Vulnerabilities > Joyent

DATE CVE VULNERABILITY TITLE RISK
2022-12-26 CVE-2021-43395 Improper Locking vulnerability in multiple products
An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923.
5.5
2020-10-26 CVE-2020-27678 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022.
network
low complexity
joyent omniosce illumos CWE-120
critical
9.8
2020-08-30 CVE-2020-7712 OS Command Injection vulnerability in multiple products
This affects the package json before 10.0.0.
network
low complexity
joyent oracle CWE-78
7.2
2018-09-07 CVE-2016-9040 Resource Exhaustion vulnerability in Joyent Smartos 20161110T013148Z
An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system.
local
low complexity
joyent CWE-400
5.5
2018-06-07 CVE-2018-3737 Incorrect Regular Expression vulnerability in Joyent Sshpk
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
network
low complexity
joyent CWE-185
7.5
2018-06-04 CVE-2017-16005 Improper Verification of Cryptographic Signature vulnerability in Joyent Http-Signature
Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme".
network
low complexity
joyent CWE-347
7.5
2018-03-19 CVE-2018-1171 Out-of-bounds Write vulnerability in multiple products
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z.
local
high complexity
joyent oracle CWE-787
7.0
2018-02-21 CVE-2018-1166 Improper Input Validation vulnerability in Joyent Smartos 20170803
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z.
local
low complexity
joyent CWE-20
7.8
2018-02-21 CVE-2018-1165 Out-of-bounds Write vulnerability in multiple products
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z.
local
high complexity
joyent oracle CWE-787
7.0
2017-10-31 CVE-2017-10940 Unrestricted Upload of File with Dangerous Type vulnerability in Joyent Triton Datacenter
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to [email protected] (e469cf49-4de3-4658-8419-ab42837916ad).
network
low complexity
joyent CWE-434
8.8