Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sas vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-1999-1325
SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges.
Vax Vms Sas System 5.18
5
CVSSv2
CVE-2014-3019
IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module (aka RSSM) prior to 1.3.3.006 allow remote malicious users to obtain blade and storage-pool access via a TELNET session.
Ibm Sas Raid Module Firmware
Ibm Sas Connectivity Module Firmware
7.8
CVSSv2
CVE-2014-3018
IBM BladeCenter SAS Connectivity Module (aka NSSM) and SAS RAID Module (aka RSSM) prior to 1.3.3.006 allow remote malicious users to cause a denial of service (reboot) via a flood of IP packets.
Ibm Sas Raid Module Firmware
Ibm Sas Connectivity Module Firmware
5
CVSSv2
CVE-2018-11365
sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop.
Wizardmac Readstat 0.1.1
NA
CVE-2023-27317
ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a single SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. This co...
Netapp Ontap 9.12.1
Netapp Ontap 9.13.1
NA
CVE-2023-23720
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NetReviews SAS Verified Reviews (Avis Vérifiés) plugin <= 2.3.13 versions.
Skeepers Verified Reviews \\(avis Verifies\\)
6.5
CVSSv2
CVE-2020-25608
The SAS portal of Mitel MiCollab prior to 9.2 could allow an malicious user to access user credentials due to improper input validation, aka SQL Injection.
Mitel Micollab
4.7
CVSSv2
CVE-2019-15807
In the Linux kernel prior to 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Debian Debian Linux 8.0
Redhat Enterprise Linux 8.0
4.3
CVSSv2
CVE-2019-19316
When using the Azure backend with a shared access signature (SAS), Terraform versions before 0.12.17 may transmit the token and state snapshot using cleartext HTTP.
Hashicorp Terraform
NA
CVE-2023-50357
A cross site scripting vulnerability in the AREAL SAS Websrv1 ASP website allows a remote low-privileged malicious user to gain escalated privileges of other non-admin users.
Areal-topkapi Webserv1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »