Vulnerabilities > Oracle > ZFS Storage Appliance KIT
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-30 | CVE-2021-4181 | Out-of-bounds Read vulnerability in multiple products Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | 7.5 |
2021-12-30 | CVE-2021-4182 | Infinite Loop vulnerability in multiple products Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | 7.5 |
2021-12-30 | CVE-2021-4183 | Out-of-bounds Read vulnerability in multiple products Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file | 5.5 |
2021-12-30 | CVE-2021-4184 | Infinite Loop vulnerability in multiple products Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | 7.5 |
2021-12-30 | CVE-2021-4185 | Infinite Loop vulnerability in multiple products Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file | 7.5 |
2021-12-20 | CVE-2021-44790 | Out-of-bounds Write vulnerability in multiple products A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). | 9.8 |
2021-12-13 | CVE-2021-43818 | Injection vulnerability in multiple products lxml is a library for processing XML and HTML in the Python language. | 7.1 |
2021-12-07 | CVE-2021-42717 | Uncontrolled Recursion vulnerability in multiple products ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. | 5.0 |
2021-10-27 | CVE-2021-25219 | In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. | 5.3 |
2021-09-26 | CVE-2021-41617 | sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. | 7.0 |