Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sas vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-30222
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and previous versions allows malicious users to retrieve password hashes for all users via eavesdropping.
4d Server 18
4d Server 19
4d Server 17
9.8
CVSSv3
CVE-2017-8011
EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM before 4.1, EMC Storage M&R before 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default p...
Dell Emc M\\&r -
Dell Emc Storage Monitoring And Reporting 4.0.2
Dell Emc Vipr Srm
Dell Emc Vnx Monitoring And Reporting -
7.5
CVSSv3
CVE-2023-30223
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and previous versions allows malicious users to send crafted TCP packets containing requests to perform arbitrary actions.
4d Server 18
4d Server 19
4d Server 17
7.8
CVSSv3
CVE-2023-0035
softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
Openharmony Openharmony
7.8
CVSSv3
CVE-2023-0036
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
Openharmony Openharmony
NA
CVE-2014-5359
Directory traversal vulnerability in SafeNet Authentication Service (SAS) Outlook Web Access Agent (formerly CRYPTOCard) prior to 1.03.30109 allows remote malicious users to read arbitrary files via a .. (dot dot) in the GetFile parameter to owa/owa.
Safenet-inc Safenet Authentication Service Outlook Web Access Agent
6.5
CVSSv3
CVE-2021-27402
The SAS Admin portal of Mitel MiCollab prior to 9.2 FP2 could allow an unauthenticated malicious user to access (view and modify) user data by injecting arbitrary directory paths due to improper URL validation, aka Directory Traversal.
Mitel Micollab
Mitel Micollab 9.2
NA
CVE-2002-2139
Cisco PIX Firewall 6.0.3 and previous versions, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack.
Cisco Pix Firewall Software 6.1
Cisco Pix Firewall Software 6.1\\(2\\)
Cisco Pix Firewall Software 6.1\\(3\\)
Cisco Pix Firewall Software 6.0
Cisco Pix Firewall Software 6.0\\(2\\)
Cisco Pix Firewall Software 6.0\\(1\\)
Cisco Pix Firewall Software 6.0\\(3\\)
8.1
CVSSv3
CVE-2020-13863
The SAS portal of Mitel MiCollab prior to 9.1.3 could allow an malicious user to access user data by performing a header injection in HTTP responses, due to the improper handling of input parameters. A successful exploit could allow an malicious user to access user information.
Mitel Micollab
NA
CVE-2004-0040
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 up to and including 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 up to and including 4.1 build 4200 allows remote malicious users to execute arbitrary code via an ISAKMP packet with a large Certificate Request pac...
Checkpoint Firewall-1 4.1
Checkpoint Vpn-1 Next Generation Fp0
Checkpoint Vpn-1 Next Generation Fp1
Checkpoint Firewall-1 Next Generation Fp1
Checkpoint Vpn-1 4.1
Checkpoint Firewall-1 Next Generation Fp0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »