Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
storage vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2022-24720
image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the `#apply` method from image_processing to apply a series of operations that are coming from unsanitized user input allows the malicious user to execute sh...
Image Processing Project Image Processing
Debian Debian Linux 11.0
890
VMScore
CVE-2021-36567
ThinkPHP v6.0.8 exists to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\AbstractCache.
Thinkphp Thinkphp 6.0.8
890
VMScore
CVE-2021-26588
A potential security vulnerability has been identified in HPE 3PAR StoreServ, HPE Primera Storage and HPE Alletra 9000 Storage array firmware. An unauthenticated user could remotely exploit the low complexity issue to execute code as administrator. This vulnerability impacts comp...
Hpe 3par Os 3.3.1 Mp5 P156
Hpe 3par Os 3.3.1 Mu1
Hpe 3par Os 3.3.1 Mu2 P157
Hpe 3par Os 3.3.2 Ga P 01
Hpe Primera 630 Firmware
Hpe Primera 650 Firmware
Hpe Primera 670 Firmware
Hpe Alletra 9060 Firmware
Hpe Alletra 9080 Firmware
890
VMScore
CVE-2021-36745
A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote malicious user to bypass authentication on affected i...
Trendmicro Serverprotect 5.8
Trendmicro Serverprotect 6.0
890
VMScore
CVE-2021-22941
Improper Access Control in Citrix ShareFile storage zones controller prior to 5.11.20 may allow an unauthenticated malicious user to remotely compromise the storage zones controller.
Citrix Sharefile Storagezones Controller
1 Github repository
890
VMScore
CVE-2021-38306
Network Attached Storage on LG N1T1*** 10124 devices allows an unauthenticated malicious user to gain root access via OS command injection in the en/ajp/plugins/access.ssh/checkInstall.php destServer parameter.
Lg N1t1 Firmware -
890
VMScore
CVE-2020-8584
Element OS versions before 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote malicious user to perform arbitrary code execution.
Netapp Hci Management Node -
Netapp Solidfire -
Netapp Hci Storage Node -
Netapp Element Os
Netapp Element Os 1.8
890
VMScore
CVE-2019-17006
In Network Security Services (NSS) prior to 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
Siemens Ruggedcom Rox Mx5000 Firmware
Siemens Ruggedcom Rox Rx1400 Firmware
Siemens Ruggedcom Rox Rx1500 Firmware
Siemens Ruggedcom Rox Rx1501 Firmware
Siemens Ruggedcom Rox Rx1510 Firmware
Siemens Ruggedcom Rox Rx1511 Firmware
Siemens Ruggedcom Rox Rx1512 Firmware
Siemens Ruggedcom Rox Rx5000 Firmware
Mozilla Network Security Services
Netapp Hci Management Node -
Netapp Solidfire -
Netapp Hci Compute Node -
Netapp Hci Storage Node -
890
VMScore
CVE-2019-12002
A remote session reuse vulnerability leading to access restriction bypass exists in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and previous versio...
Hpe Msa 1040 Firmware
Hpe Msa 2040 Firmware
Hpe Msa 2042 Firmware
Hpe Msa 1050 Firmware
Hpe Msa 2050 Firmware
Hpe Msa 2052 Firmware
890
VMScore
CVE-2020-6852
CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 has weak authentication of TELNET access, leading to root privileges without any password required.
Cacagoo Tv-288zd-2mp Firmware 3.4.2.0919
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »