Solaris
CVEs (725)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-1196 | 0.00 | — | 0.06 | Jan 21, 2015 | GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file. | |||
| CVE-2015-1038 | 0.00 | — | 0.03 | Jan 21, 2015 | p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive. | |||
| CVE-2015-0397 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600. | |||
| CVE-2015-0381 | 0.00 | — | 0.05 | Jan 21, 2015 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382. | |||
| CVE-2015-0378 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Libc. | |||
| CVE-2015-0374 | 0.00 | — | 0.03 | Jan 21, 2015 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key. | |||
| CVE-2014-6600 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2015-0397. | |||
| CVE-2014-6575 | 0.00 | — | 0.02 | Jan 21, 2015 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Network, a different vulnerability than CVE-2004-0230. | |||
| CVE-2014-6570 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6600 and CVE-2015-0397. | |||
| CVE-2014-6524 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel. | |||
| CVE-2014-6521 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via vectors related to CDE - Power Management Utility. | |||
| CVE-2014-6518 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to Unix File System (UFS). | |||
| CVE-2014-6510 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Power Management Utility. | |||
| CVE-2014-6509 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability via unknown vectors related to Kernel. | |||
| CVE-2014-6481 | 0.00 | — | 0.01 | Jan 21, 2015 | Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect confidentiality via vectors related to KSSL. | |||
| CVE-2014-9601 | 0.00 | — | 0.05 | Jan 16, 2015 | Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed. | |||
| CVE-2014-9496 | 0.00 | — | 0.01 | Jan 16, 2015 | The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read. | |||
| CVE-2015-0564 | 0.00 | — | 0.03 | Jan 10, 2015 | Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during… | |||
| CVE-2015-0561 | 0.00 | — | 0.06 | Jan 10, 2015 | asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet. | |||
| CVE-2014-5353 | 0.00 | — | 0.05 | Dec 16, 2014 | The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with… |
- CVE-2015-1196Jan 21, 2015risk 0.00cvss —epss 0.06
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.
- CVE-2015-1038Jan 21, 2015risk 0.00cvss —epss 0.03
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
- CVE-2015-0397Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600.
- CVE-2015-0381Jan 21, 2015risk 0.00cvss —epss 0.05
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.
- CVE-2015-0378Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Libc.
- CVE-2015-0374Jan 21, 2015risk 0.00cvss —epss 0.03
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.
- CVE-2014-6600Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2015-0397.
- CVE-2014-6575Jan 21, 2015risk 0.00cvss —epss 0.02
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Network, a different vulnerability than CVE-2004-0230.
- CVE-2014-6570Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6600 and CVE-2015-0397.
- CVE-2014-6524Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.
- CVE-2014-6521Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via vectors related to CDE - Power Management Utility.
- CVE-2014-6518Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to Unix File System (UFS).
- CVE-2014-6510Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Power Management Utility.
- CVE-2014-6509Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability via unknown vectors related to Kernel.
- CVE-2014-6481Jan 21, 2015risk 0.00cvss —epss 0.01
Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect confidentiality via vectors related to KSSL.
- CVE-2014-9601Jan 16, 2015risk 0.00cvss —epss 0.05
Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.
- CVE-2014-9496Jan 16, 2015risk 0.00cvss —epss 0.01
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
- CVE-2015-0564Jan 10, 2015risk 0.00cvss —epss 0.03
Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during…
- CVE-2015-0561Jan 10, 2015risk 0.00cvss —epss 0.06
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
- CVE-2014-5353Dec 16, 2014risk 0.00cvss —epss 0.05
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with…
Page 23 of 37