Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
illumos illumos - vulnerabilities and exploits
(subscribe to this query)
694
VMScore
CVE-2016-6560
illumos osnet-incorporation bcopy() and bzero() implementations make signed instead of unsigned comparisons allowing a system crash.
Illumos Illumos -
694
VMScore
CVE-2016-6561
illumos smbsrv NULL pointer dereference allows system crash.
Illumos Illumos -
445
VMScore
CVE-2014-9491
The devzvol_readdir function in illumos does not check the return value of a strchr call, which allows remote malicious users to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors.
Illumos Illumos
NA
CVE-2023-31284
illumos illumos-gate prior to 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net.
Illumos Illumos-gate
NA
CVE-2019-9579
An issue exists in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. The SMB server allows an malicious user to have unintended access, e.g., an attacker with WRITE_XATTR can change permissions. This occurs because of a combination of three factors: ZFS extended...
Illumos Illumos -
Oracle Solaris 11
668
VMScore
CVE-2020-27678
An issue exists in illumos prior to 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS prior to 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.
Illumos Illumos
Joyent Smartos
Omniosce Omnios
NA
CVE-2021-43395
An issue exists in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems...
Illumos Illumos
Omniosce Omnios R151038
Openindiana Openindiana Hipster 2021.04
Joyent Smartos 20210923
Oracle Solaris 11
Oracle Solaris 10
736
VMScore
CVE-2012-0217
The x86-64 kernel system-call functionality in Xen 4.1.2 and previous versions, as used in Citrix XenServer 6.0.2 and previous versions and other products; Oracle Solaris 11 and previous versions; illumos before r13724; Joyent SmartOS prior to 20120614T184600Z; FreeBSD prior to 9...
Freebsd Freebsd
Illumos Illumos
Joyent Smartos
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.1
Xen Xen
Xen Xen 4.0.0
Xen Xen 4.0.1
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2003
Microsoft Windows Xp
Citrix Xenserver 6.0
Citrix Xenserver
Netbsd Netbsd
Sun Sunos
3 EDB exploits
3 Github repositories
1 Article
694
VMScore
CVE-2019-19396
illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because uts/common/inet/ip/ip_attr.c mishandles conn_ixa dereferences.
Omniosce Omnios
641
VMScore
CVE-2020-24718
bhyve, as used in FreeBSD up to and including 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain...
Freebsd Freebsd
Freebsd Freebsd 11.3
Freebsd Freebsd 11.4
Freebsd Freebsd 12.0
Freebsd Freebsd 12.1
Omniosce Omnios
Openindiana Openindiana
Netapp Clustered Data Ontap -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started