Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloud backup vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2020-8760
Integer overflow in subsystem for Intel(R) AMT versions prior to 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.
Intel Active Management Technology Firmware
Netapp Cloud Backup -
7.2
CVSSv2
CVE-2019-11112
Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver prior to 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Graphics Driver
Netapp Cloud Backup -
Netapp Data Availability Services -
Netapp Steelstore Cloud Integrated Storage -
4.3
CVSSv2
CVE-2021-32785
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When mod_auth_openidc versions before 2.4.9 are configured to use an unencrypted R...
Openidc Mod Auth Openidc
Netapp Cloud Backup -
Debian Debian Linux 10.0
5
CVSSv2
CVE-2018-20796
In the GNU C Library (aka glibc or libc6) up to and including 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.
Gnu Glibc
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Backup
5
CVSSv2
CVE-2009-5155
In the GNU C Library (aka glibc or libc6) prior to 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows malicious users to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression m...
Gnu Glibc
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Backup
1 Github repository
7.5
CVSSv2
CVE-2020-27730
In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities.
F5 Nginx Controller
F5 Nginx Controller 1.0.1
Netapp Cloud Backup -
6.8
CVSSv2
CVE-2020-5867
In versions before 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP instead of HTTPS to check and install packages
F5 Nginx Controller
F5 Nginx Controller 1.0.1
Netapp Cloud Backup -
7.5
CVSSv2
CVE-2020-5863
In NGINX Controller versions before 3.2.0, an unauthenticated attacker with network access to the Controller API can create unprivileged user accounts. The user which is created is only able to upload a new license to the system but cannot view or modify any other components of t...
F5 Nginx Controller 1.0.1
F5 Nginx Controller
Netapp Cloud Backup -
5.8
CVSSv2
CVE-2020-5865
In versions before 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via man-in-the-middle (MiTM) attacks.
F5 Nginx Controller
F5 Nginx Controller 1.0.1
Netapp Cloud Backup -
2.1
CVSSv2
CVE-2019-14590
Improper access control in the API for the Intel(R) Graphics Driver versions prior to 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access.
Intel Graphics Driver
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire Baseboard Management Controller Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »