Vulnerabilities > Oracle > Solaris

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2017-3497 Unspecified vulnerability in Oracle Solaris 11.3
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Remote Administration Daemon).
network
low complexity
oracle
7.3
2017-04-24 CVE-2017-3474 Unspecified vulnerability in Oracle Solaris 11.3
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zone).
local
low complexity
oracle
3.3
2017-04-11 CVE-2016-4483 Deserialization of Untrusted Data vulnerability in multiple products
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization.
network
low complexity
xmlsoft debian oracle CWE-502
7.5
2017-01-27 CVE-2017-3301 Unspecified vulnerability in Oracle Solaris 11.3
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel).
local
low complexity
oracle
3.3
2017-01-27 CVE-2017-3276 Unspecified vulnerability in Oracle Solaris 11.3
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized block driver).
local
high complexity
oracle
5.7
2017-01-27 CVE-2016-8330 Improper Access Control vulnerability in Oracle Solaris 11.3
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel).
network
high complexity
oracle CWE-284
3.7
2016-12-13 CVE-2016-2334 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.
local
low complexity
7-zip fedoraproject oracle CWE-119
7.8
2016-12-13 CVE-2016-6491 Out-of-bounds Read vulnerability in multiple products
Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
network
low complexity
imagemagick oracle CWE-125
8.8
2016-12-13 CVE-2016-5842 Out-of-bounds Read vulnerability in multiple products
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
network
low complexity
imagemagick oracle CWE-125
7.5
2016-12-13 CVE-2016-5841 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
network
low complexity
imagemagick oracle CWE-190
critical
9.8