Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp vasa provider vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-20002
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.
Gnu Binutils 2.31
Netapp Vasa Provider
F5 Traffix Signaling Delivery Controller
F5 Traffix Signaling Delivery Controller 4.4.0
5.5
CVSSv3
CVE-2018-19932
An issue exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils up to and including 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.
Gnu Binutils
Netapp Vasa Provider
5.3
CVSSv3
CVE-2021-28164
In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web....
Eclipse Jetty 9.4.37
Eclipse Jetty 9.4.38
Netapp Santricity Cloud Connector -
Netapp Snapcenter -
Netapp E-series Performance Analyzer -
Netapp E-series Santricity Web Services -
Netapp Virtual Storage Console
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap
Netapp Cloud Manager -
Netapp Snapcenter Plug-in -
Netapp E-series Santricity Os Controller
Netapp Element Plug-in For Vcenter Server -
Oracle Banking Digital Experience 20.1
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Siebel Core - Automation
Oracle Communications Session Route Manager
Oracle Banking Digital Experience 21.1
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
2 Github repositories
5.3
CVSSv3
CVE-2019-10246
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information revea...
Eclipse Jetty 9.2.27
Eclipse Jetty 9.3.26
Eclipse Jetty 9.4.16
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Oncommand System Manager
Netapp Snapmanager -
Netapp Storage Services Connector -
Netapp Virtual Storage Console
Netapp Virtual Storage Console 9.6
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Storage Replication Adapter For Clustered Data Ontap 9.6
Netapp Vasa Provider For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap -
Netapp Element -
Oracle Retail Xstore Point Of Service 15.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Core Banking 5.2.0
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
5.3
CVSSv3
CVE-2019-10247
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Con...
Eclipse Jetty 9.3.0
Eclipse Jetty 9.3.4
Eclipse Jetty 9.3.7
Eclipse Jetty 9.3.8
Eclipse Jetty 9.3.1
Eclipse Jetty 9.3.2
Eclipse Jetty 9.3.3
Eclipse Jetty 9.3.5
Eclipse Jetty 9.3.6
Eclipse Jetty 9.3.9
Eclipse Jetty 9.3.10
Eclipse Jetty 9.3.11
Eclipse Jetty 9.3.12
Eclipse Jetty 9.3.13
Eclipse Jetty 9.3.14
Eclipse Jetty 9.3.15
Eclipse Jetty 9.3.16
Eclipse Jetty 9.3.17
Eclipse Jetty 9.3.18
Eclipse Jetty 9.3.19
Eclipse Jetty 9.3.20
Eclipse Jetty 9.3.21
5.3
CVSSv3
CVE-2018-15473
OpenSSH up to and including 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
Openbsd Openssh
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Netapp Cn1610 Firmware -
Netapp Cloud Backup -
Netapp Data Ontap Edge -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Netapp Clustered Data Ontap -
Netapp Service Processor -
Netapp Data Ontap -
Netapp Fas Baseboard Management Controller -
Netapp Aff Baseboard Management Controller -
2 EDB exploits
70 Github repositories
1 Article
5.3
CVSSv3
CVE-2017-10349
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc...
Oracle Jdk 1.9.0
Oracle Jre 1.9.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Satellite 5.8
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Eus 7.6
4.7
CVSSv3
CVE-2019-3901
A race condition in perf_event_open() allows local malicious users to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execv...
Linux Linux Kernel
Debian Debian Linux 8.0
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Active Iq Unified Manager For Vmware Vsphere
Netapp Virtual Storage Console For Vmware Vsphere
Netapp Storage Replication Adapter For Clustered Data Ontap For Vmware Vsphere
Netapp Cn1610 Firmware -
2.7
CVSSv3
CVE-2021-28163
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that m...
Eclipse Jetty 11.0.0
Eclipse Jetty 10.0.0
Eclipse Jetty 11.0.1
Eclipse Jetty 10.0.1
Eclipse Jetty
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Apache Solr 8.8.1
Apache Ignite
Netapp Santricity Cloud Connector -
Netapp Snapcenter -
Netapp E-series Performance Analyzer -
Netapp E-series Santricity Web Services -
Netapp Virtual Storage Console
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap
Netapp Cloud Manager -
Netapp Snapcenter Plug-in -
Netapp Element Plug-in For Vcenter Server -
Netapp E-series Santricity Os Controller
Oracle Banking Digital Experience 20.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3