VYPR

Solaris

by Oracle Corporation

CVEs (725)

  • CVE-2017-10004MedAug 8, 2017
    risk 0.44cvss 6.7epss 0.00

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to…

  • CVE-2018-2717MedJan 18, 2018
    risk 0.43cvss 6.6epss 0.00

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris…

  • CVE-2017-3551MedApr 24, 2017
    risk 0.43cvss 6.6epss 0.00

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Smartcard Libraries). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris…

  • CVE-2015-8786MedDec 9, 2016
    risk 0.43cvss 6.5epss 0.04

    The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_incr parameter.

  • CVE-2026-34281MedApr 21, 2026
    risk 0.42cvss 6.5epss 0.00

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise…

  • CVE-2016-5454MedJul 21, 2016
    risk 0.42cvss 6.4epss 0.00

    Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot.

  • CVE-2015-7546HigFeb 3, 2016
    risk 0.42cvss 7.5epss 0.02

    The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI…

  • CVE-2016-5606MedOct 25, 2016
    risk 0.40cvss 6.1epss 0.00

    Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones.

  • CVE-2018-2753MedApr 19, 2018
    risk 0.39cvss 6.0epss 0.00

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Python modules). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes…

  • CVE-2016-5358MedAug 7, 2016
    risk 0.39cvss 5.9epss 0.02

    epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2016-5357MedAug 7, 2016
    risk 0.39cvss 5.9epss 0.03

    wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

  • CVE-2016-4955MedJul 5, 2016
    risk 0.39cvss 5.9epss 0.09

    ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.

  • CVE-2016-4085MedApr 25, 2016
    risk 0.39cvss 5.9epss 0.03

    Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet.

  • CVE-2016-4082MedApr 25, 2016
    risk 0.39cvss 5.9epss 0.02

    epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted…

  • CVE-2016-4079MedApr 25, 2016
    risk 0.39cvss 5.9epss 0.02

    epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet.

  • CVE-2016-0669MedApr 21, 2016
    risk 0.39cvss 6.0epss 0.00

    Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Fwflash.

  • CVE-2015-2774MedApr 7, 2016
    risk 0.39cvss 5.9epss 0.02

    Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).

  • CVE-2017-3631MedJun 22, 2017
    risk 0.38cvss 5.3epss 0.06

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise…

  • CVE-2017-3630MedJun 22, 2017
    risk 0.38cvss 5.3epss 0.05

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to…

  • CVE-2015-3195MedDec 6, 2015
    risk 0.38cvss 5.3epss 0.39

    The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information…

Page 4 of 37