Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp storagegrid vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-3115
Go prior to 1.14.14 and 1.15.x prior to 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).
Golang Go
Fedoraproject Fedora 33
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
7.5
CVSSv3
CVE-2020-2816
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of t...
Oracle Jdk 14.0.0
Oracle Jre 14.0.0
Oracle Jdk 11.0.6
Oracle Jre 11.0.6
Oracle Openjdk 8
Oracle Openjdk 7
Oracle Openjdk 14
Oracle Openjdk
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
Netapp 7-mode Transition Tool -
Netapp E-series Performance Analyzer -
Netapp E-series Santricity Os Controller
Netapp E-series Santricity Web Services -
Netapp Plug-in For Symantec Netbackup -
Netapp Santricity Unified Manager -
7.5
CVSSv3
CVE-2020-8571
StorageGRID (formerly StorageGRID Webscale) versions 10.0.0 up to and including 11.3 before 11.2.0.8 and 11.3.0.4 are susceptible to a vulnerability which allows an unauthenticated remote malicious user to cause a Denial of Service (DoS).
Netapp Storagegrid
7.5
CVSSv3
CVE-2018-18066
snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP prior to 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated malicious user to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Net-snmp Net-snmp
Netapp Storagegrid Webscale -
Netapp Solidfire Element Os -
Netapp Hyper Converged Infrastructure -
Netapp Cloud Backup -
Netapp Data Ontap -
Netapp E-series Santricity Os Controller
7.4
CVSSv3
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
7.4
CVSSv3
CVE-2020-14593
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network acce...
Oracle Jdk 11.0.7
Oracle Jdk 14.0.1
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.8.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
6.5
CVSSv3
CVE-2022-23238
Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 up to and including 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated malicious user to view limited metrics ...
Netapp Storagegrid
6.5
CVSSv3
CVE-2021-34558
The crypto/tls package of Go up to and including 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
Golang Go
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Storagegrid -
Netapp Trident -
Netapp Cloud Insights Telegraf -
Oracle Timesten In-memory Database
1 Github repository
6.5
CVSSv3
CVE-2021-3114
In Go prior to 1.14.14 and 1.15.x prior to 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
Golang Go
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
1 Github repository
6.5
CVSSv3
CVE-2018-19039
Grafana prior to 4.6.5 and 5.x prior to 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
Grafana Grafana
Redhat Enterprise Linux Workstation 7.0
Redhat Ceph Storage 3.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Netapp Active Iq Performance Analytics Services -
Netapp Storagegrid Webscale Nas Bridge -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »