Vulnerabilities > Oracle > Solaris > 11.3

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2017-3474 Unspecified vulnerability in Oracle Solaris 11.3
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zone).
local
low complexity
oracle
3.3
2017-04-11 CVE-2016-4483 Deserialization of Untrusted Data vulnerability in multiple products
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization.
network
low complexity
xmlsoft debian oracle CWE-502
7.5
2017-01-27 CVE-2017-3301 Unspecified vulnerability in Oracle Solaris 11.3
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel).
local
low complexity
oracle
3.3
2017-01-27 CVE-2017-3276 Unspecified vulnerability in Oracle Solaris 11.3
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized block driver).
local
high complexity
oracle
5.7
2017-01-27 CVE-2016-8330 Improper Access Control vulnerability in Oracle Solaris 11.3
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel).
network
high complexity
oracle CWE-284
3.7
2016-12-13 CVE-2016-6491 Out-of-bounds Read vulnerability in multiple products
Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
network
low complexity
imagemagick oracle CWE-125
8.8
2016-12-13 CVE-2016-5842 Out-of-bounds Read vulnerability in multiple products
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
network
low complexity
imagemagick oracle CWE-125
7.5
2016-12-13 CVE-2016-5841 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
network
low complexity
imagemagick oracle CWE-190
critical
9.8
2016-12-13 CVE-2016-5691 Improper Input Validation vulnerability in multiple products
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.
network
low complexity
oracle imagemagick CWE-20
critical
9.8
2016-12-13 CVE-2016-5690 NULL Pointer Dereference vulnerability in multiple products
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
network
low complexity
oracle imagemagick CWE-476
critical
9.8