CVE-2019-5509

ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account...

CVE-2019-17272

All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges...

Code injection

ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account...

Code injection

All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges...

CVE-2019-17272

Technical details (affected product/version, root cause, impact, or fixes) are not publicly provided in the supplied documents. Monitor for updates from vendors and CVE records.

CVE-2019-17272

All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges...

CVE-2019-5509

ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account...

CVE-2019-5509

CVE-2019-5509 affects ONTAP Select Deploy administration utility versions 2.11.2–2.12.2 and describes a code injection vulnerability that could let an unauthenticated remote attacker enable and use a privileged user account. Multiple connected sources (Red Hat advisory, CNVD, CVE records) corrobo...

Portainer Cross-Site Scripting Vulnerability (CNVD-2019-40484)

Portainer is an open source lightweight management UI that allows you to easily manage docker hosts or clusters. A stored cross-site scripting vulnerability exists in the isteven-multi-select component in Portainer versions prior to 1.22.1. An attacker can exploit this vulnerability to inject...

Slither v0.6.7 - Static Analyzer For Solidity

Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code...

WordPress Plugin FooGallery 1.8.12 - Persistent Cross-Site Scripting

Exploit Title: Wordpress FooGallery 1.8.12 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\foogallery" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://foo.gallery/ Software Link: https://wordpress.org/plugins/foogallery/ Version: 1.8.12 Tested on: Kali...

NetApp ONTAP Select Deploy Information Disclosure Vulnerability (CNVD-2019-43849)

ONTAP Select Deploy is a management utility for deploying and managing ONTAP Select clusters. An information disclosure vulnerability exists in ONTAP Select Deploy. The vulnerability stems from the product transmitting credentials in plain text. An attacker could exploit this vulnerability to...

NetApp ONTAP Select Deploy Remote Command Execution Vulnerability

ONTAP Select Deploy is a management utility for deploying and managing ONTAP Select clusters. A remote command execution vulnerability exists in ONTAP Select Deploy 2.12, 2.12.1. An attacker could exploit this vulnerability to perform administrative operations...

CVE-2019-5504

ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions...

CVE-2019-5505

ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext...

CVE-2019-5504

ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions...

CVE-2019-5505

ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext...

Open redirect

ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext...

CVE-2019-5505

The CVE-2019-5505 issue affects NetApp ONTAP Select Deploy admin utility versions 2.2–2.12.1, where credentials are transmitted in plaintext. The combined documents identify the root cause as unencrypted credential handling in the deploy utility, leading to potential credential disclosure. The vu...

CVE-2019-5505

ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext...