Vulnerabilities > Oracle > ZFS Storage Appliance
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-2149 | Unspecified vulnerability in Oracle ZFS Storage Appliance 8.8 Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). | 2.5 |
| 2021-04-22 | CVE-2021-2147 | Unspecified vulnerability in Oracle ZFS Storage Appliance 8.8 Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). | 1.8 |
| 2021-03-15 | CVE-2021-22191 | Injection vulnerability in multiple products Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file. | 8.8 |
| 2021-03-05 | CVE-2021-28041 | Double Free vulnerability in multiple products ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. | 7.1 |
| 2021-02-17 | CVE-2021-22174 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2021-02-17 | CVE-2021-22173 | Memory Leak vulnerability in multiple products Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2021-02-15 | CVE-2021-23336 | HTTP Request Smuggling vulnerability in multiple products The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. | 5.9 |
| 2021-01-20 | CVE-2021-1999 | Unspecified vulnerability in Oracle products Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: RAS subsystems). | 5.0 |
| 2021-01-20 | CVE-2021-1993 | Unspecified vulnerability in Oracle products Vulnerability in the Java VM component of Oracle Database Server. | 4.8 |
| 2019-12-05 | CVE-2019-19553 | Missing Initialization of Resource vulnerability in multiple products In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. | 7.5 |