Vulnerabilities > Oracle > Solaris > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-04-25 | CVE-2016-4085 | Improper Input Validation vulnerability in multiple products Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet. | 5.9 |
| 2016-04-25 | CVE-2016-4082 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet. | 5.9 |
| 2016-04-25 | CVE-2016-4079 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet. | 5.9 |
| 2016-04-21 | CVE-2016-3465 | Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to ZFS. | 5.5 |
| 2016-04-21 | CVE-2016-3462 | Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Network Configuration Service. | 5.5 |
| 2016-04-21 | CVE-2016-0676 | Unspecified vulnerability in Oracle Solaris 10 Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to the kernel. | 4.7 |
| 2016-04-21 | CVE-2016-0669 | Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Fwflash. | 6.0 |
| 2016-04-21 | CVE-2016-0623 | Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect integrity via vectors related to the Automated Installer sub-component. | 4.7 |
| 2016-04-07 | CVE-2015-2774 | Information Exposure vulnerability in multiple products Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). | 5.9 |
| 2016-02-13 | CVE-2015-8629 | Out-of-bounds Read vulnerability in multiple products The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string. | 5.3 |