Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp element os vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-8584
Element OS versions before 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote malicious user to perform arbitrary code execution.
Netapp Hci Management Node -
Netapp Solidfire -
Netapp Hci Storage Node -
Netapp Element Os
Netapp Element Os 1.8
9
CVSSv2
CVE-2019-14287
In Sudo prior to 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER=...
Sudo Project Sudo
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Netapp Element Software Management Node -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
59 Github repositories
1 Article
7.8
CVSSv2
CVE-2022-23772
Rat.SetString in math/big in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
Golang Go
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Beegfs Csi Driver -
Debian Debian Linux 9.0
5 Github repositories
7.8
CVSSv2
CVE-2021-28165
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
Eclipse Jetty
Oracle Communications Services Gatekeeper 7.0
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Siebel Core - Automation
Oracle Communications Element Manager 8.2.2
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Oracle Rest Data Services
Jenkins Jenkins
Netapp Santricity Cloud Connector -
Netapp E-series Santricity Os Controller
Netapp E-series Performance Analyzer
Netapp Snapcenter
Netapp E-series Santricity Storage
Netapp Santricity Web Services Proxy
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap
Netapp E-series Santricity Web Services
Netapp Ontap Tools
Netapp Cloud Manager
1 Github repository
7.5
CVSSv2
CVE-2021-44790
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Ser...
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Tenable Tenable.sc
Netapp Cloud Backup -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Operations Monitor 4.3
Oracle Communications Operations Monitor 4.4
Oracle Communications Operations Monitor 5.0
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Apple Macos
Apple Mac Os X 10.15.7
3 Github repositories
7.5
CVSSv2
CVE-2019-11068
libxslt up to and including 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
Xmlsoft Libxslt
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Oracle Jdk 8.0
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp E-series Santricity Web Services Proxy -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Unified Manager -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
1 Github repository
7.5
CVSSv2
CVE-2017-7657
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size coul...
Eclipse Jetty
Debian Debian Linux 9.0
Netapp Oncommand Unified Manager
Netapp Element Software -
Netapp Santricity Cloud Connector -
Netapp Element Software Management Node -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Management -
Netapp Hci Storage Nodes -
Netapp E-series Santricity Os Controller
Netapp Oncommand System Manager 3.x
Netapp Snap Creator Framework
Netapp Snapcenter
Netapp Snapmanager
Hp Xp P9000 Command View
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 16.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 12.1.0.2
Oracle Rest Data Services 11.2.0.4
6.9
CVSSv2
CVE-2019-18683
An issue exists in drivers/media/platform/vivid in the Linux kernel up to and including 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race co...
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Broadcom Fabric Operating System -
Netapp A700s Firmware -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
Netapp H610s Firmware -
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2017-10346
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network ...
Oracle Jdk 1.9.0
Oracle Jre 1.9.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Satellite 5.8
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Eus 7.6
1 Article
6.5
CVSSv2
CVE-2018-12538
In Eclipse Jetty versions 9.4.0 up to and including 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions pre...
Eclipse Jetty
Netapp E-series Santricity Os Controller
Netapp Snap Creator Framework -
Netapp Hyper Converged Infrastructure -
Netapp Element Software -
Netapp Santricity Cloud Connector -
Netapp Snapcenter -
Netapp Oncommand Unified Manager -
Netapp E-series Santricity Management Plug-ins -
Netapp E-series Santricity Web Services Proxy -
Netapp Oncommand System Manager
Netapp Snapmanager -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »