Skip to main content

Omnios

3 CVEs product

Monthly

CVE-2020-27678 CRITICAL PATCH Act Now

An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Illumos Smartos Omnios
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2020-24718 HIGH POC This Week

bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Intel Authentication Bypass Freebsd Omnios Openindiana +1
NVD GitHub
CVSS 3.1
8.2
EPSS
0.6%
CVE-2019-19396 HIGH This Week

illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Omnios
NVD
CVSS 3.1
7.5
EPSS
1.1%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Illumos Smartos +1
NVD GitHub
EPSS 1% CVSS 8.2
HIGH POC This Week

bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Intel Authentication Bypass Freebsd +3
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Omnios
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy