VYPR
Vendor

Illumos

Products
1
CVEs
9
Across products
9
Status
Private

Products

1

Recent CVEs

9
  • CVE-2016-6560HigMar 31, 2017
    risk 0.56cvss 8.6epss 0.02

    illumos osnet-incorporation bcopy() and bzero() implementations make signed instead of unsigned comparisons allowing a system crash.

  • CVE-2016-6561HigMar 31, 2017
    risk 0.49cvss 7.5epss 0.03

    illumos smbsrv NULL pointer dereference allows system crash.

  • CVE-2024-26317MedJan 27, 2025
    risk 0.40cvss 6.1epss 0.00

    In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates, causing the algorithm to yield a result of POINT_AT_INFINITY when it should not. A man-in-the-middle attacker could use this to…

  • CVE-2012-0217Jun 12, 2012
    risk 0.06cvss epss 0.37

    The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta…

  • CVE-2023-31284May 4, 2023
    risk 0.00cvss epss 0.00

    illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net.

  • CVE-2021-43395Dec 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs…

  • CVE-2020-27678Oct 23, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.

  • CVE-2019-19396Nov 29, 2019
    risk 0.00cvss epss 0.01

    illumos, as used in OmniOS Community Edition before r151030y, allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket, because uts/common/inet/ip/ip_attr.c mishandles conn_ixa dereferences.

  • CVE-2014-9491Jan 20, 2015
    risk 0.00cvss epss 0.03

    The devzvol_readdir function in illumos does not check the return value of a strchr call, which allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors.