U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
There are 79 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2018-2901

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via DHCP to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Solaris. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).

Published: July 18, 2018; 9:29:01 AM -0400 		V3.0: 3.7 LOW
 V2.0: 4.3 MEDIUM
CVE-2015-2774

Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).

Published: April 07, 2016; 5:59:00 PM -0400 		V3.0: 5.9 MEDIUM
 V2.0: 4.3 MEDIUM
CVE-2015-4907

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2015-4820.

Published: October 21, 2015; 8:00:10 PM -0400 		V3.x:(not available)
 V2.0: 4.6 MEDIUM
CVE-2015-4891

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to NSCD.

Published: October 21, 2015; 7:59:52 PM -0400 		V3.x:(not available)
 V2.0: 4.6 MEDIUM
CVE-2015-4869

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via unknown vectors related to Kernel.

Published: October 21, 2015; 7:59:33 PM -0400 		V3.x:(not available)
 V2.0: 4.9 MEDIUM
CVE-2015-4837

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Security.

Published: October 21, 2015; 7:59:04 PM -0400 		V3.x:(not available)
 V2.0: 6.6 MEDIUM
CVE-2015-4834

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Zones.

Published: October 21, 2015; 7:59:01 PM -0400 		V3.x:(not available)
 V2.0: 3.7 LOW
CVE-2015-4831

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2015-4822.

Published: October 21, 2015; 5:59:44 PM -0400 		V3.x:(not available)
 V2.0: 4.9 MEDIUM
CVE-2015-4822

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2015-4831.

Published: October 21, 2015; 5:59:37 PM -0400 		V3.x:(not available)
 V2.0: 1.2 LOW
CVE-2015-4820

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2015-4907.

Published: October 21, 2015; 5:59:35 PM -0400 		V3.x:(not available)
 V2.0: 6.2 MEDIUM
CVE-2015-4817

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel Zones virtualized NIC driver.

Published: October 21, 2015; 5:59:32 PM -0400 		V3.x:(not available)
 V2.0: 6.2 MEDIUM
CVE-2015-4801

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality via unknown vectors related to Solaris Kernel Zones.

Published: October 21, 2015; 5:59:18 PM -0400 		V3.x:(not available)
 V2.0: 2.1 LOW
CVE-2015-2642

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gzip.

Published: October 21, 2015; 5:59:03 PM -0400 		V3.x:(not available)
 V2.0: 4.4 MEDIUM
CVE-2015-3219

Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack Dashboard (Horizon) 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handled in the help_text attribute in the Field class.

Published: August 20, 2015; 4:59:00 PM -0400 		V3.x:(not available)
 V2.0: 4.3 MEDIUM
CVE-2015-4770

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to UNIX filesystem.

Published: July 16, 2015; 7:01:01 AM -0400 		V3.x:(not available)
 V2.0: 4.9 MEDIUM
CVE-2015-2662

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to DHCP Server.

Published: July 16, 2015; 7:00:20 AM -0400 		V3.x:(not available)
 V2.0: 1.9 LOW
CVE-2015-2651

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via vectors related to Kernel Zones virtualized NIC driver.

Published: July 16, 2015; 7:00:10 AM -0400 		V3.x:(not available)
 V2.0: 3.8 LOW
CVE-2015-2631

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rmformat.

Published: July 16, 2015; 6:59:54 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2015-2614

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via vectors related to NVM Express SSD driver.

Published: July 16, 2015; 6:59:38 AM -0400 		V3.x:(not available)
 V2.0: 4.9 MEDIUM
CVE-2015-2609

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via vectors related to CPU performance counters drivers.

Published: July 16, 2015; 6:59:33 AM -0400 		V3.x:(not available)
 V2.0: 4.9 MEDIUM