Vulnerabilities > Oracle > Solaris

DATE CVE VULNERABILITY TITLE RISK
2016-12-13 CVE-2016-5691 Improper Input Validation vulnerability in multiple products
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.
network
low complexity
oracle imagemagick CWE-20
critical
9.8
2016-12-13 CVE-2016-5690 NULL Pointer Dereference vulnerability in multiple products
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
network
low complexity
oracle imagemagick CWE-476
critical
9.8
2016-12-13 CVE-2016-5689 NULL Pointer Dereference vulnerability in multiple products
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.
network
low complexity
oracle imagemagick CWE-476
critical
9.8
2016-12-13 CVE-2016-5688 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.
network
high complexity
oracle imagemagick CWE-119
8.1
2016-12-13 CVE-2016-5687 Out-of-bounds Read vulnerability in multiple products
The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.
network
low complexity
imagemagick oracle CWE-125
critical
9.8
2016-12-09 CVE-2015-8786 Resource Management Errors vulnerability in multiple products
The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_incr parameter.
network
low complexity
oracle pivotal-software CWE-399
6.5
2016-10-25 CVE-2016-5615 Improper Access Control vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx.
local
low complexity
oracle CWE-284
3.3
2016-10-25 CVE-2016-5606 Improper Access Control vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones.
local
low complexity
oracle CWE-284
6.1
2016-10-25 CVE-2016-5576 Improper Access Control vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel Zones.
local
low complexity
oracle CWE-284
5.5
2016-10-25 CVE-2016-5566 Improper Access Control vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect confidentiality via unknown vectors.
network
low complexity
oracle CWE-284
5.3