Vulnerabilities > Oracle > Solaris

DATE CVE VULNERABILITY TITLE RISK
2016-10-25 CVE-2016-5561 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect availability via vectors related to IKE.
network
high complexity
oracle
3.1
2016-10-25 CVE-2016-5559 Unspecified vulnerability in Oracle Solaris 10/11.3
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect integrity via vectors related to Kernel.
local
high complexity
oracle
4.1
2016-10-25 CVE-2016-5553 Unspecified vulnerability in Oracle Solaris 10/11.3
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors.
local
low complexity
oracle
5.0
2016-10-25 CVE-2016-5544 Unspecified vulnerability in Oracle Solaris 10/11.3
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86.
local
low complexity
oracle
7.8
2016-10-25 CVE-2016-5487 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
local
low complexity
oracle
5.3
2016-10-25 CVE-2016-5480 Unspecified vulnerability in Oracle Solaris 10
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash.
local
low complexity
oracle
2.8
2016-09-28 CVE-2016-2776 Improper Input Validation vulnerability in multiple products
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
network
low complexity
oracle isc hp CWE-20
7.5
2016-09-21 CVE-2016-5844 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
network
low complexity
libarchive redhat oracle CWE-190
6.5
2016-09-16 CVE-2016-6302 Improper Input Validation vulnerability in multiple products
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
network
low complexity
openssl oracle CWE-20
7.5
2016-08-07 CVE-2016-5358 Improper Input Validation vulnerability in multiple products
epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
network
high complexity
wireshark oracle CWE-20
5.9