Oracle

Zfs Storage Appliance

12 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
1.2

CVE-2021-2147

  • EPSS 0.08%
  • Published 22.04.2021 22:15:12
  • Last modified 21.11.2024 06:02:28

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastruct...

1.9

CVE-2021-2149

  • EPSS 0.12%
  • Published 22.04.2021 22:15:12
  • Last modified 21.11.2024 06:02:28

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where...

8.8

CVE-2021-22191

  • EPSS 0.45%
  • Published 15.03.2021 18:15:17
  • Last modified 21.11.2024 05:49:40

Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.

7.1

CVE-2021-28041

  • EPSS 0.26%
  • Published 05.03.2021 21:15:13
  • Last modified 21.11.2024 05:59:01

ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.

7.5

CVE-2021-22173

Exploit
  • EPSS 0.95%
  • Published 17.02.2021 15:15:13
  • Last modified 21.11.2024 05:49:38

Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file

7.5

CVE-2021-22174

Exploit
  • EPSS 0.95%
  • Published 17.02.2021 15:15:13
  • Last modified 21.11.2024 05:49:38

Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file

5.9

CVE-2021-23336

Exploit
  • EPSS 0.3%
  • Published 15.02.2021 13:15:12
  • Last modified 21.11.2024 05:51:31

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector c...

1.2

CVE-2021-1999

  • EPSS 0.08%
  • Published 20.01.2021 15:15:45
  • Last modified 21.11.2024 05:45:46

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: RAS subsystems). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastru...

2.1

CVE-2021-1993

  • EPSS 0.23%
  • Published 20.01.2021 15:15:44
  • Last modified 21.11.2024 05:45:45

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network...

7.5

CVE-2019-19553

  • EPSS 0.66%
  • Published 05.12.2019 01:15:14
  • Last modified 21.11.2024 04:34:57

In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.