Vulnerabilities > Joyent > High

DATE CVE VULNERABILITY TITLE RISK
2020-08-30 CVE-2020-7712 OS Command Injection vulnerability in multiple products
This affects the package json before 10.0.0.
network
low complexity
joyent oracle CWE-78
7.2
7.2
2018-06-07 CVE-2018-3737 Incorrect Regular Expression vulnerability in Joyent Sshpk
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
network
low complexity
joyent CWE-185
7.5
7.5
2018-06-04 CVE-2017-16005 Improper Verification of Cryptographic Signature vulnerability in Joyent Http-Signature
Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme".
network
low complexity
joyent CWE-347
7.5
7.5
2018-03-19 CVE-2018-1171 Out-of-bounds Write vulnerability in multiple products
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z.
local
high complexity
joyent oracle CWE-787
7.0
7.0
2018-02-21 CVE-2018-1166 Improper Input Validation vulnerability in Joyent Smartos 20170803
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z.
local
low complexity
joyent CWE-20
7.8
7.8
2018-02-21 CVE-2018-1165 Out-of-bounds Write vulnerability in multiple products
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z.
local
high complexity
joyent oracle CWE-787
7.0
7.0
2017-10-31 CVE-2017-10940 Unrestricted Upload of File with Dangerous Type vulnerability in Joyent Triton Datacenter
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to [email protected] (e469cf49-4de3-4658-8419-ab42837916ad).
network
low complexity
joyent CWE-434
8.8
8.8
2016-12-14 CVE-2016-9035 Classic Buffer Overflow vulnerability in Joyent Smartos 20161110T013148Z
An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system.
local
high complexity
joyent CWE-120
7.0
7.0
2016-12-14 CVE-2016-9034 Classic Buffer Overflow vulnerability in Joyent Smartos 20120614/20161110T013148Z
An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system.
local
high complexity
joyent CWE-120
7.0
7.0
2016-12-14 CVE-2016-9033 Classic Buffer Overflow vulnerability in Joyent Smartos 20161110T013148Z
An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system.
local
high complexity
joyent CWE-120
7.0
7.0