Oracle Zfs Storage Appliance — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Zfs Storage Appliance, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2019-19553 — CVSS 7.5 (high): In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-te…
CVE-2021-28041 — CVSS 7.1 (high): ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket…
CVE-2018-1165 — CVSS 7.0 (high): This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064…
CVE-2019-16168 — CVSS 6.5 (medium): In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a…
CVE-2021-22191 — CVSS 6.3 (medium): Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted…
CVE-2021-23336 — CVSS 5.9 (medium): The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2…
CVE-2021-1999 — CVSS 5.0 (medium): Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: RAS subsystems). The supported version that is…
CVE-2021-1993 — CVSS 4.8 (medium): Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c…
CVE-2021-22174 — CVSS 3.7 (low): Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file
CVE-2021-22173 — CVSS 3.7 (low): Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file
CVE-2021-2149 — CVSS 2.5 (low): Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected…
CVE-2021-2147 — CVSS 1.8 (low): Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). The supported version that is…