Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nova vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-24022
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote malicious users to authenticate via ssh. (The credentials are stored in the firmware, encrypted ...
Baicells Rtd Firmware
Baicells Rts Firmware
10
CVSSv3
CVE-2023-0776
Baicells Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 LTE TDD eNodeB devices with firmware through QRTB 2.12.7 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. Th...
Baicells Neutrino 430 Firmware
Baicells Nova430l Firmware
Baicells Nova430e Firmware
Baicells Nova436q Firmware
7.8
CVSSv3
CVE-2017-8203
The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. An attacker can convince a user to install a malicious application which has a high p...
Huawei Nova 2 Firmware
Huawei Nova 2 Plus Firmware
6.5
CVSSv3
CVE-2020-20250
Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254....
Mikrotik Routeros
6.5
CVSSv3
CVE-2023-2088
A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confi...
Redhat Openstack -
8.8
CVSSv3
CVE-2021-45419
Certain Starcharge products are affected by Improper Input Validation. The affected products include: Nova 360 Cabinet <= 1.3.0.0.7b102 - Fixed: Beta1.3.0.1.0 and Titan 180 Premium <= 1.3.0.0.6 - Fixed: 1.3.0.0.9.
Starcharge Titan 180 Premium Firmware
Starcharge Nova 360 Cabinet Firmware
4.7
CVSSv3
CVE-2015-2687
OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.
Openstack Compute 2013.2.2
Openstack Compute 2013.2.1
Openstack Compute 2013.2
Openstack Compute 2014.1.5
Openstack Compute 2014.1.4
Openstack Compute 2014.2.4
Openstack Compute 2014.2.3
Openstack Compute 2014.2.2
Openstack Compute 2014.2
Openstack Compute 2013.2.3
Openstack Compute 2014.1.2
Openstack Compute 2014.1
Openstack Compute 2014.2.1
Openstack Compute 2013.2.4
Openstack Compute 2014.1.3
Openstack Compute 2014.1.1
8.8
CVSSv3
CVE-2021-45418
Certain Starcharge products are vulnerable to Directory Traversal via main.cgi. The affected products include: Nova 360 Cabinet <=1.3.0.0.6 - Fixed: 1.3.0.0.9 and Titan 180 Premium <=1.3.0.0.7b102 - Fixed: Beta1.3.0.1.0.
Starcharge Titan 180 Premium Firmware
Starcharge Nova 360 Cabinet Firmware
6.5
CVSSv3
CVE-2020-20220
Mikrotik RouterOs prior to stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/bfd process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
Mikrotik Routeros
6.5
CVSSv3
CVE-2020-20227
Mikrotik RouterOs stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/diskd process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.
Mikrotik Routeros 6.47
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »