VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
> ZFS Storage Appliance KIT
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-12-30
CVE-2021-4185
Infinite Loop vulnerability in multiple products
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark
fedoraproject
debian
oracle
CWE-835
7.5
7.5
2021-12-20
CVE-2021-44790
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts).
network
low complexity
apache
fedoraproject
debian
tenable
netapp
oracle
apple
critical
9.8
9.8
2021-12-13
CVE-2021-43818
lxml is a library for processing XML and HTML in the Python language.
network
low complexity
lxml
fedoraproject
debian
netapp
oracle
7.1
7.1
2021-12-07
CVE-2021-42717
Uncontrolled Recursion vulnerability in multiple products
ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects.
network
low complexity
trustwave
f5
debian
oracle
CWE-674
7.5
7.5
2021-10-27
CVE-2021-25219
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance.
network
low complexity
isc
debian
fedoraproject
netapp
siemens
oracle
5.3
5.3
2021-09-26
CVE-2021-41617
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected.
local
high complexity
openbsd
fedoraproject
netapp
oracle
starwindsoftware
7.0
7.0
2021-09-16
CVE-2021-34798
NULL Pointer Dereference vulnerability in multiple products
Malformed requests may cause the server to dereference a NULL pointer.
network
low complexity
apache
fedoraproject
debian
netapp
tenable
oracle
broadcom
siemens
CWE-476
7.5
7.5
2021-09-16
CVE-2021-36160
Out-of-bounds Read vulnerability in multiple products
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS).
network
low complexity
apache
fedoraproject
debian
netapp
oracle
broadcom
CWE-125
7.5
7.5
2021-09-16
CVE-2021-39275
Out-of-bounds Write vulnerability in multiple products
ap_escape_quotes() may write beyond the end of a buffer when given malicious input.
network
low complexity
apache
fedoraproject
debian
netapp
oracle
siemens
CWE-787
critical
9.8
9.8
2021-09-16
CVE-2021-40438
Server-Side Request Forgery (SSRF) vulnerability in multiple products
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.
network
high complexity
apache
fedoraproject
debian
netapp
broadcom
f5
oracle
siemens
tenable
CWE-918
critical
9.0
9.0
«
Previous
1
2
3
(current)
4
5
...
9
10
»
Next