Oracle

Zfs Storage Appliance

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
1.2

CVE-2021-2147

  • EPSS 0.08%
  • Veröffentlicht 22.04.2021 22:15:12
  • Zuletzt bearbeitet 21.11.2024 06:02:28

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastruct...

1.9

CVE-2021-2149

  • EPSS 0.12%
  • Veröffentlicht 22.04.2021 22:15:12
  • Zuletzt bearbeitet 21.11.2024 06:02:28

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where...

8.8

CVE-2021-22191

  • EPSS 0.45%
  • Veröffentlicht 15.03.2021 18:15:17
  • Zuletzt bearbeitet 21.11.2024 05:49:40

Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.

7.1

CVE-2021-28041

  • EPSS 0.26%
  • Veröffentlicht 05.03.2021 21:15:13
  • Zuletzt bearbeitet 21.11.2024 05:59:01

ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.

7.5

CVE-2021-22173

Exploit
  • EPSS 0.95%
  • Veröffentlicht 17.02.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:49:38

Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file

7.5

CVE-2021-22174

Exploit
  • EPSS 0.95%
  • Veröffentlicht 17.02.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:49:38

Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file

5.9

CVE-2021-23336

Exploit
  • EPSS 0.3%
  • Veröffentlicht 15.02.2021 13:15:12
  • Zuletzt bearbeitet 21.11.2024 05:51:31

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector c...

1.2

CVE-2021-1999

  • EPSS 0.08%
  • Veröffentlicht 20.01.2021 15:15:45
  • Zuletzt bearbeitet 21.11.2024 05:45:46

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: RAS subsystems). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastru...

2.1

CVE-2021-1993

  • EPSS 0.23%
  • Veröffentlicht 20.01.2021 15:15:44
  • Zuletzt bearbeitet 21.11.2024 05:45:45

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network...

7.5

CVE-2019-19553

  • EPSS 0.66%
  • Veröffentlicht 05.12.2019 01:15:14
  • Zuletzt bearbeitet 21.11.2024 04:34:57

In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.