Skip to main content

Solaris Cluster

12 CVEs product

Monthly

CVE-2021-29425 Maven MEDIUM POC PATCH THREAT This Month

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Apache Path Traversal Commons Io Debian Linux Access Manager +57
NVD
CVSS 3.1
4.8
EPSS
10.6%
CVE-2019-17195 Maven CRITICAL PATCH Act Now

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Information Disclosure Nimbus Jose Jwt Hadoop Communications Cloud Native Core Security Edge Protection Proxy +12
NVD
CVSS 3.1
9.8
EPSS
11.0%
CVE-2019-10086 Maven HIGH PATCH This Week

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Java Apache Deserialization Commons Beanutils Nifi +58
NVD
CVSS 3.1
7.3
EPSS
28.8%
CVE-2018-2930 CRITICAL PATCH Act Now

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Solaris Cluster
NVD
CVSS 3.0
9.8
EPSS
3.2%
CVE-2018-2822 MEDIUM PATCH This Month

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: Cluster Geo). Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Oracle Denial Of Service Authentication Bypass Solaris Cluster
NVD
CVSS 3.0
6.6
EPSS
0.4%
CVE-2017-3588 HIGH PATCH This Week

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: HA for MySQL). Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Authentication Bypass Oracle Solaris Cluster
NVD
CVSS 3.0
7.3
EPSS
0.3%
CVE-2017-10234 HIGH PATCH This Week

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris Cluster
NVD
CVSS 3.0
7.3
EPSS
0.1%
CVE-2016-5551 LOW PATCH Monitor

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Rated low severity (CVSS 2.8), this vulnerability is low attack complexity.

Authentication Bypass Oracle Solaris Cluster
NVD
CVSS 3.0
2.8
EPSS
0.1%
CVE-2016-5525 LOW PATCH Monitor

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris Cluster
NVD
CVSS 3.0
3.3
EPSS
0.0%
CVE-2016-5508 LOW PATCH Monitor

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 4.3 allows local users to affect confidentiality via vectors related to Cluster Geo. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Solaris Cluster
NVD
CVSS 3.0
3.3
EPSS
0.0%
CVE-2016-3480 MEDIUM PATCH This Month

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect confidentiality via vectors related to HA for Postgresql. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

PostgreSQL Information Disclosure Oracle Solaris Cluster
NVD
CVSS 3.0
4.4
EPSS
0.1%
CVE-2016-0417 MEDIUM This Month

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.2 allows local users to affect confidentiality, integrity, and availability via vectors. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Solaris Cluster
NVD
CVSS 2.0
4.6
EPSS
0.2%
EPSS 11% CVSS 4.8
MEDIUM POC PATCH THREAT This Month

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Apache Path Traversal Commons Io +59
NVD
EPSS 11% CVSS 9.8
CRITICAL PATCH Act Now

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Information Disclosure Nimbus Jose Jwt +14
NVD
EPSS 29% CVSS 7.3
HIGH PATCH This Week

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Java Apache Deserialization +60
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Solaris Cluster
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: Cluster Geo). Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Oracle Denial Of Service Authentication Bypass +1
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: HA for MySQL). Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Authentication Bypass Oracle +1
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris Cluster
NVD
EPSS 0% CVSS 2.8
LOW PATCH Monitor

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Rated low severity (CVSS 2.8), this vulnerability is low attack complexity.

Authentication Bypass Oracle Solaris Cluster
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris Cluster
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 4.3 allows local users to affect confidentiality via vectors related to Cluster Geo. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Solaris Cluster
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect confidentiality via vectors related to HA for Postgresql. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

PostgreSQL Information Disclosure Oracle +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.2 allows local users to affect confidentiality, integrity, and availability via vectors. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Solaris Cluster
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy