Vulnerabilities > Oracle > ZFS Storage Appliance KIT

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2019-11135 TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. 6.5
2019-11-08 CVE-2019-10219 A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat netapp oracle
6.1
2019-09-06 CVE-2019-16056 An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. 7.5
2019-07-26 CVE-2019-13565 An issue was discovered in OpenLDAP 2.x before 2.4.48.
network
low complexity
openldap canonical debian opensuse f5 apple oracle
7.5
2019-07-26 CVE-2019-13057 An issue was discovered in the server in OpenLDAP before 2.4.48. 4.9
2019-06-29 CVE-2019-13038 Open Redirect vulnerability in multiple products
mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.
6.1
2019-06-10 CVE-2019-12387 Injection vulnerability in multiple products
In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.
network
low complexity
twisted fedoraproject canonical oracle CWE-74
6.1
2019-02-12 CVE-2018-20781 Insufficiently Protected Credentials vulnerability in multiple products
In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon.
local
low complexity
gnome canonical oracle CWE-522
7.8