Vulnerabilities > Oracle > ZFS Storage Appliance > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-15 | CVE-2021-22191 | Injection vulnerability in multiple products Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file. | 8.8 |
| 2021-03-05 | CVE-2021-28041 | Double Free vulnerability in multiple products ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. | 7.1 |
| 2021-02-17 | CVE-2021-22174 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2021-02-17 | CVE-2021-22173 | Memory Leak vulnerability in multiple products Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file | 7.5 |
| 2019-12-05 | CVE-2019-19553 | Missing Initialization of Resource vulnerability in multiple products In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. | 7.5 |
| 2018-02-21 | CVE-2018-1165 | Out-of-bounds Write vulnerability in multiple products This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. | 7.0 |