Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp vasa provider vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-6904
Versions of VASA Provider for Clustered Data ONTAP before 7.0P1 contain a web server that accepts plain text authentication. This could allow an unauthenticated malicious user to obtain authentication credentials.
Netapp Vasa Provider
6.8
CVSSv2
CVE-2018-19931
An issue exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils up to and including 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.
Gnu Binutils
Netapp Vasa Provider
Canonical Ubuntu Linux 18.04
4.4
CVSSv2
CVE-2017-10125
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows physical access to compromise Java SE. While the vulnerability is in Java SE, attacks ...
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Netapp Cloud Backup -
Netapp Oncommand Balance -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Insight -
Netapp Virtual Storage Console
Netapp E-series Santricity Storage Manager -
Netapp Oncommand Unified Manager -
Netapp Active Iq Unified Manager
Netapp Vasa Provider For Clustered Data Ontap
Netapp Oncommand Shift -
Netapp Oncommand Performance Manager -
Netapp Plug-in For Symantec Netbackup -
Netapp E-series Santricity Os Controller
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Oncommand Unified Manager
Netapp Vasa Provider For Clustered Data Ontap 6.0
6.9
CVSSv2
CVE-2019-11486
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel prior to 5.0.8 has multiple race conditions.
Linux Linux Kernel
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 15.1
Netapp Active Iq -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Vasa Provider For Clustered Data Ontap 9.7
Netapp Storage Replication Adapter For Clustered Data Ontap 9.7
Netapp Virtual Storage Console 9.7
1.9
CVSSv2
CVE-2019-3901
A race condition in perf_event_open() allows local malicious users to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execv...
Linux Linux Kernel
Debian Debian Linux 8.0
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Active Iq Unified Manager For Vmware Vsphere
Netapp Virtual Storage Console For Vmware Vsphere
Netapp Storage Replication Adapter For Clustered Data Ontap For Vmware Vsphere
Netapp Cn1610 Firmware -
5
CVSSv2
CVE-2020-11868
ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows an off-path malicious user to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
Ntp Ntp 4.2.8
Ntp Ntp
Redhat Enterprise Linux 7.0
Netapp Clustered Data Ontap -
Netapp Virtual Storage Console
Netapp Data Ontap -
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node Firmware -
Netapp Fabric-attached Storage 8300 Firmware -
Netapp Fabric-attached Storage 8700 Firmware -
Netapp Fabric-attached Storage A400 Firmware -
Netapp All Flash Fabric-attached Storage 8300 Firmware -
Netapp All Flash Fabric-attached Storage 8700 Firmware -
Netapp All Flash Fabric-attached Storage A400 Firmware -
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Leap 15.2
5.8
CVSSv2
CVE-2017-10293
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Succ...
Oracle Jdk 1.9.0
Oracle Jre 1.9.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Netapp Cloud Backup -
Netapp Oncommand Balance -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Virtual Storage Console
Netapp E-series Santricity Storage Manager -
Netapp Oncommand Unified Manager -
Netapp Active Iq Unified Manager
Netapp Vasa Provider For Clustered Data Ontap
Netapp E-series Santricity Management Plug-ins -
Netapp Oncommand Shift -
5.1
CVSSv2
CVE-2018-2942
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). Supported versions that are affected are Java SE: 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Jav...
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Unified Manager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp E-series Santricity Storage Manager -
Netapp Active Iq Unified Manager -
Netapp Plug-in For Symantec Netbackup -
Netapp E-series Santricity Os Controller
Netapp Virtual Storage Console
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap
4.3
CVSSv2
CVE-2020-13954
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web...
Apache Cxf
Netapp Snap Creator Framework -
Netapp Vasa Provider For Clustered Data Ontap
Oracle Retail Order Broker Cloud Service 15.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Communications Messaging Server 8.1
Oracle Communications Messaging Server 8.0.2
Oracle Business Intelligence 5.9.0.0.0
6.8
CVSSv2
CVE-2018-2938
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Supported versions that are affected are Java SE: 6u191, 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise ...
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Unified Manager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp E-series Santricity Storage Manager -
Netapp Active Iq Unified Manager -
Netapp Plug-in For Symantec Netbackup -
Netapp E-series Santricity Os Controller
Netapp Virtual Storage Console
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »