Oracle Sun Zfs Storage Appliance Kit vulnerabilities

CVE-2026-21930 [LOW] CVE-2026-21930: Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Filesyst Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Filesystems). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to compromise Oracle ZFS Storage Appliance Kit. Successful atta

CVE-2023-22130 [MEDIUM] CVE-2023-22130: Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The su Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to c

CVE-2019-2878 [MEDIUM] CVE-2019-2878: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). The supported version that is affected is 8.8.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks req

CVE-2019-9636 [CRITICAL] CVE-2019-9636: Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encod Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A sp

CVE-2018-17189 [MEDIUM] CWE-400 CVE-2018-17189: In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to pl In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.

CVE-2019-2412 [MEDIUM] CVE-2019-2412: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Object Store). The supported version that is affected is prior to 8.8.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Sun ZFS Storage Appliance Kit (AK) executes to compromise Sun ZF

CVE-2018-15473 [MEDIUM] CWE-362 CVE-2018-15473: OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

CVE-2018-3057 [HIGH] CVE-2018-3057: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Sun ZFS Storage Appliance Kit (AK) executes to compromise Sun ZFS

CVE-2018-2920 [HIGH] CVE-2018-2920: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.19. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). While the vu

CVE-2018-2918 [HIGH] CVE-2018-2918: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successfu

CVE-2018-2937 [MEDIUM] CVE-2018-2937: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is Prior to 8.7.19. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of t

CVE-2018-2905 [MEDIUM] CVE-2018-2905: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Services). The supported version that is affected is Prior to 8.7.20. Easily exploitable vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Sun ZFS Storage Appliance Kit (AK). Successful attacks of

CVE-2018-2921 [MEDIUM] CVE-2018-2921: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). While the vulnerability

CVE-2018-2927 [MEDIUM] CVE-2018-2927: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). Successful at

CVE-2018-2924 [MEDIUM] CVE-2018-2924: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Sun ZFS Storage Appliance Kit (AK) executes to compromise Sun Z

CVE-2018-2917 [MEDIUM] CVE-2018-2917: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successfu

CVE-2018-2923 [LOW] CVE-2018-2923: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Services). The supported version that is affected is Prior to 8.7.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Sun ZFS Storage Appliance Kit (AK) executes to compromise Sun ZFS S

CVE-2018-2916 [LOW] CVE-2018-2916: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise Sun ZFS Storage Appliance Kit (AK). Successful a

CVE-2018-2858 [MEDIUM] CVE-2018-2858: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). The supported version that is affected is Prior to 8.7.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). Successful a

CVE-2018-2857 [MEDIUM] CVE-2018-2857: Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). The supported version that is affected is Prior to 8.7.17. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). Successful at