34 matches found
CVE-2017-15906
OpenSSH OpenSSH sftp-server.c contains a write-blocking flaw in readonly mode that can let an attacker create zero-length files. Specifically, the process_open function in sftp-server.c mishandles write operations when in read-only mode, affecting OpenSSH versions prior to 7.6. The vulnerability ...
CVE-2018-15473
OpenSSH vulnerability CVE-2018-15473 affects OpenSSH up to version 7.7, where the server may enumerate valid usernames by returning different responses for invalid authentication attempts due to not delaying bailout until after the request packet is parsed (auth2-gss.c, auth2-hostbased.c, auth2-p...
CVE-2018-17189
CVE-2018-17189 : In Apache HTTP Server 2.4.37 and earlier, mod_http2 can cause a DoS by handling slowloris-style request bodies, unnecessarily occupying a server thread for the h2 stream on HTTP/2 connections. Affected product: Apache HTTP Server with mod_http2. Impact: denial of service via thre...
CVE-2019-9636
CVE-2019-9636 overview Python 2.7.x (up to 2.7.16) and Python 3.x (up to 3.7.2) are affected by improper handling of Unicode encoding during NFKC normalization, exposing information such as cookies and credentials cached for a hostname. The vulnerable components are urllib.parse.urlsplit and urll...
CVE-2023-22130
CVE-2023-22130 affects Oracle Sun ZFS Storage Appliance (Core) with affected version 8.8.60. The issue allows an unauthenticated, network-accessible attacker over HTTP to cause a hang or frequent crashes (complete DoS) on the Sun ZFS Storage Appliance. CVSS 3.1 base score 5.9 (A: High). Publicly ...
CVE-2017-3580
The CVE-2017-3580 entry concerns the Oracle Sun ZFS Storage Appliance Kit (AK) component of the Sun ZFS Storage Appliance/Sun Systems Products Suite (subcomponent: RAS subsystems). Affected is AK 2013; the vulnerability is a remote elevation of privilege that can be exploited by an unauthenticate...
CVE-2018-2857
CVE-2018-2857 affects the Sun ZFS Storage Appliance Kit (AK) HTTP data path subsystem in Oracle Sun Systems Products Suite, with versions before 8.7.17 vulnerable. The issue allows a network-authenticated, low-privilege attacker to perform unauthorized read, update, insert, or delete operations o...
CVE-2018-2918
The CVE-2018-2918 entry concerns the Sun ZFS Storage Appliance Kit (AK) in the Oracle Sun Systems Products Suite, specifically its API frameworks subcomponent. Affected are versions prior to 8.7.18. The vulnerability is described as exploitable by an unauthenticated attacker who has network acces...
CVE-2018-3057
CVE-2018-3057 affects the Sun ZFS Storage Appliance Kit (AK) in Oracle Sun Systems Products Suite (subcomponent: API frameworks). The affected version is prior to 8.7.18. The vulnerability enables a high-privilege attacker who can log on to the infrastructure where Sun ZFS Storage Appliance Kit (...
CVE-2017-3585
The CVE-2017-3585 entry concerns the Sun ZFS Storage Appliance Kit (AK) within Oracle Sun Systems Products Suite. Affected is AK 2013 in the UI subcomponent. The vulnerability enables an unauthenticated, network-accessible attacker (via HTTP) to perform unauthorized updates, inserts, or deletes o...
CVE-2018-2923
The CVE-2018-2923 issue affects Oracle Sun ZFS Storage Appliance Kit (AK) within the Sun Systems Products Suite, Core Services, with fixes available for versions prior to 8.7.20. A high-privilege attacker with local access could read a subset of AK data ( confidentiality impact ). The CVSSv3 scor...
CVE-2019-2412
CVE-2019-2412 affects Sun ZFS Storage Appliance Kit (AK) in Oracle Sun Systems Products Suite (subcomponent: Object Store). The affected version is prior to 8.8.2. The vulnerability allows a high-privilege attacker with local access to the infrastructure where AK runs to compromise AK and potenti...
CVE-2016-5486
CVE-2016-5486 concerns an unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) 2013 within Oracle Sun Systems Products Suite AK, affecting confidentiality via Core Services and exploitable by local users with low complexity. Connected sources indicate the issue is tied to the Core ...
CVE-2016-5503
CVE-2016-5503 concerns the Sun ZFS Storage Appliance Kit (AK) 2013, specifically the Core Services subcomponent. The affected software is the AK (2013) in Oracle Sun Systems Products Suite AK 2013, with a local-privilege/vector scenario that could affect confidentiality, integrity, and availabili...
CVE-2018-2927
CVE-2018-2927 affects the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems), with exploitation possible on versions prior to 8.7.18. The vulnerability allows a low-privileged, network-accessible attacker (via HTTP) to gain ...
CVE-2017-3621
CVE-2017-3621 affects Oracle Sun ZFS Storage Appliance Kit (AK) with IPC Frameworks subcomponent, specifically AK 2013. The vulnerability allows unauthenticated, network-accessible attackers to cause a hang or frequent crash (complete denial of service). CVSS v3.0 base score is 7.5 (High), with i...
CVE-2018-2917
CVE-2018-2917 affects the Sun ZFS Storage Appliance Kit (AK) within the Oracle Sun Systems Products Suite, specifically the API frameworks subcomponent. The vulnerability concerns versions prior to 8.7.18 and allows an unauthenticated attacker with network access through multiple protocols to com...
CVE-2019-2878
CVE-2019-2878 involves the Sun ZFS Storage Appliance Kit (AK) within Oracle Sun Systems Products Suite. The vulnerability affects the AK component’s HTTP data path subsystems in version 8.8.3, with a CVSS v3.0 base score of 6.1 (Confidentiality and Integrity impacts). It is described as unauthent...
CVE-2018-2858
CVE-2018-2858 affects the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite. The vulnerability is in the HTTP data path subsystem and impacts versions prior to 8.7.17. An unauthenticated attacker with network access over HTTP can read data from a subset of the Sun ...
CVE-2018-2916
The CVE-2018-2916 issue affects the Sun ZFS Storage Appliance Kit (AK) subcomponent API frameworks in Oracle Sun Systems Products Suite. The affected line is the AK component prior to version 8.7.18. Exploitation requires network access and a high-privilege attacker, with no user interaction, to ...
CVE-2018-2920
CVE-2018-2920 affects the Sun ZFS Storage Appliance Kit (AK) API frameworks subcomponent of Oracle Sun Systems Products Suite, with impact pre-8.7.19. A vulnerability in AK’s API frameworks could allow a low-privilege, network-accessible attacker to read, update, insert, or delete data and cause ...
CVE-2018-2921
CVE-2018-2921 affects Oracle Sun Systems Products Suite, specifically the Sun ZFS Storage Appliance Kit (AK) User Interface, with affected versions prior to 8.7.18. The vulnerability allows an unauthenticated, network-accessible attacker (via HTTP) to read data from the AK UI, and attackers may i...
CVE-2017-3584
CVE-2017-3584 describes a vulnerability in Oracle Sun ZFS Storage Appliance Kit (AK), subcomponent RAS subsystems, affecting AK version 2013. The issue allows a low-privileged user with local access to compromise the Sun ZFS Storage Appliance Kit (AK), with potential takeover and impact to relate...
CVE-2018-2624
CVE-2018-2624 affects the Sun ZFS Storage Appliance Kit (AK) UI component of Oracle Sun Systems Products Suite. Affected: all versions before 8.7.13. Root cause: untrusted access that allows an unauthenticated, network-based attacker to compromise AK via HTTP. Impact: potential unauthorized acces...
CVE-2018-2863
CVE-2018-2863 affects Oracle Sun Systems Products Suite’s Sun ZFS Storage Appliance Kit (AK) in the API frameworks subcomponent. The vulnerability is present in versions prior to 8.7.17 and can be triggered by a low-privileged user with network access over HTTP, potentially leading to unauthorize...
CVE-2018-2623
CVE-2018-2623 affects the Sun ZFS Storage Appliance Kit (AK) UI component of Oracle Sun Systems Products Suite. Affected version is prior to 8.7.13. The vulnerability allows an unauthenticated attacker with network access over HTTP to compromise AK, potentially yielding unauthorized access to dat...
CVE-2018-2924
CVE-2018-2924 affects Sun ZFS Storage Appliance Kit (AK) within Oracle Sun Systems Products Suite, specifically the API frameworks subcomponent. The vulnerability is exploitable via a locally authenticated attacker and compromises AK data confidentiality, integrity and availability, with potentia...
CVE-2018-2664
The CVE-2018-2664 entry describes a vulnerability in the Sun ZFS Storage Appliance Kit (AK) UI of Oracle Sun Systems Products Suite. Affected are versions prior to 8.7.13. The issue allows an unauthenticated attacker with network access over HTTP to compromise the AK component, and attacks may si...
CVE-2018-2905
CVE-2018-2905 affects the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Services). Affected versions are Prior to 8.7.20. The vulnerability allows an unauthenticated attacker with network access via SSL/TLS to compromise AK and obtain unauth...
CVE-2018-2937
The CVE-2018-2937 entry concerns Oracle Sun Systems Sun ZFS Storage Appliance Kit (AK) UI. Affected is AK prior to version 8.7.19. The vulnerability allows an unauthenticated attacker with network access over HTTP to compromise AK, leading to unauthorized update, insertion, or deletion of some da...
CVE-2016-5481
CVE-2016-5481 describes an unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) 2013 within the Oracle Sun Systems Products Suite AK, specifically affecting the Core Services component. The impact as documented is a confidentiality breach that could be exploited by remote attackers...
CVE-2018-2611
Technical details about CVE-2018-2611 are not publicly provided in the connected documents. The available records reiterate affected product and severity but do not disclose exploit specifics, affected versions beyond prior to 8.7.13, or remediation steps. Monitor for updates.
CVE-2016-5492
CVE-2016-5492 describes an unspecified local vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite AK 2013. The issue allows local users to affect confidentiality and integrity via vectors related to SMB Users. The NVD entry rates the CVSSv3 impact...
CVE-2026-21930
The CVE-2026-21930 entry is tied to Oracle ZFS Storage Appliance Kit 8.8 (Filesystems). The connected PT-2026-3680 document confirms an easily exploitable vulnerability in the Filesystems component that could allow a high-privilege attacker with system access to compromise the kit, enabling unaut...