Vulnerabilities > Oracle > ZFS Storage Appliance KIT > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2019-11135 TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. 6.5
2019-11-08 CVE-2019-10219 A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat netapp oracle
6.1
2019-07-26 CVE-2019-13057 An issue was discovered in the server in OpenLDAP before 2.4.48. 4.9
2019-06-29 CVE-2019-13038 Open Redirect vulnerability in multiple products
mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.
6.1
2019-06-10 CVE-2019-12387 Injection vulnerability in multiple products
In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.
network
low complexity
twisted fedoraproject canonical oracle CWE-74
6.1