Vulnerabilities > Oracle > Solaris > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-07-21 CVE-2016-5471 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5469.
local
low complexity
oracle
5.5
2016-07-21 CVE-2016-5469 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5471.
local
low complexity
oracle
5.5
2016-07-21 CVE-2016-5454 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot.
local
high complexity
oracle
6.4
2016-07-21 CVE-2016-5452 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot.
local
low complexity
oracle
5.5
2016-07-21 CVE-2016-3497 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-5469 and CVE-2016-5471.
local
low complexity
oracle
5.5
2016-07-21 CVE-2016-3453 Unspecified vulnerability in Oracle Solaris 10
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to Kernel.
local
low complexity
oracle
5.5
2016-07-05 CVE-2016-4956 ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet.
network
low complexity
ntp oracle novell suse opensuse siemens
5.3
2016-07-05 CVE-2016-4955 Race Condition vulnerability in multiple products
ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
network
high complexity
ntp oracle novell suse opensuse siemens CWE-362
5.9
2016-06-20 CVE-2016-2178 Information Exposure Through Discrepancy vulnerability in multiple products
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
5.5
2016-05-05 CVE-2016-3718 Server-Side Request Forgery (SSRF) vulnerability in multiple products
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
5.5