Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sas vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31216
The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, OCI, Helm repositories and S3-compatible buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolki...
NA
CVE-2023-50357
A cross site scripting vulnerability in the AREAL SAS Websrv1 ASP website allows a remote low-privileged malicious user to gain escalated privileges of other non-admin users.
Areal-topkapi Webserv1
NA
CVE-2023-27317
ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a single SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. This co...
Netapp Ontap 9.12.1
Netapp Ontap 9.13.1
NA
CVE-2023-4932
SAS application is vulnerable to Reflected Cross-Site Scripting (XSS). Improper input validation in the `_program` parameter of the the `/SASStoredProcess/do` endpoint allows arbitrary JavaScript to be executed when specially crafted URL is opened by an authenticated user. The at...
Sas Integration Technologies 9.4
NA
CVE-2023-30222
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and previous versions allows malicious users to retrieve password hashes for all users via eavesdropping.
4d Server 18
4d Server 19
4d Server 17
NA
CVE-2023-30223
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and previous versions allows malicious users to send crafted TCP packets containing requests to perform arbitrary actions.
4d Server 18
4d Server 19
4d Server 17
NA
CVE-2023-23720
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NetReviews SAS Verified Reviews (Avis Vérifiés) plugin <= 2.3.13 versions.
Skeepers Verified Reviews \\(avis Verifies\\)
NA
CVE-2023-24724
A stored cross site scripting (XSS) vulnerability exists in the user management module of the SAS 9.4 Admin Console, due to insufficient validation and sanitization of data input into the user creation and editing form fields. The product name is SAS Web Administration interface ...
Sas Web Administration Interface 9.4
NA
CVE-2023-0035
softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
Openharmony Openharmony
NA
CVE-2023-0036
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
Openharmony Openharmony
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »