Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp management services for element software - vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2021-28169
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the we...
Eclipse Jetty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Rest Data Services
Oracle Communications Cloud Native Core Policy 1.14.0
Netapp Snap Creator Framework -
Netapp Hci -
Netapp Active Iq Unified Manager -
Netapp Management Services For Element Software -
2 Github repositories
409
VMScore
CVE-2021-22118
In Spring Framework, versions 5.2.x before 5.2.15 and versions 5.3.x before 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been upload...
Vmware Spring Framework
Oracle Retail Order Broker 16.0
Oracle Retail Predictive Application Server 15.0.3
Oracle Enterprise Data Quality 12.2.1.3.0
Oracle Retail Assortment Planning 16.0
Oracle Retail Financial Integration 16.0.3
Oracle Communications Network Integrity 7.3.6
Oracle Retail Integration Bus 16.0.3
Oracle Insurance Rules Palette 11.0.2
Oracle Insurance Rules Palette 11.1.0
Oracle Commerce Guided Search 11.3.2
Oracle Communications Element Manager
Oracle Communications Interactive Session Recorder 6.4
Oracle Communications Unified Inventory Management 7.4.1
Oracle Documaker
Oracle Enterprise Data Quality 12.2.1.4.0
Oracle Healthcare Data Repository 8.1.0
Oracle Insurance Policy Administration
Oracle Mysql Enterprise Monitor
Oracle Retail Customer Management And Segmentation Foundation
Oracle Communications Brm - Elastic Charging Engine 12.0.0.3
Oracle Communications Session Report Manager
668
VMScore
CVE-2021-26987
Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions before 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Managemen...
Vmware Spring Boot
Netapp Element Plug-in For Vcenter Server
Netapp Management Services For Element Software And Netapp Hci
Netapp Solidfire \\& Hci Management Node
384
VMScore
CVE-2020-27223
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high ...
Eclipse Jetty 9.4.6
Eclipse Jetty 9.4.36
Eclipse Jetty
Eclipse Jetty 10.0.0
Eclipse Jetty 11.0.0
Apache Spark 3.1.1
Apache Nifi 1.13.0
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Snapmanager -
Netapp Hci -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp E-series Santricity Web Services -
Netapp Element Plug-in For Vcenter Server -
Netapp E-series Santricity Os Controller
Netapp Management Services For Element Software -
Debian Debian Linux 10.0
Apache Solr 8.8.1
Oracle Rest Data Services
2 Github repositories
387
VMScore
CVE-2020-11023
In jQuery versions greater than or equal to 1.0.3 and prior to 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted c...
Jquery Jquery
Debian Debian Linux 9.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Drupal Drupal
Oracle Weblogic Server 12.1.3.0.0
Oracle Hyperion Financial Reporting 11.1.2.4
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Operations Monitor 3.4
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Communications Interactive Session Recorder
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Application Express
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 12.1.0.2
13 Github repositories
383
VMScore
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
Redhat Hibernate Validator
Redhat Hibernate Validator 6.1.0
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform -
Redhat Jboss Data Grid -
Redhat Openshift Application Runtimes -
Redhat Fuse 1.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Netapp Active Iq Unified Manager -
Netapp Element -
Netapp Snapcenter Plug-in -
Netapp Management Services For Element Software And Netapp Hci -
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Solaris 11
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Investor Servicing 12.0.4
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Integration Bus 13.0
617
VMScore
CVE-2019-18683
An issue exists in drivers/media/platform/vivid in the Linux kernel up to and including 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race co...
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Broadcom Fabric Operating System -
Netapp A700s Firmware -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
Netapp H610s Firmware -
Debian Debian Linux 8.0
412
VMScore
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
98 Github repositories
668
VMScore
CVE-2019-11068
libxslt up to and including 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
Xmlsoft Libxslt
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Oracle Jdk 8.0
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp E-series Santricity Web Services Proxy -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Unified Manager -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
1 Github repository
409
VMScore
CVE-2019-7221
The KVM implementation in the Linux kernel up to and including 4.20.5 has a Use-after-Free.
Linux Linux Kernel
Opensuse Leap 15.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Netapp Element Software Management Node -
Netapp Active Iq Performance Analytics Services -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Openshift Container Platform 3.11
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »