Vulnerabilities > Oracle > Solaris

DATE CVE VULNERABILITY TITLE RISK
2016-08-07 CVE-2016-5357 Improper Input Validation vulnerability in multiple products
wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
network
high complexity
wireshark oracle CWE-20
5.9
2016-08-02 CVE-2016-6185 The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
local
low complexity
perl fedoraproject debian oracle canonical
7.8
2016-07-21 CVE-2016-5471 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5469.
local
low complexity
oracle
5.5
2016-07-21 CVE-2016-5469 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5471.
local
low complexity
oracle
5.5
2016-07-21 CVE-2016-5454 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot.
local
high complexity
oracle
6.4
2016-07-21 CVE-2016-5452 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot.
local
low complexity
oracle
5.5
2016-07-21 CVE-2016-3584 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Libadimalloc.
local
high complexity
oracle
7.0
2016-07-21 CVE-2016-3497 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-5469 and CVE-2016-5471.
local
low complexity
oracle
5.5
2016-07-21 CVE-2016-3453 Unspecified vulnerability in Oracle Solaris 10
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to Kernel.
local
low complexity
oracle
5.5
2016-07-19 CVE-2016-5387 The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. 8.1