Vulnerabilities > Oracle > Solaris
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-25 | CVE-2016-5544 | Unspecified vulnerability in Oracle Solaris 10/11.3 Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86. | 7.8 |
| 2016-10-25 | CVE-2016-5487 | Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | 5.3 |
| 2016-10-25 | CVE-2016-5480 | Unspecified vulnerability in Oracle Solaris 10 Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash. | 2.8 |
| 2016-09-28 | CVE-2016-2776 | Improper Input Validation vulnerability in multiple products buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. | 7.5 |
| 2016-09-21 | CVE-2016-5844 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file. | 6.5 |
| 2016-09-16 | CVE-2016-6302 | Improper Input Validation vulnerability in multiple products The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. | 7.5 |
| 2016-08-07 | CVE-2016-5358 | Improper Input Validation vulnerability in multiple products epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.9 |
| 2016-08-07 | CVE-2016-5357 | Improper Input Validation vulnerability in multiple products wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | 5.9 |
| 2016-08-02 | CVE-2016-6185 | The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory. | 7.8 |
| 2016-07-21 | CVE-2016-5471 | Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5469. | 5.5 |