2 1.4.197
Cognitect Datomic
2 Github repositories
7.5
CVSSv3
CVE-2021-27306
An improper access control vulnerability in the JWT plugin in Kong Gateway before 2.3.2.0 allows unauthenticated users access to authenticated routes without a valid token JWT.
Konghq Kong Gateway
6.6
CVSSv3
CVE-2022-35957
Grafana is an open-source platform for monitoring and observability. Versions before 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana i...
Grafana Grafana
Fedoraproject Fedora 37
8.2
CVSSv3
CVE-2020-13379
The avatar feature in Grafana 3.0.1 up to and including 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain inf...
Grafana Grafana
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Netapp E-series Performance Analyzer -
Opensuse Leap 15.2
Opensuse Backports Sle 15.0
7 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »