Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sas vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-1325
SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges.
Vax Vms Sas System 5.18
NA
CVE-2014-3019
IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module (aka RSSM) prior to 1.3.3.006 allow remote malicious users to obtain blade and storage-pool access via a TELNET session.
Ibm Sas Raid Module Firmware
Ibm Sas Connectivity Module Firmware
NA
CVE-2014-3018
IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module (aka RSSM) prior to 1.3.3.006 allow remote malicious users to cause a denial of service (reboot) via a flood of IP packets.
Ibm Sas Raid Module Firmware
Ibm Sas Connectivity Module Firmware
7.5
CVSSv3
CVE-2018-11365
sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop.
Wizardmac Readstat 0.1.1
4.6
CVSSv3
CVE-2023-27317
ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a single SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. This co...
Netapp Ontap 9.12.1
Netapp Ontap 9.13.1
4.8
CVSSv3
CVE-2023-23720
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NetReviews SAS Verified Reviews (Avis Vérifiés) plugin <= 2.3.13 versions.
Skeepers Verified Reviews \\(avis Verifies\\)
4.7
CVSSv3
CVE-2019-15807
In the Linux kernel prior to 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Debian Debian Linux 8.0
Redhat Enterprise Linux 8.0
7.2
CVSSv3
CVE-2020-25608
The SAS portal of Mitel MiCollab prior to 9.2 could allow an malicious user to access user credentials due to improper input validation, aka SQL Injection.
Mitel Micollab
7.5
CVSSv3
CVE-2019-19316
When using the Azure backend with a shared access signature (SAS), Terraform versions before 0.12.17 may transmit the token and state snapshot using cleartext HTTP.
Hashicorp Terraform
9.8
CVSSv3
CVE-2017-8011
EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM before 4.1, EMC Storage M&R before 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default p...
Dell Emc M\\&r -
Dell Emc Storage Monitoring And Reporting 4.0.2
Dell Emc Vipr Srm
Dell Emc Vnx Monitoring And Reporting -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »