Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:x86:*
There are 94 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2016-2178

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.

Published: June 19, 2016; 9:59:03 PM -0400
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2016-2177

OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.

Published: June 19, 2016; 9:59:02 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2016-5118

The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.

Published: June 10, 2016; 11:59:06 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module.

Published: April 21, 2016; 6:59:53 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2016-0676

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to the kernel.

Published: April 21, 2016; 6:59:38 AM -0400
V3.0: 4.7 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2015-8629

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.

Published: February 12, 2016; 9:59:00 PM -0500
V3.1: 5.3 MEDIUM
V2.0: 2.1 LOW
CVE-2016-0535

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via vectors related to RPC.

Published: January 20, 2016; 10:01:23 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-8000

db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.

Published: December 16, 2015; 10:59:01 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-3195

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.

Published: December 06, 2015; 3:59:05 PM -0500
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2015-4869

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via unknown vectors related to Kernel.

Published: October 21, 2015; 7:59:33 PM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2015-2642

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gzip.

Published: October 21, 2015; 5:59:03 PM -0400
V3.x:(not available)
V2.0: 4.4 MEDIUM
CVE-2015-4491

Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.

Published: August 15, 2015; 9:59:19 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-4770

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to UNIX filesystem.

Published: July 16, 2015; 7:01:01 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2015-2662

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to DHCP Server.

Published: July 16, 2015; 7:00:20 AM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2015-2631

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rmformat.

Published: July 16, 2015; 6:59:54 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2015-2589

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to S10 Branded Zone.

Published: July 16, 2015; 6:59:16 AM -0400
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2015-2580

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to NFSv4.

Published: July 16, 2015; 6:59:07 AM -0400
V3.x:(not available)
V2.0: 1.9 LOW
CVE-2015-2577

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Accounting commands.

Published: April 16, 2015; 1:00:08 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2015-2574

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality via unknown vectors related to Text Utilities.

Published: April 16, 2015; 1:00:06 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2015-0471

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to libelfsign.

Published: April 16, 2015; 12:59:25 PM -0400
V3.x:(not available)
V2.0: 4.4 MEDIUM