Solaris
CVEs (725)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-0973 | Hig | 0.58 | 8.8 | 0.04 | Jan 18, 2015 | Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495. | ||
| CVE-2016-5387 | Hig | 0.57 | 8.1 | 0.56 | Jul 19, 2016 | The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP… | ||
| CVE-2016-3718 | Med | 0.57 | 5.5 | 0.77 | KEV | May 5, 2016 | The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. | |
| CVE-2016-3715 | Med | 0.57 | 5.5 | 0.75 | KEV | May 5, 2016 | The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. | |
| CVE-2018-2892 | Hig | 0.54 | 7.8 | 0.02 | Jul 18, 2018 | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Availability Suite Service). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where… | ||
| CVE-2017-3629 | Hig | 0.54 | 7.8 | 0.05 | Jun 22, 2017 | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to… | ||
| CVE-2017-3622 | Hig | 0.54 | 7.8 | 0.05 | Apr 24, 2017 | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE)). The supported version that is affected is 10. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where… | ||
| CVE-2016-0778 | Hig | 0.54 | 8.1 | 0.20 | Jan 14, 2016 | The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a… | ||
| CVE-2018-2928 | Hig | 0.53 | 8.1 | 0.02 | Jul 18, 2018 | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RAD). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris.… | ||
| CVE-2017-3564 | Hig | 0.53 | 8.2 | 0.00 | Apr 24, 2017 | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RBAC). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to… | ||
| CVE-2016-5688 | Hig | 0.53 | 8.1 | 0.05 | Dec 13, 2016 | The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex… | ||
| CVE-2016-2334 | Hig | 0.52 | 7.8 | 0.15 | Dec 13, 2016 | Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. | ||
| CVE-2016-4957 | Hig | 0.52 | 7.5 | 0.45 | Jul 5, 2016 | ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547. | ||
| CVE-2017-3565 | Hig | 0.51 | 7.9 | 0.00 | Apr 24, 2017 | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RBAC). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to… | ||
| CVE-2016-5544 | Hig | 0.51 | 7.8 | 0.00 | Oct 25, 2016 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86. | ||
| CVE-2016-6302 | Hig | 0.51 | 7.5 | 0.26 | Sep 16, 2016 | The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. | ||
| CVE-2016-6185 | Hig | 0.51 | 7.8 | 0.01 | Aug 2, 2016 | The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory. | ||
| CVE-2016-3441 | Hig | 0.51 | 7.8 | 0.00 | Apr 21, 2016 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Filesystem. | ||
| CVE-2018-2926 | Hig | 0.50 | 7.6 | 0.01 | Jul 18, 2018 | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NVIDIA-GFX Kernel driver). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via ISCSI to compromise… | ||
| CVE-2018-2908 | Hig | 0.50 | 7.7 | 0.02 | Jul 18, 2018 | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via RPC to compromise Solaris. While the… |
- risk 0.58cvss 8.8epss 0.04
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.
- risk 0.57cvss 8.1epss 0.56
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP…
- risk 0.57cvss 5.5epss 0.77
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
- risk 0.57cvss 5.5epss 0.75
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
- risk 0.54cvss 7.8epss 0.02
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Availability Suite Service). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where…
- risk 0.54cvss 7.8epss 0.05
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to…
- risk 0.54cvss 7.8epss 0.05
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE)). The supported version that is affected is 10. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where…
- risk 0.54cvss 8.1epss 0.20
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a…
- risk 0.53cvss 8.1epss 0.02
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RAD). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris.…
- risk 0.53cvss 8.2epss 0.00
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RBAC). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to…
- risk 0.53cvss 8.1epss 0.05
The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex…
- risk 0.52cvss 7.8epss 0.15
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.
- risk 0.52cvss 7.5epss 0.45
ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.
- risk 0.51cvss 7.9epss 0.00
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RBAC). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to…
- risk 0.51cvss 7.8epss 0.00
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86.
- risk 0.51cvss 7.5epss 0.26
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
- risk 0.51cvss 7.8epss 0.01
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
- risk 0.51cvss 7.8epss 0.00
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Filesystem.
- risk 0.50cvss 7.6epss 0.01
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NVIDIA-GFX Kernel driver). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via ISCSI to compromise…
- risk 0.50cvss 7.7epss 0.02
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via RPC to compromise Solaris. While the…
Page 2 of 37