Vulnerabilities > Oracle > Solaris > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-05-05 CVE-2016-3715 The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. 5.5
2016-04-25 CVE-2016-4085 Improper Input Validation vulnerability in multiple products
Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet.
network
high complexity
oracle debian wireshark CWE-20
5.9
2016-04-25 CVE-2016-4082 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet.
network
high complexity
wireshark debian oracle CWE-119
5.9
2016-04-25 CVE-2016-4079 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet.
network
high complexity
debian oracle wireshark CWE-119
5.9
2016-04-21 CVE-2016-3465 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to ZFS.
local
low complexity
oracle
5.5
2016-04-21 CVE-2016-3462 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Network Configuration Service.
local
low complexity
oracle
5.5
2016-04-21 CVE-2016-0676 Unspecified vulnerability in Oracle Solaris 10
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to the kernel.
local
high complexity
oracle
4.7
2016-04-21 CVE-2016-0669 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Fwflash.
local
low complexity
oracle
6.0
2016-04-21 CVE-2016-0623 Unspecified vulnerability in Oracle Solaris 11.3
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect integrity via vectors related to the Automated Installer sub-component.
network
low complexity
oracle
4.7
2016-04-07 CVE-2015-2774 Information Exposure vulnerability in multiple products
Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).
network
high complexity
erlang oracle opensuse CWE-200
5.9