Oracle

Solaris Cluster

14 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2020-6950

  • EPSS 57.92%
  • Published 02.06.2021 16:15:08
  • Last modified 21.11.2024 05:36:22

Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.

5.8

CVE-2021-29425

Exploit
  • EPSS 0.48%
  • Published 13.04.2021 07:15:12
  • Last modified 21.11.2024 06:01:04

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but ...

9.8

CVE-2019-17195

  • EPSS 11.34%
  • Published 15.10.2019 14:15:12
  • Last modified 21.11.2024 04:31:50

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.

7.5

CVE-2019-10086

  • EPSS 0.26%
  • Published 20.08.2019 21:15:12
  • Last modified 21.11.2024 04:18:22

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by defa...

9.8

CVE-2018-2930

  • EPSS 5.82%
  • Published 18.07.2018 13:29:02
  • Last modified 21.11.2024 04:04:46

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerability allows unauthenticated attacker with netwo...

6.6

CVE-2018-2822

  • EPSS 0.12%
  • Published 19.04.2018 02:29:04
  • Last modified 21.11.2024 04:04:32

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: Cluster Geo). The supported version that is affected is 4.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastr...

7.3

CVE-2017-3588

  • EPSS 0.28%
  • Published 19.10.2017 17:29:07
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: HA for MySQL). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerability allows unauthenticated attacker with logon to the...

7.3

CVE-2017-10234

  • EPSS 0.08%
  • Published 08.08.2017 15:29:06
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). The supported version that is affected is 4. Easily exploitable vulnerability allows low privileged attacker with logon to the in...

2.8

CVE-2016-5551

  • EPSS 0.15%
  • Published 24.04.2017 19:59:00
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). The supported version that is affected is 4.3. Easily "exploitable" vulnerability allows unauthenticated attacker with logon to t...

3.3

CVE-2016-5525

  • EPSS 0.05%
  • Published 25.10.2016 14:30:01
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files.