Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens sinec infrastructure network services vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-27290
ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.
Ssri Project Ssri
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
7.8
CVSSv2
CVE-2021-22883
Node.js prior to 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the sys...
Nodejs Node.js
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp E-series Performance Analyzer -
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Graalvm 20.3.1.2
Oracle Graalvm 21.0.0.2
Oracle Graalvm 19.3.5
Oracle Nosql Database
Oracle Mysql Cluster
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Jd Edwards Enterpriseone Tools
Siemens Sinec Infrastructure Network Services
5.1
CVSSv2
CVE-2021-22884
Node.js prior to 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over networ...
Nodejs Node.js
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Netapp E-series Performance Analyzer -
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Graalvm 20.3.1.2
Oracle Graalvm 21.0.0.2
Oracle Graalvm 19.3.5
Oracle Nosql Database
Oracle Mysql Cluster
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Jd Edwards Enterpriseone Tools
Siemens Sinec Infrastructure Network Services
6.8
CVSSv2
CVE-2020-8625
BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid...
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.11.5
Isc Bind 9.11.8
Isc Bind 9.11.21
Isc Bind 9.17.0
Isc Bind 9.17.1
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.11.27
Isc Bind
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Siemens Sinec Infrastructure Network Services
Netapp Cloud Backup -
Netapp A250 Firmware -
Netapp 500f Firmware -
5
CVSSv2
CVE-2021-23840
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be...
Openssl Openssl
Debian Debian Linux 10.0
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Oracle Business Intelligence 12.2.1.3.0
Oracle Jd Edwards World Security A9.4
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Enterprise Manager For Storage Management 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Graalvm 20.3.1.2
Oracle Graalvm 21.0.0.2
Oracle Graalvm 19.3.5
Oracle Mysql Server
Oracle Nosql Database
Oracle Jd Edwards Enterpriseone Tools
Oracle Business Intelligence 5.9.0.0.0
Oracle Communications Cloud Native Core Policy 1.15.0
1 Github repository
4.3
CVSSv2
CVE-2021-23841
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (whi...
Openssl Openssl
Debian Debian Linux 10.0
Tenable Tenable.sc
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Apple Macos
Apple Iphone Os
Apple Safari
Apple Ipados
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Oracle Business Intelligence 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager For Storage Management 13.4.0.0
6.4
CVSSv2
CVE-2020-8287
Node.js versions prior to 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smug...
Nodejs Node.js
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Graalvm 19.3.4
Oracle Graalvm 20.3.0
Siemens Sinec Infrastructure Network Services
1 Github repository
6.8
CVSSv2
CVE-2020-8265
Node.js versions prior to 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If...
Nodejs Node.js
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Graalvm 19.3.4
Oracle Graalvm 20.3.0
Siemens Sinec Infrastructure Network Services
4.3
CVSSv2
CVE-2020-8284
A malicious server can use the FTP PASV response to trick curl 7.73.0 and previous versions into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing p...
Haxx Curl
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Bootstrap Os -
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.15.7
Apple Macos 11.0.1
Apple Macos 11.1
Apple Macos 11.2
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Essbase 21.2
Oracle Communications Cloud Native Core Policy 1.14.0
Fujitsu M10-1 Firmware
Fujitsu M10-4 Firmware
2 Github repositories
5
CVSSv2
CVE-2020-8285
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
Haxx Libcurl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Bootstrap Os -
Netapp Hci Storage Node Firmware -
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.15.7
Apple Macos
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Essbase 21.2
Oracle Communications Cloud Native Core Policy 1.14.0
Fujitsu M10-1 Firmware
Fujitsu M10-4 Firmware
Fujitsu M10-4s Firmware
Fujitsu M12-1 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »