CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-27678
https://notcve.org/view.php?id=CVE-2020-27678
An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c. Se detectó un problema en illumos antes del 22-10-2020, como es usado en OmniOS versiones anteriores a r151030by, r151032ay y r151034y y SmartOS versiones anteriores a 20201022. Se presenta un desbordamiento de búfer en la función parse_user_name en la biblioteca lib/libpam/pam_framework.c • https://github.com/illumos/illumos-gate/commit/1d276e0b382cf066dae93640746d8b4c54d15452 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9040
https://notcve.org/view.php?id=CVE-2016-9040
An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploit this will result in memory exhaustion, resulting in a full system denial of service. Existe una denegación de servicio (DoS) explotable en el sistema de archivos Hyprlofs de Joyent SmartOS OS 20161110T013148Z. • https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9039
https://notcve.org/view.php?id=CVE-2016-9039
An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service. Existe una denegación de servicio explotable en el sistema de archivos Hyprlofs de Joyent SmartOS 20161110T013148Z. • http://www.securityfocus.com/bid/95916 http://www.talosintelligence.com/reports/TALOS-2016-0257 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9033
https://notcve.org/view.php?id=CVE-2016-9033
An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the path variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9035. Existe un desbordamiento de búfer explotable en el sistema de archivo Joyent SmartOS 20161110T013148Z Hyprlofs. • http://www.securityfocus.com/bid/94928 http://www.talosintelligence.com/reports/TALOS-2016-0251 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9031
https://notcve.org/view.php?id=CVE-2016-9031
An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel panic and potentially be leveraged into a full privilege escalation vulnerability. This vulnerability is distinct from CVE-2016-8733. Existe un desbordamiento de entero explotable en el sistema de archivo Joyent SmartOS 20161110T013148Z Hyprlof. • http://www.securityfocus.com/bid/94921 http://www.talosintelligence.com/reports/TALOS-2016-0249 • CWE-190: Integer Overflow or Wraparound •