CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In onCommand of ActivityManagerShellCommand.java, there is a possible arbitrary activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6AI score0.00008EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 4:51 p.m.•7 views

CVE-2020-8585

OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link plink...

5.5CVSS6.4AI score0.00139EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:51 p.m.•6 views

CVE-2020-8587

OnCommand System Manager 9.x versions prior to 9.3P20 and 9.4 prior to 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an attacker who has access to the system where the client runs...

5.5CVSS6.7AI score0.0018EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:3 a.m.•6 views

CVE-2019-17276

OnCommand System Manager versions 9.3 prior to 9.3P18 and 9.4 prior to 9.4P2 are susceptible to a cross site scripting vulnerability that could allow an authenticated attacker to inject arbitrary scripts into the SNMP Community Names label field...

5.4CVSS6.1AI score0.00355EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 8:39 a.m.•5 views

CVE-2019-17275

OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers...

9.8CVSS7.8AI score0.02486EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:19 a.m.•4 views

CVE-2019-5503

OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...

5.3CVSS6.4AI score0.00502EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:5 a.m.•5 views

CVE-2019-5498

OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user...

6.5CVSS6.3AI score0.00311EPSS

Exploits0References1

NCSC•added 2022/12/22 12:0 a.m.•3 views

Vulnerability fixed in NetApp OnCommand Insight

NetApp has fixed a vulnerability in OnCommand Insight. A unauthenticated malicious person with access to the management interface, could exploit the vulnerability to obtain system data and cause a denial-of-service cause. The vulnerability does not allow the malicious party to access the collecte...

8.6CVSS6.8AI score0.00379EPSS

Exploits0