Vulnerabilities > Oracle > Solaris > 11.3

DATE CVE VULNERABILITY TITLE RISK
2016-02-03 CVE-2015-7546 Insufficiently Protected Credentials vulnerability in multiple products
The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers, which allows remote authenticated users to bypass intended access restrictions and gain access to cloud resources by manipulating byte fields within a revoked token.
network
high complexity
openstack oracle CWE-522
7.5
2016-01-20 CVE-2015-5295 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a template, as demonstrated by file:///dev/zero.
network
low complexity
openstack redhat oracle fedoraproject CWE-119
5.4
2016-01-14 CVE-2016-0778 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
network
high complexity
oracle openbsd apple hp sophos CWE-119
8.1
2016-01-14 CVE-2016-0777 Information Exposure vulnerability in multiple products
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
network
low complexity
sophos oracle openbsd hp apple CWE-200
6.5
2016-01-03 CVE-2016-1283 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
network
low complexity
pcre php fedoraproject oracle CWE-119
critical
9.8
2015-12-06 CVE-2015-3195 Information Exposure vulnerability in multiple products
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.
5.3
2015-10-01 CVE-2015-7236 Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.
network
low complexity
rpcbind-project canonical debian oracle
7.5
2015-08-08 CVE-2015-4495 The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.
network
low complexity
mozilla oracle canonical redhat suse opensuse
8.8
2015-06-09 CVE-2015-3200 Injection vulnerability in multiple products
mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.
network
low complexity
lighttpd hp oracle CWE-74
7.5