Vulnerabilities > Oracle > Solaris > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-02-15 | CVE-2017-0321 | NULL Pointer Dereference vulnerability in Nvidia GPU Driver All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges. | 7.2 |
2017-02-15 | CVE-2017-0311 | Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia GPU Driver NVIDIA GPU Display Driver R378 contains a vulnerability in the kernel mode layer handler where improper access control may lead to denial of service or possible escalation of privileges. | 7.2 |
2017-02-15 | CVE-2017-0309 | Integer Overflow or Wraparound vulnerability in Nvidia GPU Driver All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where multiple integer overflows may cause improper memory allocation leading to a denial of service or potential escalation of privileges. | 7.2 |
2017-02-01 | CVE-2016-8980 | XXE vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 7.5 |
2016-12-13 | CVE-2016-2334 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. | 7.8 |
2016-12-13 | CVE-2016-5841 | Integer Overflow or Wraparound vulnerability in Imagemagick Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable. | 7.5 |
2016-12-13 | CVE-2016-5688 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions. | 8.1 |
2016-10-25 | CVE-2016-5544 | Local Security vulnerability in Oracle Solaris 10/11.3 Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86. | 7.2 |
2016-09-28 | CVE-2016-2776 | Improper Input Validation vulnerability in multiple products buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. | 7.8 |
2016-09-16 | CVE-2016-6302 | Improper Input Validation vulnerability in multiple products The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. | 7.5 |