Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sas vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-1999-1325
SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges.
Vax Vms Sas System 5.18
5
CVSSv2
CVE-2014-3019
IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module (aka RSSM) prior to 1.3.3.006 allow remote malicious users to obtain blade and storage-pool access via a TELNET session.
Ibm Sas Raid Module Firmware
Ibm Sas Connectivity Module Firmware
7.8
CVSSv2
CVE-2014-3018
IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module (aka RSSM) prior to 1.3.3.006 allow remote malicious users to cause a denial of service (reboot) via a flood of IP packets.
Ibm Sas Raid Module Firmware
Ibm Sas Connectivity Module Firmware
5
CVSSv2
CVE-2018-11365
sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop.
Wizardmac Readstat 0.1.1
NA
CVE-2023-27317
ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a single SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. This co...
Netapp Ontap 9.12.1
Netapp Ontap 9.13.1
NA
CVE-2023-23720
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NetReviews SAS Verified Reviews (Avis Vérifiés) plugin <= 2.3.13 versions.
Skeepers Verified Reviews \\(avis Verifies\\)
6.5
CVSSv2
CVE-2020-25608
The SAS portal of Mitel MiCollab prior to 9.2 could allow an malicious user to access user credentials due to improper input validation, aka SQL Injection.
Mitel Micollab
4.7
CVSSv2
CVE-2019-15807
In the Linux kernel prior to 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Debian Debian Linux 8.0
Redhat Enterprise Linux 8.0
4.3
CVSSv2
CVE-2019-19316
When using the Azure backend with a shared access signature (SAS), Terraform versions before 0.12.17 may transmit the token and state snapshot using cleartext HTTP.
Hashicorp Terraform
NA
CVE-2023-30222
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and previous versions allows malicious users to retrieve password hashes for all users via eavesdropping.
4d Server 18
4d Server 19
4d Server 17
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »