Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp hyper converged infrastructure - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-1000656
The Pallets Project flask version prior to 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in inc...
Palletsprojects Flask
Netapp Active Iq
Netapp Hyper Converged Infrastructure
Netapp Ontap Select Deploy Utility
8 Github repositories
7.5
CVSSv3
CVE-2019-5492
Element Plug-in for vCenter Server versions before 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions before 1.4P2 bundle affected versions of Element Plug-in for vCenter Server.
Netapp Hyper Converged Infrastructure Compute Node
Netapp Element Plug-in For Vcenter Server
7.5
CVSSv3
CVE-2018-18066
snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP prior to 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated malicious user to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Net-snmp Net-snmp
Netapp Cloud Backup -
Netapp Hyper Converged Infrastructure -
Netapp Storagegrid Webscale -
Netapp Data Ontap -
Netapp E-series Santricity Os Controller
Netapp Solidfire Element Os -
8.8
CVSSv3
CVE-2018-12538
In Eclipse Jetty versions 9.4.0 up to and including 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions pre...
Eclipse Jetty
Netapp E-series Santricity Management Plug-ins -
Netapp E-series Santricity Os Controller
Netapp E-series Santricity Web Services Proxy -
Netapp Element Software -
Netapp Hyper Converged Infrastructure -
Netapp Oncommand System Manager
Netapp Oncommand Unified Manager -
Netapp Santricity Cloud Connector -
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Snapmanager -
6.5
CVSSv3
CVE-2018-18065
_set_key in agent/helpers/table_container.c in Net-SNMP prior to 5.8 has a NULL Pointer Exception bug that can be used by an authenticated malicious user to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Net-snmp Net-snmp
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Netapp Cloud Backup -
Netapp Hyper Converged Infrastructure -
Netapp Storagegrid Webscale -
Netapp Data Ontap -
Netapp E-series Santricity Os Controller
1 EDB exploit
5.9
CVSSv3
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by...
Openssl Openssl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Active Iq Unified Manager
Netapp Active Iq Unified Manager -
Netapp Altavault -
Netapp Cloud Backup -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Element Software -
3 Github repositories
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
apache atlas
wp html page sitemap
inject
everest forms
CVE-2025-25356
CVE-2024-47264
cross-site scripting
CVE-2025-0837
CVE-2025-25286
*
CVE-2024-12754
arbitrary code
CVE-2025-24472
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started