Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
service level manager vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2019-1825
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute arbitrary SQL queries. This vulnerability exist because the software improp...
Cisco Prime Infrastructure
Cisco Network Level Service 3.0\\(0.0.83b\\)
Cisco Evolved Programmable Network Manager
7.8
CVSSv3
CVE-2023-20216
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local malicious user to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. A...
Cisco Broadworks Application Server
Cisco Broadworks Application Delivery Platform
Cisco Broadworks Network Server
Cisco Broadworks Profile Server
Cisco Broadworks Xtended Services Platform
Cisco Broadworks Troubleshooting Server
Cisco Broadworks Network Function Manager
Cisco Broadworks Network Database Server
Cisco Broadworks Execution Server
Cisco Broadworks Database Server
Cisco Broadworks Service Control Function Server
Cisco Broadworks Media Server
7.8
CVSSv3
CVE-2021-35052
A component in Kaspersky Password Manager could allow an malicious user to elevate a process Integrity level from Medium to High.
Kaspersky Password Manager
Kaspersky Password Manager 9.0.2
1 Article
7.8
CVSSv3
CVE-2019-19448
In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can ...
Linux Linux Kernel
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp A700s Firmware -
Netapp Fas 8300 Firmware -
Netapp Fas 8700 Firmware -
Netapp Fas A400 Firmware -
Netapp Aff 8300 Firmware -
Netapp Aff 8700 Firmware -
Netapp Aff A400 Firmware -
Netapp H610s Firmware -
Netapp Solidfire Baseboard Management Controller Firmware -
7.8
CVSSv3
CVE-2017-15518
All versions of OnCommand API Services before 2.1 and NetApp Service Level Manager before 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further ac...
Netapp Oncommand Api Services
Netapp Service Level Manager 1.0
Netapp Service Level Manager
7.8
CVSSv3
CVE-2016-3070
The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel prior to 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecifie...
Debian Debian Linux 8.0
Linux Linux Kernel
7.8
CVSSv3
CVE-2010-2524
The DNS resolution functionality in the CIFS implementation in the Linux kernel prior to 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results ...
Linux Linux Kernel
Vmware Esx 4.1
Vmware Esx 4.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Suse Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Desktop 11
7.5
CVSSv3
CVE-2023-0436
The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like GCP service account keys and API integration secrets while DEBUG mode logging is enabled. This issue affects MongoDB Atlas Kubernetes Operator versions: 1.5.0, 1.6.0, 1.6.1, 1.7.0. Ple...
Mongodb Atlas Kubernetes Operator
Mongodb Atlas Kubernetes Operator 1.5.0
7.5
CVSSv3
CVE-2023-39325
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the malici...
Golang Http2
Golang Go
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Netapp Astra Trident -
Netapp Astra Trident Autosupport -
2 Github repositories
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »