Oracle Zfs_storage_appliance
14 CVEs affecting Oracle Zfs_storage_appliance. Latest disclosed: 2021-04-22. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-26575 | High | 7.5 | 2020-10-06 | In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero… |
CVE-2020-25863 | High | 7.5 | 2020-10-06 | In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multi… |
CVE-2019-19553 | High | 7.5 | 2019-12-05 | In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensurin… |
CVE-2021-28041 | High | 7.1 | 2021-03-05 | ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy op… |
CVE-2018-1165 | High | 7.0 | 2018-02-21 | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker m… |
CVE-2019-16168 | Medium | 6.5 | 2019-09-09 | In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field… |
CVE-2021-22191 | Medium | 6.3 | 2021-03-15 | Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file. |
CVE-2021-23336 | Medium | 5.9 | 2021-02-15 | The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to W… |
CVE-2021-1999 | Medium | 5.0 | 2021-01-20 | Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: RAS subsystems). The supported version that is affected is 8.8. Dif… |
CVE-2021-1993 | Medium | 4.8 | 2021-01-20 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploi… |
CVE-2021-22174 | Low | 3.7 | 2021-02-17 | Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file |
CVE-2021-22173 | Low | 3.7 | 2021-02-17 | Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file |
CVE-2021-2149 | Low | 2.5 | 2021-04-22 | Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Difficult to… |
CVE-2021-2147 | Low | 1.8 | 2021-04-22 | Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). The supported version that is affected is 8.8. Diffi… |