Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp snap creator framework - vulnerabilities and exploits
(subscribe to this query)
758
VMScore
CVE-2021-42550
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.
Qos Logback 1.3.0
Qos Logback
Redhat Satellite 6.0
Netapp Snap Creator Framework -
Netapp Service Level Manager -
Netapp Cloud Manager -
Siemens Sinec Nms
7 Github repositories
670
VMScore
CVE-2020-10878
Perl prior to 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
Perl Perl
Fedoraproject Fedora 31
Opensuse Leap 15.1
Netapp Snap Creator Framework -
Netapp Oncommand Workflow Automation -
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Sd-wan Aware 8.2
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Billing And Revenue Management 12.0.0.2.0
Oracle Communications Diameter Signaling Router
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Tekelec Platform Distribution
Oracle Communications Eagle Lnp Application Processor 46.7
Oracle Communications Eagle Lnp Application Processor 46.8
Oracle Communications Eagle Lnp Application Processor 46.9
Oracle Communications Lsms
Oracle Configuration Manager 12.1.2.0.8
Oracle Communications Eagle Application Processor
Oracle Sd-wan Aware 9.1
6 Github repositories
670
VMScore
CVE-2017-7657
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size coul...
Eclipse Jetty
Debian Debian Linux 9.0
Netapp Oncommand Unified Manager
Netapp Element Software -
Netapp Santricity Cloud Connector -
Netapp Element Software Management Node -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Management -
Netapp Hci Storage Nodes -
Netapp E-series Santricity Os Controller
Netapp Oncommand System Manager 3.x
Netapp Snap Creator Framework
Netapp Snapcenter
Netapp Snapmanager
Hp Xp P9000 Command View
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 16.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 12.1.0.2
Oracle Rest Data Services 11.2.0.4
668
VMScore
CVE-2020-10683
dom4j prior to 2.0.3 and 2.1.x prior to 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j...
Dom4j Project Dom4j
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Insurance Rules Palette 10.2.0
Oracle Retail Integration Bus 15.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 2.2.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 16.0
Oracle Retail Customer Management And Segmentation Foundation 16.0
Oracle Retail Customer Management And Segmentation Foundation 17.0
Oracle Retail Customer Management And Segmentation Foundation 18.0
Oracle Enterprise Data Quality 12.2.1.3.0
Oracle Data Integrator 12.2.1.3.0
Oracle Utilities Framework 4.4.0.0.0
668
VMScore
CVE-2017-7658
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the ...
Eclipse Jetty
Debian Debian Linux 9.0
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 16.0
Oracle Retail Xstore Payment 3.3
Oracle Retail Xstore Point Of Service 17.0
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 12.1.0.2
Oracle Rest Data Services 11.2.0.4
Oracle Rest Data Services 18c
Hp Xp P9000 Command View
Netapp Snap Creator Framework -
Netapp Santricity Cloud Connector -
Netapp Snapcenter -
Netapp Snapmanager -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Management -
Netapp E-series Santricity Os Controller
Netapp Oncommand System Manager
Netapp Solidfire -
Netapp Hci Management Node -
1 Article
605
VMScore
CVE-2016-5372
Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework prior to 4.3.0P1 allows remote malicious users to hijack the authentication of users for requests that have unspecified impact via unknown vectors.
Netapp Snap Creator Framework
605
VMScore
CVE-2015-8960
The TLS protocol 1.2 and previous versions supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and ser...
Ietf Transport Layer Security
Netapp Snap Creator Framework -
Netapp Data Ontap Edge -
Netapp Snapdrive -
Netapp Snapmanager -
Netapp Smi-s Provider -
Netapp Host Agent -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Snapprotect -
Netapp Oncommand Shift -
Netapp Plug-in For Symantec Netbackup -
Netapp System Setup -
580
VMScore
CVE-2018-12538
In Eclipse Jetty versions 9.4.0 up to and including 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions pre...
Eclipse Jetty
Netapp E-series Santricity Os Controller
Netapp Snap Creator Framework -
Netapp Hyper Converged Infrastructure -
Netapp Element Software -
Netapp Santricity Cloud Connector -
Netapp Snapcenter -
Netapp Oncommand Unified Manager -
Netapp E-series Santricity Management Plug-ins -
Netapp E-series Santricity Web Services Proxy -
Netapp Oncommand System Manager
Netapp Snapmanager -
572
VMScore
CVE-2018-12015
In Perl up to and including 5.26.2, the Archive::Tar module allows remote malicious users to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Perl Perl
Archive\\ \\ Tar Project
Apple Mac Os X
Netapp Data Ontap Edge -
Netapp Snap Creator Framework -
Netapp Oncommand Workflow Automation -
Netapp Snapdrive -
571
VMScore
CVE-2021-23926
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0.
Apache Xmlbeans
Netapp Snap Creator Framework -
Netapp Snapmanager -
Netapp Oncommand Unified Manager Core Package -
Debian Debian Linux 9.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Middleware Common Libraries And Tools 12.2.1.4.0
Oracle Middleware Common Libraries And Tools 12.2.1.3.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-coded
CVE-2024-27202
NULL pointer dereference
CVE-2024-28075
CVE-2024-33608
CVE-2024-28889
CVE-2024-34572
template injection
CVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »