Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
storage vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-36642
A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node up to and including 1.0.0-1.4.9 allows malicious users to access users credentials which makes him able to gain initial access to the control panel with high privilege because the cle...
Telosalliance Omnia Mpx Node Firmware 1.5.0
Telosalliance Omnia Mpx Node Firmware
9.8
CVSSv3
CVE-2022-31232
SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access and perform actions on the affected system.
Dell Smartfabric Storage Software 1.0.0
9.8
CVSSv3
CVE-2022-37437
When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service (S3) in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination. The vulnerability only affects connections between Splunk Enterprise and an...
Splunk Splunk 9.0.0
9.8
CVSSv3
CVE-2022-26352
An issue exists in the ContentResource API in dotCMS 3.0 up to and including 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage l...
Dotcms Dotcms
9.8
CVSSv3
CVE-2022-33936
Cloud Mobility for Dell EMC Storage, 1.3.0.XXX contains a RCE vulnerability. A non-privileged user could potentially exploit this vulnerability, leading to achieving a root shell. This is a critical issue; so Dell recommends customers to upgrade at the earliest opportunity.
Dell Cloud Mobility For Dell Emc Storage 1.3.0
9.8
CVSSv3
CVE-2022-22487
An IBM Spectrum Protect storage agent could allow a remote malicious user to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techn...
Ibm Spectrum Protect Server
9.8
CVSSv3
CVE-2022-33107
ThinkPHP v6.0.12 exists to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\AbstractCache.php. This vulnerability allows malicious users to execute arbitrary code via a crafted payload.
Thinkphp Thinkphp 6.0.12
9.8
CVSSv3
CVE-2022-28171
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affec...
Hikvision Ds-a71024 Firmware
Hikvision Ds-a71048 Firmware
Hikvision Ds-a71072r Firmware
Hikvision Ds-a80624s Firmware
Hikvision Ds-a81016s Firmware
Hikvision Ds-a72024 Firmware
Hikvision Ds-a72072r Firmware
Hikvision Ds-a80316s Firmware
Hikvision Ds-a82024d Firmware
Hikvision Ds-a71048r-cvs Firmware
Hikvision Ds-a72048r-cvs Firmware
1 Github repository
9.8
CVSSv3
CVE-2022-32554
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases...
Purestorage Purity\\/\\/fa
Purestorage Purity\\/\\/fb
9.8
CVSSv3
CVE-2022-2068
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not dis...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Siemens Sinec Ins 1.0
Siemens Sinec Ins
Netapp Santricity Smi-s Provider -
Netapp Element Software -
Netapp Ontap Select Deploy Administration Utility -
Netapp Smi-s Provider -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapmanager -
Netapp Ontap Antivirus Connector -
Netapp Bootstrap Os -
Netapp H615c Firmware -
Netapp H610s Firmware -
Netapp H610c Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
1 Github repository
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »