Vulnerabilities > Illumos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-04 | CVE-2023-31284 | Out-of-bounds Write vulnerability in Illumos Illumos-Gate illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net. | 7.8 |
| 2022-12-26 | CVE-2019-9579 | An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. | 8.1 |
| 2022-12-26 | CVE-2021-43395 | Improper Locking vulnerability in multiple products An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. | 5.5 |
| 2020-10-26 | CVE-2020-27678 | Classic Buffer Overflow vulnerability in multiple products An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. | 7.5 |
| 2017-03-31 | CVE-2016-6561 | NULL Pointer Dereference vulnerability in Illumos illumos smbsrv NULL pointer dereference allows system crash. | 7.8 |
| 2017-03-31 | CVE-2016-6560 | Improper Input Validation vulnerability in Illumos illumos osnet-incorporation bcopy() and bzero() implementations make signed instead of unsigned comparisons allowing a system crash. | 7.8 |
| 2015-01-20 | CVE-2014-9491 | Unspecified vulnerability in Illumos The devzvol_readdir function in illumos does not check the return value of a strchr call, which allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors. | 5.0 |
| 2012-06-12 | CVE-2012-0217 | Buffer Errors vulnerability in Freebsd The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. | 7.2 |