Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ucs manager vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2015-7849
Use-after-free vulnerability in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
7.5
CVSSv2
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a negative input value.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
6.5
CVSSv2
CVE-2015-7854
Buffer overflow in the password management functionality in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
4
CVSSv2
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.
Ntp Ntp 4.1.2
Ntp Ntp
Ntp Ntp 4.3.0
Ntp Ntp 4.3.1
Ntp Ntp 4.3.16
Ntp Ntp 4.3.17
Ntp Ntp 4.3.24
Ntp Ntp 4.3.25
Ntp Ntp 4.3.31
Ntp Ntp 4.3.32
Ntp Ntp 4.3.39
Ntp Ntp 4.3.4
Ntp Ntp 4.3.47
Ntp Ntp 4.3.48
Ntp Ntp 4.3.54
Ntp Ntp 4.3.55
Ntp Ntp 4.3.61
Ntp Ntp 4.3.62
Ntp Ntp 4.3.63
Ntp Ntp 4.3.7
Ntp Ntp 4.3.70
Ntp Ntp 4.3.77
7.2
CVSSv2
CVE-2021-3156
Sudo prior to 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Sudo Project Sudo 1.9.5
Sudo Project Sudo
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Oncommand Unified Manager Core Package -
Mcafee Web Gateway 8.2.17
Mcafee Web Gateway 9.2.8
Mcafee Web Gateway 10.0.4
Synology Diskstation Manager 6.2
Synology Diskstation Manager Unified Controller 3.0
Synology Skynas Firmware -
Synology Vs960hd Firmware -
Beyondtrust Privilege Management For Mac
Beyondtrust Privilege Management For Unix\\/linux
Oracle Micros Compact Workstation 3 Firmware 310
Oracle Micros Es400 Firmware
Oracle Micros Kitchen Display System Firmware 210
Oracle Micros Workstation 5a Firmware 5a
142 Github repositories
1 Article
7.2
CVSSv2
CVE-2015-4279
The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect, aka Bug ID CSCut32778.
Cisco Unified Computing System 2.2\\(3b\\)
9.3
CVSSv2
CVE-2013-1182
The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) prior to 1.0(2h), 1.1 prior to 1.1(1j), and 1.3(x) allows remote malicious users to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3\\(1q\\)
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3\\(1p\\)
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3\\(1o\\)
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3\\(1n\\)
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3\\(1y\\)
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3\\(1t\\)
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3\\(1m\\)
Cisco Unified Computing System Infrastructure And Unified Computing System Software
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.1
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3\\(1w\\)
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3\\(1c\\)
Cisco Unified Computing System 6296up Fabric Interconnect -
Cisco Unified Computing System 6140xp Fabric Interconnect -
Cisco Unified Computing System 6120xp Fabric Interconnect -
Cisco Unified Computing System Integrated Management Controller -
Cisco Unified Computing System 6248up Fabric Interconnect -
7.8
CVSSv2
CVE-2013-1184
The management API in the XML API management service in the Manager component in Cisco Unified Computing System (UCS) 1.x prior to 1.2(1b) allows remote malicious users to cause a denial of service (service outage) via a malformed request, aka Bug ID CSCtg48206.
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.0\\(2k\\)
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.0
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.1
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.1\\(1m\\)
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.2\\(1\\)
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.2
Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.2\\(1a\\)
Cisco Unified Computing System Integrated Management Controller -
Cisco Unified Computing System 6296up Fabric Interconnect -
Cisco Unified Computing System 6120xp Fabric Interconnect -
Cisco Unified Computing System 6248up Fabric Interconnect -
Cisco Unified Computing System 6140xp Fabric Interconnect -
7.5
CVSSv2
CVE-2015-7705
The rate limiting feature in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77 allows remote malicious users to have unspecified impact via a large number of crafted requests.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Citrix Xenserver 7.0
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
4
CVSSv2
CVE-2015-7850
ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »