Oracle

Solaris Cluster

14 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2020-6950

  • EPSS 57.92%
  • Veröffentlicht 02.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:36:22

Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.

5.8

CVE-2021-29425

Exploit
  • EPSS 0.48%
  • Veröffentlicht 13.04.2021 07:15:12
  • Zuletzt bearbeitet 21.11.2024 06:01:04

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but ...

9.8

CVE-2019-17195

  • EPSS 11.34%
  • Veröffentlicht 15.10.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:31:50

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.

7.5

CVE-2019-10086

  • EPSS 0.26%
  • Veröffentlicht 20.08.2019 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:18:22

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by defa...

9.8

CVE-2018-2930

  • EPSS 5.82%
  • Veröffentlicht 18.07.2018 13:29:02
  • Zuletzt bearbeitet 21.11.2024 04:04:46

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerability allows unauthenticated attacker with netwo...

6.6

CVE-2018-2822

  • EPSS 0.12%
  • Veröffentlicht 19.04.2018 02:29:04
  • Zuletzt bearbeitet 21.11.2024 04:04:32

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: Cluster Geo). The supported version that is affected is 4.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastr...

7.3

CVE-2017-3588

  • EPSS 0.28%
  • Veröffentlicht 19.10.2017 17:29:07
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: HA for MySQL). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerability allows unauthenticated attacker with logon to the...

7.3

CVE-2017-10234

  • EPSS 0.08%
  • Veröffentlicht 08.08.2017 15:29:06
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). The supported version that is affected is 4. Easily exploitable vulnerability allows low privileged attacker with logon to the in...

2.8

CVE-2016-5551

  • EPSS 0.15%
  • Veröffentlicht 24.04.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). The supported version that is affected is 4.3. Easily "exploitable" vulnerability allows unauthenticated attacker with logon to t...

3.3

CVE-2016-5525

  • EPSS 0.05%
  • Veröffentlicht 25.10.2016 14:30:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files.