Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ucs manager vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-33193
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Tenable Tenable.sc
Oracle Zfs Storage Appliance Kit 8.8
Oracle Secure Backup
1 Github repository
6.8
CVSSv2
CVE-2021-40438
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
F5 F5os
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Secure Global Desktop 5.6
Siemens Sinema Server 14.0
Siemens Sinec Nms
13 Github repositories
5
CVSSv2
CVE-2015-8139
ntpq in NTP prior to 4.2.8p7 allows remote malicious users to obtain origin timestamps and then impersonate peers via unspecified vectors.
Ntp Ntp
5.8
CVSSv2
CVE-2015-8140
The ntpq protocol in NTP prior to 4.2.8p7 allows remote malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
7.5
CVSSv2
CVE-2021-39275
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Server 14.0
Siemens Sinec Nms
10
CVSSv2
CVE-2014-6278
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feat...
Gnu Bash 1.14.5
Gnu Bash 1.14.6
Gnu Bash 2.03
Gnu Bash 2.04
Gnu Bash 3.2.48
Gnu Bash 4.0
Gnu Bash 1.14.1
Gnu Bash 1.14.2
Gnu Bash 2.01
Gnu Bash 2.01.1
Gnu Bash 3.0
Gnu Bash 3.0.16
Gnu Bash 4.2
Gnu Bash 4.3
Gnu Bash 1.14.0
Gnu Bash 1.14.7
Gnu Bash 2.0
Gnu Bash 2.05
Gnu Bash 4.1
Gnu Bash 1.14.3
Gnu Bash 1.14.4
Gnu Bash 2.02
5 EDB exploits
12 Github repositories
5.8
CVSSv2
CVE-2015-7973
NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
Ntp Ntp 4.2.8
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
Freebsd Freebsd 9.3
Freebsd Freebsd
Freebsd Freebsd 10.1
Freebsd Freebsd 10.2
Netapp Clustered Data Ontap -
Netapp Oncommand Balance -
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
5.8
CVSSv2
CVE-2012-4092
The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle malicious users to read or modify an inter-device data stream by spoofing an identity, ak...
Cisco Unified Computing System -
NA
CVE-2022-20824
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent malicious user to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This ...
Cisco Mds 9506 Firmware -
Cisco Mds 9513 Firmware -
Cisco Mds 9706 Firmware -
Cisco Mds 9710 Firmware -
Cisco Mds 9718 Firmware -
Cisco Nexus 1000v Firmware -
Cisco Nexus 3016 Firmware -
Cisco Nexus 3016q Firmware -
Cisco Nexus 3048 Firmware -
Cisco Nexus 3064 Firmware -
Cisco Nexus 3064-32t Firmware -
Cisco Nexus 3064-t Firmware -
Cisco Nexus 3064-x Firmware -
Cisco Nexus 3064t Firmware -
Cisco Nexus 3064x Firmware -
Cisco Nexus 3100 Firmware -
Cisco Nexus 3100-v Firmware -
Cisco Nexus 3100-z Firmware -
Cisco Nexus 3100v Firmware -
Cisco Nexus 31108pc-v Firmware -
Cisco Nexus 31108pv-v Firmware -
Cisco Nexus 31108tc-v Firmware -
2.1
CVSSv2
CVE-2015-7975
The nextvar function in NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90 does not properly validate the length of its input, which allows an malicious user to cause a denial of service (application crash).
Ntp Ntp 4.3.0
Ntp Ntp 4.3.1
Ntp Ntp 4.3.16
Ntp Ntp 4.3.17
Ntp Ntp 4.3.18
Ntp Ntp 4.3.24
Ntp Ntp 4.3.25
Ntp Ntp 4.3.31
Ntp Ntp 4.3.32
Ntp Ntp 4.3.39
Ntp Ntp 4.3.4
Ntp Ntp 4.3.40
Ntp Ntp 4.3.47
Ntp Ntp 4.3.48
Ntp Ntp 4.3.54
Ntp Ntp 4.3.55
Ntp Ntp 4.3.62
Ntp Ntp 4.3.63
Ntp Ntp 4.3.7
Ntp Ntp 4.3.70
Ntp Ntp 4.3.77
Ntp Ntp 4.3.78
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »