Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
application security manager appliance vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-3520
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this...
Lz4 Project Lz4
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Cloud Native Core Policy 1.14.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
4.4
CVSSv2
CVE-2017-7536
In Hibernate Validator 5.2.x prior to 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occ...
Redhat Hibernate Validator
Redhat Satellite 6.4
Redhat Satellite Capsule 6.4
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 6.4.0
Redhat Jboss Enterprise Application Platform 7.0
Redhat Jboss Enterprise Application Platform 7.1
Redhat Virtualization 4.0
Redhat Virtualization Host 4.0
2 Github repositories
7.5
CVSSv2
CVE-2021-3177
Python 3.x up to and including 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_para...
Python Python
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Debian Debian Linux 9.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.2.0
3 Github repositories
10
CVSSv2
CVE-2013-5511
The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x prior to 8.2(5.46), 8.3.x prior to 8.3(2.39), 8.4.x prior to 8.4(6), 8.5.x prior to 8.5(1.18), 8.6.x prior to 8.6(1.12), 8.7.x prior to 8.7(1.7), 9.0...
Cisco Adaptive Security Appliance Software 8.3.1
Cisco Adaptive Security Appliance Software 8.2.2
Cisco Adaptive Security Appliance Software 8.2.1
Cisco Adaptive Security Appliance Software 8.3.2
Cisco Adaptive Security Appliance Software 8.3(2.34)
Cisco Adaptive Security Appliance Software 8.2.3
Cisco Adaptive Security Appliance Software 8.2(5.38)
Cisco Adaptive Security Appliance Software 8.2(3)
Cisco Adaptive Security Appliance Software 8.2(4)
Cisco Adaptive Security Appliance Software 8.2(3.9)
Cisco Adaptive Security Appliance Software 8.2(5)
Cisco Adaptive Security Appliance Software 8.2(2)
Cisco Adaptive Security Appliance Software 8.3(2)
Cisco Adaptive Security Appliance Software 8.2(4.4)
Cisco Adaptive Security Appliance Software 8.2(5.35)
Cisco Adaptive Security Appliance Software 8.2
Cisco Adaptive Security Appliance Software 8.2(1)
Cisco Adaptive Security Appliance Software 8.3(1)
Cisco Adaptive Security Appliance Software 8.3(2.37)
Cisco Adaptive Security Appliance Software 8.2(4.1)
Cisco Adaptive Security Appliance Software 8.4(1.11)
Cisco Adaptive Security Appliance Software 8.4(2)
9
CVSSv2
CVE-2016-1297
The Device Manager GUI in Cisco Application Control Engine (ACE) 4710 A5 before A5(3.1) allows remote authenticated users to bypass intended RBAC restrictions and execute arbitrary CLI commands with admin privileges via an unspecified parameter in a POST request, aka Bug ID CSCul...
Cisco Application Control Engine Software A5(2.1)
Cisco Application Control Engine Software A5(3.0)
Cisco Application Control Engine Software A5(1.0)
Cisco Application Control Engine Software A5(2.0)
Cisco Application Control Engine Software A5(1.2)
Cisco Application Control Engine Software A5(2.1e)
Cisco Application Control Engine Software A5(1.1)
7.8
CVSSv2
CVE-2013-5515
The Clientless SSL VPN feature in Cisco Adaptive Security Appliance (ASA) Software 8.x prior to 8.2(5.44), 8.3.x prior to 8.3(2.39), 8.4.x prior to 8.4(5.7), 8.6.x prior to 8.6(1.12), 9.0.x prior to 9.0(2.6), and 9.1.x prior to 9.1(1.7) allows remote malicious users to cause a de...
Cisco Adaptive Security Appliance Software 8.0(4)
Cisco Adaptive Security Appliance Software 8.3(2.34)
Cisco Adaptive Security Appliance Software 8.2(5.38)
Cisco Adaptive Security Appliance Software 8.2(3)
Cisco Adaptive Security Appliance Software 8.1
Cisco Adaptive Security Appliance Software 8.2(4)
Cisco Adaptive Security Appliance Software 8.0(3)
Cisco Adaptive Security Appliance Software 8.2(3.9)
Cisco Adaptive Security Appliance Software 8.0.2
Cisco Adaptive Security Appliance Software 8.2(5)
Cisco Adaptive Security Appliance Software 8.2(2)
Cisco Adaptive Security Appliance Software 8.3(2)
Cisco Adaptive Security Appliance Software 8.0(5)
Cisco Adaptive Security Appliance Software 8.0
Cisco Adaptive Security Appliance Software 8.2(4.4)
Cisco Adaptive Security Appliance Software 8.0(5.28)
Cisco Adaptive Security Appliance Software 8.2(5.35)
Cisco Adaptive Security Appliance Software 8.2
Cisco Adaptive Security Appliance Software 8.0.5
Cisco Adaptive Security Appliance Software 8.0.4
Cisco Adaptive Security Appliance Software 8.2(1)
Cisco Adaptive Security Appliance Software 8.0(2)
NA
CVE-2022-20772
A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote malicious user to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to pro...
Cisco Email Security Appliance Firmware
Cisco Secure Email And Web Manager Firmware
6.8
CVSSv2
CVE-2021-1272
A vulnerability in the session validation feature of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote malicious user to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. This vulnerability is due to...
Cisco Data Center Network Manager
7.5
CVSSv2
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons Collections
Apache Commons Collections 4.0
5 Github repositories
4.3
CVSSv2
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by...
Openssl Openssl
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Hyper Converged Infrastructure -
Netapp Cloud Backup -
Netapp Santricity Smi-s Provider -
Netapp Element Software -
Netapp Snapdrive -
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Unified Manager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Service Processor -
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »