CVE-2023-21833

The CVE-2023-21833 entry affects Oracle ZFS Storage Appliance Kit (Object Store) version 8.8. The vulnerability allows a low-privilege, network-access attacker (HTTP) to read a subset of data. CVSS v3.1 base score 4.3 (Confidentiality impact: Low). Connected sources confirm the issue and indicate...

Unspecified Vulnerability in Oracle ZFS Storage Appliance (CNVD-2022-53248)

Oracle ZFS Storage Appliance is a storage appliance that supports flash memory, petabyte file storage and built-in Oracle database from Oracle USA. A security vulnerability exists in the Oracle ZFS Storage Appliance that could be exploited by an attacker to cause unauthorized update, insertion, o...

Design/Logic Flaw

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Core. The supported version that is affected is 8.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to...

CVE-2021-2149

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Core. The supported version that is affected is 8.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to...

VulnCheck KEV: CVE-2020-14871

Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confidentiality, integrity, and availability of affected systems...

CVE-2018-2623

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: User Interface. The supported version that is affected is Prior to 8.7.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Unspecified Vulnerability in Oracle Sun Systems Products Suite (CNVD-2018-02524)

Oracle Sun Systems Products Suite is a Sun Systems product package. An unspecified vulnerability exists in the User Interface subcomponent of the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite. An attacker could exploit this vulnerability to compromise...

CVE-2017-10016

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: User Interface. The supported version that is affected is AK 2013. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun Z...

CVE-2016-5503

Unspecified vulnerability in the Sun ZFS Storage Appliance Kit AK component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality, integrity, and availability via vectors related to Core Services...

CVE-2016-5481

CVE-2016-5481 describes an unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) 2013 within the Oracle Sun Systems Products Suite AK, specifically affecting the Core Services component. The impact as documented is a confidentiality breach that could be exploited by remote attackers...

openQRM 4.8 - 'source_tab' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47865/info openQRM is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...