Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sas vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1999-1325
SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges.
Vax Vms Sas System 5.18
NA
CVE-2014-3019
IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module (aka RSSM) prior to 1.3.3.006 allow remote malicious users to obtain blade and storage-pool access via a TELNET session.
Ibm Sas Raid Module Firmware
Ibm Sas Connectivity Module Firmware
NA
CVE-2014-3018
IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module (aka RSSM) prior to 1.3.3.006 allow remote malicious users to cause a denial of service (reboot) via a flood of IP packets.
Ibm Sas Raid Module Firmware
Ibm Sas Connectivity Module Firmware
7.5
CVSSv3
CVE-2018-11365
sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop.
Wizardmac Readstat 0.1.1
4.6
CVSSv3
CVE-2023-27317
ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a single SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. This co...
Netapp Ontap 9.12.1
Netapp Ontap 9.13.1
4.8
CVSSv3
CVE-2023-23720
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NetReviews SAS Verified Reviews (Avis Vérifiés) plugin <= 2.3.13 versions.
Skeepers Verified Reviews \\(avis Verifies\\)
7.2
CVSSv3
CVE-2020-25608
The SAS portal of Mitel MiCollab prior to 9.2 could allow an malicious user to access user credentials due to improper input validation, aka SQL Injection.
Mitel Micollab
4.7
CVSSv3
CVE-2019-15807
In the Linux kernel prior to 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Debian Debian Linux 8.0
Redhat Enterprise Linux 8.0
7.5
CVSSv3
CVE-2019-19316
When using the Azure backend with a shared access signature (SAS), Terraform versions before 0.12.17 may transmit the token and state snapshot using cleartext HTTP.
Hashicorp Terraform
5.4
CVSSv3
CVE-2023-50357
A cross site scripting vulnerability in the AREAL SAS Websrv1 ASP website allows a remote low-privileged malicious user to gain escalated privileges of other non-admin users.
Areal-topkapi Webserv1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »