Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
There are 310 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2016-3462

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Network Configuration Service.

Published: April 21, 2016; 7:00:40 AM -0400
V3.0: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module.

Published: April 21, 2016; 6:59:53 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2016-0669

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Fwflash.

Published: April 21, 2016; 6:59:33 AM -0400
V3.0: 6.0 MEDIUM
V2.0: 5.2 MEDIUM
CVE-2016-0623

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect integrity via vectors related to the Automated Installer sub-component.

Published: April 21, 2016; 6:59:07 AM -0400
V3.0: 4.7 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-2381

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.

Published: April 08, 2016; 11:59:05 AM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2015-8629

The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.

Published: February 12, 2016; 9:59:00 PM -0500
V3.1: 5.3 MEDIUM
V2.0: 2.1 LOW
CVE-2015-7546

The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers, which allows remote authenticated users to bypass intended access restrictions and gain access to cloud resources by manipulating byte fields within a revoked token.

Published: February 03, 2016; 1:59:04 PM -0500
V3.1: 7.5 HIGH
V2.0: 6.0 MEDIUM
CVE-2016-0616

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Published: January 20, 2016; 10:02:39 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2016-0609

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.

Published: January 20, 2016; 10:02:36 PM -0500
V3.x:(not available)
V2.0: 1.7 LOW
CVE-2016-0608

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.

Published: January 20, 2016; 10:02:35 PM -0500
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2016-0606

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.

Published: January 20, 2016; 10:02:32 PM -0500
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2016-0600

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Published: January 20, 2016; 10:02:28 PM -0500
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2016-0598

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.

Published: January 20, 2016; 10:02:26 PM -0500
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2016-0597

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Published: January 20, 2016; 10:02:25 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2016-0596

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.

Published: January 20, 2016; 10:02:24 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2016-0546

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.

Published: January 20, 2016; 10:01:33 PM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2016-0505

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.

Published: January 20, 2016; 10:00:53 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5295

The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a template, as demonstrated by file:///dev/zero.

Published: January 20, 2016; 11:59:00 AM -0500
V3.0: 5.4 MEDIUM
V2.0: 5.5 MEDIUM
CVE-2016-0778

The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.

Published: January 14, 2016; 5:59:02 PM -0500
V3.0: 8.1 HIGH
V2.0: 4.6 MEDIUM
CVE-2016-0777

The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

Published: January 14, 2016; 5:59:01 PM -0500
V3.0: 6.5 MEDIUM
V2.0: 4.0 MEDIUM