Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
integrated management controller vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-1937
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote malicious user to acquire a valid session token with administra...
Cisco Integrated Management Controller Supervisor
Cisco Ucs Director
Cisco Ucs Director 6.7\\(0.0.67265\\)
Cisco Ucs Director Express For Big Data 3.6.0.0
Cisco Ucs Director Express For Big Data
1 EDB exploit
2 Metasploit modules
1 Article
4.7
CVSSv3
CVE-2019-19965
In the Linux kernel up to and including 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Netapp Active Iq Unified Manager -
Netapp Cloud Backup -
Netapp Data Availability Services -
Netapp E-series Santricity Os Controller
Netapp Hci Management Node -
Netapp Solidfire -
Netapp Steelstore Cloud Integrated Storage -
Opensuse Leap 15.1
Netapp A700s Firmware -
Netapp H610s Firmware -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
9.8
CVSSv3
CVE-2019-18805
An issue exists in net/ipv4/sysctl_net_ipv4.c in the Linux kernel prior to 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or ...
Linux Linux Kernel
Linux Linux Kernel 5.1
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux 7.0
Netapp Active Iq Unified Manager -
Netapp Data Availability Services -
Netapp E-series Santricity Os Controller
Netapp Hci Management Node -
Netapp Solidfire -
Netapp Steelstore Cloud Integrated Storage -
Netapp Hci Compute Node -
Netapp Hci Storage Node -
Broadcom Fabric Operating System -
Netapp Aff A700s Firmware -
Netapp Fas8300 Firmware -
Netapp Fas8700 Firmware -
Netapp Aff A400 Firmware -
Netapp H610s Firmware -
NA
CVE-2015-6259
The JavaServer Pages (JSP) component in Cisco Integrated Management Controller (IMC) Supervisor prior to 1.0.0.1 and UCS Director (formerly Cloupia Unified Infrastructure Controller) prior to 5.2.0.1 allows remote malicious users to write to arbitrary files via crafted HTTP reque...
Cisco Integrated Management Controller Supervisor
Cisco Unified Computing System Director 4.0 Base
Cisco Unified Computing System Director 5.0.0.0
Cisco Unified Computing System Director
Cisco Unified Computing System Director 5.0.0.1
Cisco Unified Computing System Director 5.0.0.2
Cisco Unified Computing System Director 5.0.0.3
Cisco Unified Computing System Director 5.1.0.1
Cisco Unified Computing System Director 3.4 Base
Cisco Unified Computing System Director 4.1 Base
Cisco Unified Computing System Director 5.1.0.0
6.5
CVSSv3
CVE-2019-5108
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to d...
Linux Linux Kernel
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Netapp A700s Firmware -
Netapp H610s Firmware -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
Oracle Sd-wan Edge 8.2
5.3
CVSSv3
CVE-2018-15473
OpenSSH up to and including 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
Openbsd Openssh
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Netapp Cn1610 Firmware -
Netapp Cloud Backup -
Netapp Data Ontap Edge -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Netapp Clustered Data Ontap -
Netapp Service Processor -
Netapp Data Ontap -
Netapp Fas Baseboard Management Controller -
Netapp Aff Baseboard Management Controller -
2 EDB exploits
70 Github repositories
1 Article
7
CVSSv3
CVE-2020-11884
In the Linux kernel 4.19 up to and including 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19...
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller -
Netapp Bootstrap Os -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
7.5
CVSSv3
CVE-2019-19050
A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel up to and including 5.3.11 allows malicious users to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.
Linux Linux Kernel
Linux Linux Kernel 5.5
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Active Iq Unified Manager -
Netapp Hci Compute Node -
Netapp E-series Santricity Os Controller
Broadcom Fabric Operating System -
Netapp Aff A700s Firmware -
Netapp Fas8300 Firmware -
Netapp Fas8700 Firmware -
Netapp Aff A400 Firmware -
Netapp H610s Firmware -
NA
CVE-2010-2841
Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 prior to 4.2.209.0; 4.2M prior to 4.2.207.54M; 5.0, 5.1, and 6.0 prior to 6.0.196.0; and 5.2 prior to 5.2.193.11 allows remote authenticated users to cause a denial of service (device reload) via crafte...
Cisco Wireless Lan Controller Software 4.2.174.0
Cisco Wireless Lan Controller Software 4.2.173.0
Cisco Wireless Lan Controller Software 4.2.130.0
Cisco Wireless Lan Controller Software 4.2.99.0
Cisco Wireless Lan Controller Software 4.0.217.0
Cisco Wireless Lan Controller Software 5.0.148.0
Cisco Wireless Lan Controller Software 5.0.148.2
Cisco Wireless Lan Controller Software 5.1
Cisco Wireless Lan Controller Software 5.1.151.0
Cisco Wireless Lan Controller Software 4.2.112.0
Cisco Wireless Lan Controller Software 4.2
Cisco Wireless Lan Controller Software 4.2m
Cisco Wireless Lan Controller Software 4.0.155.5
Cisco Wireless Lan Controller Software 4.0.219.0
Cisco Wireless Lan Controller Software 5.1.152.0
Cisco Wireless Lan Controller Software 6.0
Cisco Wireless Lan Controller Software 4.0.108
Cisco Wireless Lan Controller Software 4.0.155.0
Cisco Wireless Lan Controller Software 4.0.179.8
Cisco Wireless Lan Controller Software 4.0.196
Cisco Wireless Lan Controller Software 4.2.117.0
Cisco Wireless Lan Controller Software 4.2.176.0
NA
CVE-2010-2842
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 up to and including 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerabi...
Cisco Wireless Lan Controller Software 4.2.61.0
Cisco Wireless Lan Controller Software 4.2
Cisco Wireless Lan Controller Software 4.2.182.0
Cisco Wireless Lan Controller Software 5.0.148.0
Cisco Wireless Lan Controller Software 4.2.173.0
Cisco Wireless Lan Controller Software 4.2.99.0
Cisco Wireless Lan Controller Software 5.2.169.0
Cisco Wireless Lan Controller Software 5.1
Cisco Wireless Lan Controller Software 6.0
Cisco Wireless Lan Controller Software 4.2.117.0
Cisco Wireless Lan Controller Software 4.2.112.0
Cisco Wireless Lan Controller Software 4.2.176.0
Cisco Wireless Lan Controller Software 5.1.152.0
Cisco Wireless Lan Controller Software 5.2
Cisco Wireless Lan Controller Software 5.1.151.0
Cisco Wireless Lan Controller Software 5.0.148.2
Cisco Wireless Lan Controller Software 6.0.182.0
Cisco Wireless Lan Controller Software 4.2.174.0
Cisco Wireless Lan Controller Software 4.2.130.0
Cisco Wireless Lan Controller Software 5.1.160.0
Cisco Wireless Lan Controller Software 5.2.157.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »