Vulnerabilities > Oracle > Solaris > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-12-09 | CVE-2015-8786 | Resource Management Errors vulnerability in multiple products The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_incr parameter. | 6.5 |
2016-10-25 | CVE-2016-5606 | Improper Access Control vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones. | 6.1 |
2016-10-25 | CVE-2016-5576 | Improper Access Control vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel Zones. | 5.5 |
2016-10-25 | CVE-2016-5566 | Improper Access Control vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect confidentiality via unknown vectors. | 5.3 |
2016-10-25 | CVE-2016-5559 | Unspecified vulnerability in Oracle Solaris 10/11.3 Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect integrity via vectors related to Kernel. | 4.1 |
2016-10-25 | CVE-2016-5553 | Unspecified vulnerability in Oracle Solaris 10/11.3 Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors. | 5.0 |
2016-10-25 | CVE-2016-5487 | Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | 5.3 |
2016-09-21 | CVE-2016-5844 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file. | 6.5 |
2016-08-07 | CVE-2016-5358 | Improper Input Validation vulnerability in multiple products epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.9 |
2016-08-07 | CVE-2016-5357 | Improper Input Validation vulnerability in multiple products wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | 5.9 |