Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nas vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-0142
QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote malicious users to obtain web-server login access via unspecified vectors.
Qnap Viostor Network Video Recorder 4.0.3
Qnap Viostor Network Video Recorder -
Qnap Surveillance Station Pro -
Qnap Nas -
4.3
CVSSv2
CVE-2018-12099
Grafana prior to 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
Grafana Grafana
Netapp Storagegrid Webscale Nas Bridge -
Netapp Active Iq Performance Analytics Services -
4.9
CVSSv2
CVE-2020-25704
A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.
Linux Linux Kernel 5.10
Linux Linux Kernel
Debian Debian Linux 9.0
Starwindsoftware Starwind San \\& Nas V8r12
Starwindsoftware Command Center -
Starwindsoftware Starwind Virtual San V8
Starwindsoftware Starwind Hyperconverged Appliance -
1 Github repository
6.8
CVSSv2
CVE-2020-36385
An issue exists in the Linux kernel prior to 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
Linux Linux Kernel
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Starwindsoftware Starwind San \\& Nas V8r12
Starwindsoftware Starwind Virtual San V8
4
CVSSv2
CVE-2018-19039
Grafana prior to 4.6.5 and 5.x prior to 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
Grafana Grafana
Redhat Enterprise Linux Workstation 7.0
Redhat Ceph Storage 3.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Netapp Active Iq Performance Analytics Services -
Netapp Storagegrid Webscale Nas Bridge -
4.6
CVSSv2
CVE-2019-20807
In Vim prior to 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
Vim Vim
Debian Debian Linux 9.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Apple Mac Os X 10.13.6
Apple Mac Os X 10.14.6
Starwindsoftware Command Center 2
Starwindsoftware San \\& Nas 1.0
1 Article
4.6
CVSSv2
CVE-2021-42739
The firewire subsystem in the Linux kernel up to and including 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
Linux Linux Kernel
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Starwindsoftware Starwind San \\& Nas V8r12
Starwindsoftware Starwind Virtual San V8r13
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
1 Github repository
5
CVSSv2
CVE-2007-1544
Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) prior to 1.8a SVN 237 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value.
Radscan Network Audio System 1.8a
5
CVSSv2
CVE-2007-1546
Array index error in Network Audio System (NAS) prior to 1.8a SVN 237 allows remote malicious users to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileIn...
Radscan Network Audio System 1.8a
10
CVSSv2
CVE-2007-1543
Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) prior to 1.8a SVN 237 allows remote malicious users to execute arbitrary code via a long path slave name in a USL socket connection.
Radscan Network Audio System 1.8a
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »