Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
service provider vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2009-0078
The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2)...
Microsoft Windows Vista Gold
Microsoft Windows Xp
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
1 EDB exploit
7.5
CVSSv2
CVE-2018-1183
In Dell EMC Unisphere for VMAX Virtual Appliance versions before 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions before 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions before 8.4.0.512, Dell EMC SMIS versions before 8.4.0.6, Dell EMC VMAX Embedded Manage...
Dell Emc Vmax Enas 8.0
Dell Emc Vipr Srm 4.0.3
Dell Emc Vipr Srm 3.7.1
Dell Emc Vnxe 3100 Operating Environment -
Dell Emc Vnxe3200 Operating Environment -
Dell Emc Vnx1 Operating Environment 7.1.82.0
Dell Emc Unisphere
Dell Emc Vasa Provider Virtual Appliance
Dell Emc Xtremio 4.0
Dell Emc Xtremio 4.0.2
Dell Emc Vipr Srm 4.0
Dell Emc Vipr Srm 4.0.1
Dell Emc Vnx2 Operating Environment
Dell Emc Vmax Embedded Management
Dell Emc Smis
Dell Emc Vipr Srm 3.7.2
Dell Emc Vipr Srm -
Dell Emc Vnxe 3300 Operating Environment -
Dell Emc Vnxe 3150 Operating Environment -
Dell Emc Unity Operating Environment
Dell Emc Vmax Enas 8.0.1
Dell Emc Vipr Srm 4.0.2
5
CVSSv2
CVE-2021-33193
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Tenable Tenable.sc
Oracle Zfs Storage Appliance Kit 8.8
Oracle Secure Backup
1 Github repository
NA
CVE-2023-1584
A flaw was found in Quarkus. Quarkus OIDC can leak both ID and access tokens in the authorization code flow when an insecure HTTP protocol is used, which can allow malicious users to access sensitive user data directly from the ID token or by using the access token to access user...
Quarkus Quarkus
5.5
CVSSv2
CVE-2015-5301
providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 prior to 1.0.2 and 1.1.x prior to 1.1.1 does not properly check permissions, which allows remote authenticated users to cause a denial of service by deleting a SAML2 Service Provider (SP).
Ipsilon Project Ipsilon 0.4.0
Ipsilon Project Ipsilon 0.5.0
Ipsilon Project Ipsilon 0.6.0
Ipsilon Project Ipsilon 1.1.0
Ipsilon Project Ipsilon 1.0.0
Ipsilon Project Ipsilon 1.0.1
Ipsilon Project Ipsilon 0.1.0
Ipsilon Project Ipsilon 0.3.0
6.8
CVSSv2
CVE-2021-1503
A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an malicious user to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex record...
Cisco Webex Meetings Server 4.0
Cisco Webex Player
7.5
CVSSv2
CVE-2021-39275
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Server 14.0
Siemens Sinec Nms
4.3
CVSSv2
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by...
Openssl Openssl
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Hyper Converged Infrastructure -
Netapp Cloud Backup -
Netapp Santricity Smi-s Provider -
Netapp Element Software -
Netapp Snapdrive -
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Unified Manager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Service Processor -
3 Github repositories
2.1
CVSSv2
CVE-2021-25342
Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider.
Samsung Members
2.1
CVSSv2
CVE-2021-25341
Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider.
Samsung S Assistant
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »