Vulnerabilities > Oracle > Solaris > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-21 | CVE-2020-14871 | Out-of-bounds Write vulnerability in Oracle Solaris 10/11/9 Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). | 10.0 |
2020-03-12 | CVE-2020-10108 | HTTP Request Smuggling vulnerability in multiple products In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. | 9.8 |
2017-08-08 | CVE-2017-3632 | Unspecified vulnerability in Oracle Solaris 10/11 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: CDE Calendar). | 10.0 |
2017-04-24 | CVE-2017-3623 | Remote Code Execution vulnerability in Oracle Solaris Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel RPC). | 10.0 |
2016-12-13 | CVE-2016-5687 | Out-of-bounds Read vulnerability in multiple products The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read. | 9.8 |
2016-12-13 | CVE-2016-5689 | NULL Pointer Dereference vulnerability in multiple products The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks. | 9.8 |
2016-12-13 | CVE-2016-5690 | NULL Pointer Dereference vulnerability in multiple products The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table. | 9.8 |
2016-12-13 | CVE-2016-5691 | Improper Input Validation vulnerability in multiple products The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue. | 9.8 |
2016-06-20 | CVE-2016-2177 | Integer Overflow or Wraparound vulnerability in multiple products OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. | 9.8 |
2016-06-10 | CVE-2016-5118 | The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. | 9.8 |