Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joyent vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-43395
An issue exists in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems...
Illumos Illumos
Omniosce Omnios R151038
Openindiana Openindiana Hipster 2021.04
Joyent Smartos 20210923
Oracle Solaris 11
Oracle Solaris 10
9.8
CVSSv3
CVE-2020-27678
An issue exists in illumos prior to 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS prior to 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.
Illumos Illumos
Joyent Smartos
Omniosce Omnios
7.2
CVSSv3
CVE-2020-7712
This affects the package json prior to 10.0.0. It is possible to inject arbritary commands using the parseLookup function.
Joyent Json
Oracle Commerce Guided Search 11.3.2
Oracle Timesten In-memory Database
Oracle Financial Services Regulatory Reporting With Agilereporter 8.0.9.6.3
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.2.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.3.0
7.5
CVSSv3
CVE-2015-1316
Juju Core's Joyent provider before version 1.25.5 uploads the user's private ssh key.
Canonical Juju
5.5
CVSSv3
CVE-2016-9040
An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and ...
Joyent Smartos 20161110t013148z
7.5
CVSSv3
CVE-2018-3737
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
Joyent Sshpk
1 Github repository
7.5
CVSSv3
CVE-2017-16005
Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions <=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can interc...
Joyent Http-signature
7
CVSSv3
CVE-2018-1171
This vulnerability allows local malicious users to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerabi...
Joyent Smartos 20170803-20170803t064301z
Oracle Solaris 10
Oracle Solaris 11.3
7.8
CVSSv3
CVE-2018-1166
This vulnerability allows local malicious users to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerabi...
Joyent Smartos 20170803
7
CVSSv3
CVE-2018-1165
This vulnerability allows local malicious users to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerabi...
Joyent Smartos 20170803
Oracle Solaris 11
Oracle Zfs Storage Appliance 8.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »