Lucene search

K
OracleSolaris Cluster

14 matches found

CVE
CVE
added 2019/08/20 9:15 p.m.820 views

CVE-2019-10086

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

7.5CVSS7.3AI score0.00317EPSS
CVE
CVE
added 2021/04/13 7:15 a.m.517 views

CVE-2021-29425

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal),...

5.8CVSS6.7AI score0.00357EPSS
CVE
CVE
added 2019/10/15 2:15 p.m.277 views

CVE-2019-17195

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.

9.8CVSS9.2AI score0.1232EPSS
CVE
CVE
added 2021/06/02 4:15 p.m.243 views

CVE-2020-6950

Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.

6.5CVSS6.7AI score0.57917EPSS
CVE
CVE
added 2017/10/19 5:29 p.m.51 views

CVE-2017-3588

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: HA for MySQL). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris Cluster executes to...

7.3CVSS6.8AI score0.00278EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.39 views

CVE-2017-10234

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). The supported version that is affected is 4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris Cluster executes to co...

7.3CVSS7.1AI score0.00076EPSS
CVE
CVE
added 2011/07/21 12:55 a.m.37 views

CVE-2011-2297

Unspecified vulnerability in Oracle Solaris Cluster 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Data Service for WebLogic Server.

6.1CVSS5.8AI score0.00596EPSS
CVE
CVE
added 2017/04/24 7:59 p.m.36 views

CVE-2016-5551

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). The supported version that is affected is 4.3. Easily "exploitable" vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris Cluster executes ...

2.8CVSS2.9AI score0.00148EPSS
CVE
CVE
added 2016/01/21 2:59 a.m.35 views

CVE-2016-0417

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.2 allows local users to affect confidentiality, integrity, and availability via vectors related to HA for MySQL.

4.6CVSS6.5AI score0.00176EPSS
CVE
CVE
added 2016/07/21 10:12 a.m.35 views

CVE-2016-3480

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect confidentiality via vectors related to HA for Postgresql.

4.9CVSS4.5AI score0.00104EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.35 views

CVE-2018-2930

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via RPC to compromise Solaris Cluster. ...

9.8CVSS8.8AI score0.06616EPSS
CVE
CVE
added 2016/10/25 2:29 p.m.30 views

CVE-2016-5508

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 4.3 allows local users to affect confidentiality via vectors related to Cluster Geo.

3.3CVSS3.8AI score0.00046EPSS
CVE
CVE
added 2016/10/25 2:30 p.m.29 views

CVE-2016-5525

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files.

3.3CVSS4.1AI score0.00046EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.25 views

CVE-2018-2822

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: Cluster Geo). The supported version that is affected is 4.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris Cluster executes to compromi...

6.6CVSS6.2AI score0.00121EPSS