Type Cloud Software

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Vendor »

Identifying all affected vendors is a good starting point for an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Product »

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector »

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication »

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction »

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

C3BM Index »

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Exploit Market Volume »

Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. The calculated prices for all possible 0-day expoits are cumulated for this task. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

🔴 CTI Activities »

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Affected Products (502): A-Member, A-Member for MT Cloud, A-Reserve, A-Reserve for MT Cloud, Adobe Creative Cloud Desktop Application, Akamai CloudTest, Alcatel-Lucent 8008 Cloud Edition Deskphone, Amazon AWS CloudFormation Bootstrap Tools, AnyShare Cloud, Apache CloudStack, Apache libcloud, Apache Libcloud, Apple iCloud, Apple iClouds, Arista CloudVision eXchange Server, Arista CloudVision Portal, Arista Cloud EOS VM vEOS, Axios Italia Axioscloud Sissiweb Registro Elettronico, Big Switch Big Cloud Fabric, Big Switch Big Monitoring Fabric, Big Switch Multi-Cloud Director, CA Cloud Service Management, CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP, Cdsincdesign Simple Dropbox Upload Form, Cisco CloudCenter Orchestrator, Cisco Cloud Portal, Cisco Cloud Services Platform 2100, Cisco Intercloud Fabric, Cisco Intercloud Fabric for Business, Cisco Intercloud Fabric for Providers, Cisco Nexus 1000V InterCloud for VMware, cloud-init, Cloud4Wi, cloudacl Safe Browser - The Web Filter, CloudAvid PParam, CloudBees Directory, CloudBees Enterprise, CloudBoot, CloudCTI HIP Integrator Recognition Configuration Tool, Cloudera CDH, Cloudera Data Engineering, Cloudera Data Science Workbench, Cloudera HUE, Cloudera Key Trustee Server, Cloudera Manager, Cloudera Manager UI, Cloudera Navigator, Cloudera Navigator Key Trustee KMS, Cloudera Search, cloudflare-scrape, Cloudflare WARP, cloudflared, CloudForms, CloudForms Management Engine, CloudMe, CloudNine Interactive Links Manager, Cloudtoken, CloudView NMS, CloudVision Portal, Cloudwords for Multilingual Module, cloudwu cstring, cloudwu PBC, Cloud Foundry, Cloud Foundry BOSH, Cloud Foundry BOSH Azure CPI, Cloud Foundry BOSH System Metrics Server, Cloud Foundry CAPI, Cloud Foundry CF Networking Release, Cloud Foundry Cloud Controller, Cloud Foundry Cloud Controller API, Cloud Foundry CredHub CLI, Cloud Foundry Diego, Cloud Foundry Foundation UAA, Cloud Foundry Garden-runC, Cloud Foundry Loggregator, Cloud Foundry Log Cache, Cloud Foundry NFS Volume Service, Cloud Foundry Runtime, Cloud Foundry SMB Volume, Cloud Foundry UAA, Cloud Foundry Bits Service, Cloud Foundry BOSH, Cloud Foundry BOSH CLI, Cloud Foundry cf-deployment, Cloud Foundry CLI, Cloud Foundry Cloud Controller, Cloud Foundry CredHub, Cloud Foundry Garden-runC, Cloud Foundry NFS Volume, Cloud Foundry Plugin, Cloud Foundry Routing, Cloud Foundry Silk CNI Plugin, Cloud Foundry Stratos, Cloud Foundry UAA, Cloud Media Popcorn A-200, Cloud Native Computing Foundation Harbor, CodeLathe FileCloud, Creative Cloud Desktop Application, CTERA Cloud Storage OS, Cubettechnologies Cloud Manager, Daumcorp Daum Cloud, DigitalCloudToken, Directory Cloud Station, Documentcloud karteek-docsplit, dropbox, Dropbox App, Dropbox Desktop App, Dropbox SDK, Dropbox Lepton, Elastic Cloud Enterprise, Elastic Cloud Enterprise, Elastic Runtime, Electric Cloud ElectricCommander, EMC Cloud Tiering Appliance Software, EMC Cloud Tiering Appliance Virtual Edition, EMC Elastic Cloud Storage, Enghouse Cloud Contact Center Platform, F-Secure Cloud Protection For Salesforce, F-Secure Email, F-Secure Internet GateKeeper, F-Secure Server Security, F5 BIG-IQ Cloud, F5 Security, Fabasoft Cloud, Firebase Cloud Messaging + Advance Admin Panel, FusionSphere OpenStack, geniuscloud Smart Browser, Gocloud ISP3000, Gocloud S2A, Gocloud S2A_WL, Gocloud S3A, Gocloud S3A K2P MTK, Google Cloud Platform guest-oslogin, Google Cloud Messaging Notification Plugin, granita Cloud Browser, H3C H3Cloud OS, Hangzhou Xiongmai XMeye P2P Cloud Server, HP Helion Cloud Development Platform, HP MagCloud, HPE Cloudline CL3100 Gen10 Server, HPE Cloudline CL4100 Gen10 Server, HPE Cloudline CL5200 Gen9 Server, HPE Cloudline CL5800 Gen9 Server, HPE Cloudline CL5800 Gen10 Server, HPE Cloud Optimizer, HPE Helion OpenStack Glance, Huawei AC6005, Huawei AC6605, Huawei AR200, Huawei AR1200, Huawei AR3200, Huawei CloudEngine, Huawei CloudEngine8800, Huawei CloudEngine 1800V, Huawei CloudEngine 5800, Huawei CloudEngine 6800, Huawei CloudEngine 7800, Huawei CloudEngine 8800, Huawei CloudEngine 12800, Huawei CloudLink Phone 7900, Huawei CloudUSM-EUA, Huawei E600, Huawei FusionSphere OpenStack, Huawei MyCloud APP, Huawei Public Cloud Solution, Huawei S1700, Huawei S2300, Huawei S2700, Huawei S5300, Huawei S5700, Huawei S6300, Huawei S6700, Huawei S7700, Huawei S9300, Huawei S9700, Huawei S12700, Huawei Secospace USG6600, Ian Bezanson DropBox, IBM Cloudscape, IBM Cloud Application Performance Management, IBM Cloud App Management, IBM Cloud CLI, IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise, IBM Cloud Pak for Data, IBM Cloud Pak for Security, IBM Cloud Pak System, IBM Cloud Private, IBM Kenexa LCMS Premier on Cloud, IBM Kenexa LMS on Cloud, IBM MQ Advanced Cloud Pak, IBM Multi-Cloud Data Encryption, IBM Multicloud Manager, IBM SmartCloud Analytics, IBM SmartCloud Analytics Log Analysis, IBM SmartCloud Control Desk, IBM SmartCloud Provisioning, IBM Watson Developer Cloud, IBM Application Security on Cloud Plugin, ICloudCenter ICJobSite, ICloudCenter ICTimeAttendance, Intel Expressway Cloud Access 360, Intel Security CloudAV, Intel Unite Cloud Service Client, Intelbras NCLOUD 300, Juniper Mist Cloud UI, Kaspersky Internet Security, Kaspersky Secure Connection, Kaspersky Security Cloud, Kaspersky Total Security, Lenovo Cloud Networking Operating System, LiveCRM SaaS Cloud Component, Maxthon Cloud Browser, McAfee Cloud Single Sign On, McAfee ePO Cloud, metago ASTRO File Manager with Cloud, Microsoft Azure Active Directory Connect, Microsoft Azure Active Directory Passport, Microsoft Azure AD Connect, Microsoft Azure App Service, Microsoft Azure Automation, Microsoft Azure DevOps Server, Microsoft Azure Functions, Microsoft Azure IoT CLI Extension, Microsoft Azure IoT Edge, Microsoft Azure IoT SDK, Microsoft Azure Kubernetes Service, Microsoft Azure Linux Guest Agent, Microsoft Azure Pack Rollup, Microsoft Azure SDK for Java, Microsoft Azure Sphere, Microsoft Azure SSH Keypairs, Microsoft Azure Stack, Microsoft Hub Device Client SDK for Azure IoT, Microsoft OneDrive, Mightymess SoundCloud Is Gold, Mitel MiCloud Management Portal, Musicloud, NAVER Cloud Explorer, NetEase NetEase CloudAlbum, Netgear Insight Cloud, Netsparker Cloud Scan Plugin, NextCloud, Nextcloud App Extract, Nextcloud Contacts, Nextcloud Deck, Nextcloud Desktop Client, Nextcloud Lookup-Server, Nextcloud Preferred Providers App, Nextcloud Server, Nextcloud Social, Nextcloud Social App, Nextcloud Talk, NextCloud Mail, NextCloud Preferred Providers App, Nextcloud Server, Novell Cloud Manager, Novell SUSE Cloud, No Magic TeamworkCloud, Okacloud Domain Name Search , Okacloud Web Host, OnCommand Cloud Manager, OpenStack, openstack-cinder, openstack-ironic-inspector, openstack-mistral, openstack-neutron, openstack-tripleo-heat-templates, openstack-tripleo-image-elements, openstack-utils, OpenStack blazar-dashboard, OpenStack Ceilometer, OpenStack Cinder, OpenStack Compute, OpenStack Compute (Nova), OpenStack Dashboard, OpenStack Delivery Service, OpenStack Designate, OpenStack devstack, OpenStack Diablo, OpenStack Essex, OpenStack Folsom, OpenStack Glance, OpenStack Grizzly, OpenStack Havana, OpenStack Heat, OpenStack horizon, OpenStack Horizon, OpenStack icehouse, OpenStack Identity, OpenStack Image Registry, OpenStack Image Registry And Delivery Service, OpenStack Image Registry And Delivery Service (glance), OpenStack Image Service, OpenStack Ironic, OpenStack Ironic Inspector, OpenStack Keystone, OpenStack keystonemiddleware, OpenStack Keystone Folsom, OpenStack Manila, OpenStack Murano, openstack neutron, OpenStack Neutron, OpenStack Newton, Openstack Nova, OpenStack Nova, OpenStack Nova-LXD, OpenStack Object Storage, OpenStack Ocata, OpenStack OpenStack Keystone, OpenStack Orchestration, OpenStack os-vif, OpenStack Puppet Module for Gerrit, OpenStack PyCADF, OpenStack python-keystoneclient, OpenStack rabbitmq, OpenStack Swauth, OpenStack Swift, OpenStack swift, OpenStack Swift-on-File, OpenStack Trove, OpenStack Workflow, Openstack Cloud Plugin, OpenStack Compute, OpenStack Dashboard Package, Openstack Deployment, OpenStack Horizon, OpenStack Identity, OpenStack Keystone, OpenStack Magnum, OpenStack Mistral, OpenStack Neutron, OpenStack Nova, OpenStack Octavia, Oracle CloudForms Management Engine, Oracle Cloud Services, Oracle Communications, Oracle Communications Analytics, Oracle Communications Application Session Controller, Oracle Communications ASAP, Oracle Communications ASAP Cartridges, Oracle Communications Billing, Oracle Communications Billing and Revenue Management, Oracle Communications BRM, Oracle Communications BRM - Elastic Charging Engine, Oracle Communications BRM Elastic Charging Engine, Oracle Communications Calendar Server, Oracle Communications Contacts Server, Oracle Communications Converged Application Server, Oracle Communications Converged Application Server Service Controller, Oracle Communications Convergence, Oracle Communications Core Session Manager, Oracle Communications Design Studio, Oracle Communications Diameter Signaling Router, Oracle Communications Diameter Signaling Router (DSR), Oracle Communications EAGLE Application Processor, Oracle Communications EAGLE LNP Application Processor, Oracle Communications EAGLE Software, Oracle Communications Element Manager, Oracle Communications Evolved Communications Application Server, Oracle Communications Instant Messaging Server, Oracle Communications Interactive Session Recorder, Oracle Communications IP Service Activator, Oracle Communications LSMS, Oracle Communications Messaging Server, Oracle Communications MetaSolv Solution, Oracle Communications Network Charging, Oracle Communications Network Charging and Control, Oracle Communications Network Integrity, Oracle Communications Network Intelligence, Oracle Communications Offline Mediation Controller, Oracle Communications Online Mediation Controller, Oracle Communications Operations Monitor, Oracle Communications Order, Oracle Communications Performance Intelligence Center (PIC) Software, Oracle Communications Performance Intelligence Center Software, Oracle Communications Policy Management, Oracle Communications Pricing Design Center, Oracle Communications Security Gateway, Oracle Communications Services Gatekeeper, Oracle Communications Service Broker, Oracle Communications Service Broker Engineered System Edition, Oracle Communications Session Border Controller, Oracle Communications Session Report Manager, Oracle Communications Session Router, Oracle Communications Session Route Manager, Oracle Communications Subscriber-Aware Load Balancer, Oracle Communications Tekelec HLR Router, Oracle Communications Unified, Oracle Communications Unified Inventory Management, Oracle Communications Unified Session Manager, Oracle Communications User Data Repository, Oracle Communications WebRTC Session Controller, Oracle Control, Oracle Retail Order Broker Cloud Service, Oracle Revenue Management, Oracle Right Now Service Cloud, Oracle Service Management, Oracle Cloud Infrastructure Compute Classic Plugin, OSIsoft PI Integrator for Business Analytics, OSIsoft PI Integrator for Microsoft Azure, OSIsoft PI Integrator for SAP HANA, ownCloud, ownCloud Desktop Client, ownCloud Server, ownCloud Windows Client, ownCloud Desktop, ownCloud Server, Palo Alto Prisma Cloud Compute, Palo Alto VM Series Firewall for Microsoft Azure, pivotal-cf Spring Cloud SSO Connector, Pivotal Cloud Cache, Pivotal Cloud Foundry, Pivotal Cloud Foundry Elastic Runtime, Pivotal Cloud Foundry Ops Manager, Pivotal Cloud Foundry Runtime, Pivotal Cloud Foundry On Demand Services SDK, Polycom RealPresence CloudAXIS Suite, QNAP myQNAPcloud Connect, Quali CloudShell, Red Hat Cloudforms, Red Hat CloudForms, Red Hat CloudForms 2 Management Engine, Red Hat Cloudforms 3.0 Management Engine, Red Hat CloudForms 3.0 Management Engine, Red Hat CloudForms 3.1 Management Engine, Red Hat CloudForms Cloud Engine, Red Hat CloudForms Management Engine, Red Hat OpenStack, Red Hat Openstack, Red Hat openstack, Red Hat openstack-neutron, Red Hat openstack-octavia, Red Hat Openstack Enterprise, Red Hat Openstack Folsom, Red Hat OpenStack Platform, Red Hat OpenStack Platform Director, Red Hat QuickStart Cloud Installer, SAP Cloud Connector, SAP Cloud Platform, SAP Commerce Cloud, SCORM Cloud Plugin, Seagate Personal Cloud, Skytap Cloud CI Plugin, SoftNAS Cloud, somcloud Somnote - Journal-Memo, Spring Cloud Netflix, Spring Cloud Config, Supra Smart Cloud TV, SuSE Openstack Cloud, SuSE OpenStack Cloud Crowbar, Synology Cloud Station, Synology Cloud Station Drive, Telekom Open Cloud SSO, Teradici Cloud Access Connector, Teradici Cloud Access Connector Legacy, TP-LINK Cloud Camera, Trove Barclamp, Umbraco Cloud, UniFi Cloud Key, VeloCloud Orchestrator, Veritas CloudPoint, VMware Cloud Director, Vmware macOS Sensor for VMware Carbon Black Cloud, Vmware Spring Cloud Data Flow, VMware Spring Cloud Netflix Zuul, Vmware Spring Cloud Task, VMware vCloud Director, VMware vCloud Director for Service Providers, wdc WD My Cloud, Webroot BrightCloud SDK, Western Digital DL2100, Western Digital DL4100, Western Digital EX2 Ultra, Western Digital EX2100, Western Digital EX4100, Western Digital ibi, Western Digital Mirror Gen2, Western Digital mycloud.com, Western Digital MyCloud NAS, Western Digital MyCloud PR4100, Western Digital My Cloud, Western Digital My Cloud Cloud, Western Digital My Cloud DL2100, Western Digital My Cloud DL4100, Western Digital My Cloud EX2 Ultra, Western Digital My Cloud EX2100, Western Digital My Cloud EX4100, Western Digital My Cloud Home, Western Digital My Cloud Mirror Gen2, Western Digital My Cloud NAS, Western Digital My Cloud OS, Western Digital My Cloud PR2100, Western Digital My Cloud PR4100, Western Digital PR2100, Western Digital PR4100, Western Digital WD My Cloud, Western Digital WD My Cloud Mirror, ZOOM Cloud Meetings, ZTE ZXCLOUD GoldenData VAP, ZXCLOUD iRAI, ZyXEL CloudCNM SecuManager

PublishedBaseTempVulnerabilityProdExpRemCTICVE
02/24/20215.55.5Nextcloud Deck resource injectionDeckNot DefinedOfficial Fix5.07CVE-2020-8297
02/24/20215.55.5VMware Spring Cloud Netflix Zuul Sensitive Headers unknown vulnerabilitySpring Cloud Netflix ZuulNot DefinedOfficial Fix3.81-CVE-2021-22113
02/19/20214.34.3ownCloud Server Request information disclosureownCloud ServerNot DefinedOfficial Fix0.12CVE-2020-36252
02/19/20213.53.5ownCloud Server Share denial of serviceownCloud ServerNot DefinedOfficial Fix0.18CVE-2020-36251
02/19/20213.73.7ownCloud Server File Type information disclosureownCloud ServerNot DefinedOfficial Fix0.18CVE-2020-36249
02/19/20216.36.3ownCloud Preview improper authenticationownCloudNot DefinedOfficial Fix0.06CVE-2020-10254
02/19/20216.36.3ownCloud external server-side request forgeryownCloudNot DefinedOfficial Fix0.23CVE-2020-10252
02/12/20213.53.5Teradici Cloud Access Connector Web Form cross-site request forgeryCloud Access ConnectorNot DefinedNot Defined0.06CVE-2020-13186
02/12/20216.36.3Teradici Cloud Access Connector Web Application Pages authentication bypassCloud Access ConnectorNot DefinedOfficial Fix0.07CVE-2020-13185
02/11/20215.65.6Palo Alto Prisma Cloud Compute SAML Authentication signature verificationPrisma Cloud ComputeNot DefinedOfficial Fix0.06CVE-2021-3033
02/10/20216.36.3SAP Commerce Cloud Drools Rule injectionCommerce CloudNot DefinedNot Defined0.06CVE-2021-21477
02/10/20214.64.6ownCloud unknown vulnerabilityownCloudNot DefinedOfficial Fix0.00CVE-2020-28645
02/10/20213.53.5ownCloud API Endpoint core cross-site request forgeryownCloudNot DefinedOfficial Fix0.09CVE-2020-28644
02/10/20214.64.6ownCloud File Store files_antivirus permissionownCloudNot DefinedOfficial Fix0.05CVE-2020-16144
02/09/20216.85.9Microsoft Azure Kubernetes Service Remote Privilege EscalationAzure Kubernetes ServiceUnprovenOfficial Fix0.07CVE-2021-24109
02/09/20217.06.1Microsoft Azure IoT CLI Extension Local Privilege EscalationAzure IoT CLI ExtensionUnprovenOfficial Fix0.05CVE-2021-24087
02/04/20213.53.4Nextcloud Server Markdown cross site scriptingServerNot DefinedOfficial Fix1.22CVE-2020-8294
02/03/20217.06.7Cloudflare WARP unquoted search pathWARPNot DefinedOfficial Fix1.76CVE-2020-35152
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix2.04CVE-2021-25138
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix0.00CVE-2021-25137
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix1.56CVE-2021-25136
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix1.83CVE-2021-25135
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix1.72CVE-2021-25134
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix0.06CVE-2021-25133
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix1.93CVE-2021-25132
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix0.73CVE-2021-25131
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix2.05CVE-2021-25130
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware path traversalCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix2.11CVE-2021-25129
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware path traversalCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix0.84CVE-2021-25128
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix0.21CVE-2021-25127
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix1.83CVE-2021-25126
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware path traversalCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix1.78CVE-2021-25125
01/30/20218.38.0HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller cloudline_cl3100_gen10_server_firmware path traversalCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedOfficial Fix2.05CVE-2021-25124
01/30/20216.56.5HPE Cloudline CL5800 Gen9 Server Baseboard Management Controller addlicense_func buffer overflowCloudline CL5800 Gen9 Server/Cloudline CL5200 Gen9 Server/Cloudline CL4100 Gen10 Server/Cloudline CL3100 Gen10 Server/Cloudline CL5800 Gen10 ServerNot DefinedNot Defined0.34CVE-2021-25123
01/28/20215.35.3Vmware Spring Cloud Task TaskExplorer sql injectionSpring Cloud TaskNot DefinedOfficial Fix0.11CVE-2020-5428
01/28/20215.95.7Vmware Spring Cloud Data Flow Task Execution sql injectionSpring Cloud Data FlowNot DefinedOfficial Fix0.06CVE-2020-5427
01/28/20213.73.5IBM Cloud Pak for Security HTTP Header information disclosureCloud Pak for SecurityNot DefinedNot Defined0.06CVE-2020-4967
01/28/20215.24.9IBM Cloud Pak for Security Web UI cross site scriptingCloud Pak for SecurityNot DefinedNot Defined0.00CVE-2020-4820
01/28/20214.54.3IBM Cloud Pak for Security cleartext transmissionCloud Pak for SecurityNot DefinedNot Defined0.05CVE-2020-4816
01/28/20215.35.1IBM Cloud Pak for Security HTTP Response Header information disclosureCloud Pak for SecurityNot DefinedOfficial Fix0.05CVE-2020-4815
01/28/20215.35.1IBM Cloud Pak for Security information exposureCloud Pak for SecurityNot DefinedNot Defined0.00CVE-2020-4628
01/27/20215.55.5Nextcloud Server Password Reset resource consumptionNextcloud ServerNot DefinedNot Defined1.82CVE-2020-8295
01/27/20215.04.8Nextcloud Server Workflow Rule resource consumptionNextcloud ServerNot DefinedOfficial Fix0.97CVE-2020-8293
01/26/20216.36.0Apple iCloud ImageIO out-of-bounds readiCloudNot DefinedOfficial Fix0.05CVE-2020-29619
01/26/20216.36.0Apple iCloud ImageIO out-of-bounds readiCloudNot DefinedOfficial Fix0.44CVE-2020-29617
01/26/20216.36.0Apple iCloud ImageIO out-of-bounds readiCloudNot DefinedOfficial Fix1.58CVE-2020-29618
01/26/20216.36.0Apple iCloud ImageIO out-of-bounds writeiCloudNot DefinedOfficial Fix2.02CVE-2020-29611
01/20/20216.15.8Oracle Retail Order Broker Cloud Service Supplier Direct Fulfillment cross site scriptingRetail Order Broker Cloud ServiceNot DefinedOfficial Fix0.70CVE-2020-13954
01/20/20215.95.7Oracle Communications Performance Intelligence Center Software OpenSSL information disclosureCommunications Performance Intelligence Center SoftwareNot DefinedOfficial Fix0.05CVE-2019-1559
01/20/20216.56.2Oracle Communications Session Report Manager Spring Framework unknown vulnerabilityCommunications Session Report ManagerNot DefinedOfficial Fix0.05CVE-2020-5421

Want to stay up to date on a daily basis?

Enable the mail alert feature now!