Skip to main content

Solaris

485 CVEs product

Monthly

CVE-2018-3275 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LibKMIP). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
7.4
EPSS
2.4%
CVE-2018-3274 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
5.7
EPSS
1.8%
CVE-2018-3273 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Remote Administration Daemon (RAD)). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
8.1
EPSS
2.7%
CVE-2018-3272 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones Virtualized NIC Driver). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
6.2
EPSS
0.5%
CVE-2018-3271 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones). Rated medium severity (CVSS 5.3).

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2018-3270 LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 1.8).

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
1.8
EPSS
0.4%
CVE-2018-3269 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SMB Server). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
4.3
EPSS
2.0%
CVE-2018-3268 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SMB Server). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
5.3
EPSS
2.7%
CVE-2018-3267 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LFTP). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
5.3
EPSS
2.1%
CVE-2018-3266 LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Verified Boot). Rated low severity (CVSS 3.9).

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
3.9
EPSS
0.4%
CVE-2018-3265 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zones). Rated medium severity (CVSS 4.9), this vulnerability is no authentication required.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
4.9
EPSS
0.4%
CVE-2018-3264 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
4.4
EPSS
0.4%
CVE-2018-3263 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Sudo). Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
5.6
EPSS
1.5%
CVE-2018-3172 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
5.3
EPSS
2.8%
CVE-2018-2922 LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 2.5).

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
2.5
EPSS
0.4%
CVE-2018-2928 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RAD). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
8.1
EPSS
2.0%
CVE-2018-2926 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NVIDIA-GFX Kernel driver). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Nvidia Denial Of Service Solaris
NVD
CVSS 3.0
7.6
EPSS
1.4%
CVE-2018-2908 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
7.7
EPSS
1.8%
CVE-2018-2903 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
4.4
EPSS
0.5%
CVE-2018-2901 LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
3.7
EPSS
2.1%
CVE-2018-2892 HIGH POC PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Availability Suite Service). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Oracle Information Disclosure Solaris
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.7%
CVE-2018-3639 MEDIUM POC PATCH THREAT This Month

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 46.0%.

Authentication Bypass Atom C Atom E Atom X5 E3930 Atom X5 E3940 +278
NVD Exploit-DB VulDB
CVSS 3.1
5.5
EPSS
46.0%
Threat
4.0
CVE-2018-2808 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
5.0
EPSS
0.5%
CVE-2018-2764 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
7.5
EPSS
3.2%
CVE-2018-2763 LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NTPD). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
3.3
EPSS
0.4%
CVE-2018-2754 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: ZVNET Driver). Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
7.7
EPSS
0.5%
CVE-2018-2753 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Python modules). Rated medium severity (CVSS 6.0).

Oracle Authentication Bypass Python Solaris
NVD
CVSS 3.0
6.0
EPSS
0.5%
CVE-2018-2718 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
7.5
EPSS
3.2%
CVE-2018-2563 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LDAP Library). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
4.2
EPSS
1.0%
CVE-2018-1171 HIGH PATCH This Week

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. Rated high severity (CVSS 7.0). This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Smartos Solaris
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2018-1165 HIGH This Week

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. Rated high severity (CVSS 7.0). No vendor patch available.

Heap Overflow Buffer Overflow Smartos Solaris Zfs Storage Appliance
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2018-2717 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
6.6
EPSS
0.5%
CVE-2018-2710 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2018-2578 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.2).

Oracle Information Disclosure Solaris
NVD
CVSS 3.0
7.2
EPSS
0.4%
CVE-2018-2577 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-2560 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.0).

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
5.0
EPSS
0.4%
CVE-2017-5753 MEDIUM POC PATCH THREAT This Month

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Rated medium severity (CVSS 5.6). Public exploit code available and EPSS exploitation probability 94.3%.

Authentication Bypass Atom C Atom E Atom X3 Atom X5 E3930 +304
NVD Exploit-DB VulDB
CVSS 3.1
5.6
EPSS
94.3%
Threat
5.4
CVE-2017-3632 CRITICAL PATCH Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: CDE Calendar). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.3%.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
9.8
EPSS
10.3%
CVE-2017-10122 LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 1.8).

Authentication Bypass Oracle Solaris
NVD
CVSS 3.0
1.8
EPSS
0.1%
CVE-2017-10095 LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Oracle Solaris
NVD
CVSS 3.0
3.3
EPSS
0.1%
CVE-2017-10062 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Oracle Java Web Console). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity.

Denial Of Service Java Oracle Solaris
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2017-10042 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: IKE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Solaris
NVD
CVSS 3.0
7.5
EPSS
5.6%
CVE-2017-10036 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NFSv4). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Solaris
NVD
CVSS 3.0
7.5
EPSS
5.6%
CVE-2017-10004 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2017-10003 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Network Services Library). Rated medium severity (CVSS 4.5).

Denial Of Service Oracle Solaris
NVD
CVSS 3.0
4.5
EPSS
0.1%
CVE-2017-3631 MEDIUM POC PATCH THREAT This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Buffer Overflow Denial Of Service Oracle Solaris
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
10.9%
CVE-2017-3630 MEDIUM POC PATCH THREAT This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Buffer Overflow Memory Corruption Denial Of Service Oracle Solaris
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
10.9%
CVE-2017-3629 HIGH POC PATCH THREAT Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 29.4%.

Buffer Overflow Oracle Solaris
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
29.4%
CVE-2017-3623 CRITICAL POC PATCH THREAT Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel RPC). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 76.9%.

Information Disclosure Oracle Solaris
NVD Exploit-DB
CVSS 3.0
10.0
EPSS
76.9%
Threat
5.8
CVE-2017-3622 HIGH POC PATCH THREAT Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE)). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 19.6%.

Information Disclosure Oracle Solaris
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
19.6%
CVE-2017-3565 HIGH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RBAC). Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Solaris
NVD
CVSS 3.0
7.9
EPSS
0.1%
CVE-2017-3564 HIGH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RBAC). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
8.2
EPSS
0.1%
CVE-2017-3551 MEDIUM This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Smartcard Libraries). Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Solaris
NVD
CVSS 3.0
6.6
EPSS
0.1%
CVE-2017-3516 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized NIC driver). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Solaris
NVD
CVSS 3.0
7.7
EPSS
0.4%
CVE-2017-3510 CRITICAL PATCH Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized NIC driver). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Solaris
NVD
CVSS 3.0
9.6
EPSS
0.5%
CVE-2017-3498 LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure Solaris
NVD
CVSS 3.0
3.3
EPSS
0.1%
CVE-2017-3497 HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Remote Administration Daemon). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Solaris
NVD
CVSS 3.0
7.3
EPSS
0.6%
CVE-2017-3474 LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zone). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Authentication Bypass Oracle Solaris
NVD
CVSS 3.0
3.3
EPSS
0.1%
CVE-2016-4483 HIGH POC PATCH This Week

The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Deserialization Denial Of Service Libxml2 Debian Linux +1
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2017-3301 LOW Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Solaris
NVD VulDB
CVSS 3.0
3.3
EPSS
0.5%
CVE-2017-3276 MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized block driver). Rated medium severity (CVSS 5.7).

Denial Of Service Oracle Solaris
NVD VulDB
CVSS 3.0
5.7
EPSS
0.0%
CVE-2016-8330 LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Solaris
NVD VulDB
CVSS 3.0
3.7
EPSS
0.4%
CVE-2016-2334 HIGH POC PATCH THREAT Act Now

Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.3%.

RCE Buffer Overflow 7 Zip Fedora Solaris
NVD
CVSS 3.0
7.8
EPSS
16.3%
CVE-2016-6491 HIGH POC PATCH This Week

Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Information Disclosure Buffer Overflow Imagemagick Solaris
NVD GitHub
CVSS 3.0
8.8
EPSS
1.2%
CVE-2016-5842 HIGH POC PATCH This Week

MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Imagemagick Solaris
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2016-5841 CRITICAL POC PATCH THREAT Act Now

Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 23.0%.

Integer Overflow RCE Denial Of Service Imagemagick Solaris
NVD GitHub
CVSS 3.0
9.8
EPSS
23.0%
Threat
4.1
CVE-2016-5691 CRITICAL POC PATCH Act Now

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Solaris Imagemagick
NVD GitHub
CVSS 3.0
9.8
EPSS
1.3%
CVE-2016-5690 CRITICAL POC PATCH Act Now

The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Solaris Imagemagick
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2016-5689 CRITICAL POC PATCH Act Now

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Solaris Imagemagick
NVD GitHub
CVSS 3.0
9.8
EPSS
2.0%
CVE-2016-5688 HIGH PATCH This Week

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Solaris Imagemagick
NVD GitHub
CVSS 3.0
8.1
EPSS
2.2%
CVE-2016-5687 CRITICAL Act Now

The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Imagemagick Solaris
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2015-8786 MEDIUM PATCH This Month

The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Solaris Rabbitmq
NVD GitHub
CVSS 3.0
6.5
EPSS
1.3%
CVE-2016-5615 LOW PATCH Monitor

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
3.3
EPSS
0.1%
CVE-2016-5606 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
6.1
EPSS
0.0%
CVE-2016-5576 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel Zones. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2016-5566 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect confidentiality via unknown vectors. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-5561 LOW PATCH Monitor

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect availability via vectors related to IKE. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
3.1
EPSS
0.7%
CVE-2016-5559 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect integrity via vectors related to Kernel. Rated medium severity (CVSS 4.1).

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
4.1
EPSS
0.1%
CVE-2016-5553 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
5.0
EPSS
0.1%
CVE-2016-5544 HIGH PATCH This Week

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-5487 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
5.3
EPSS
0.0%
CVE-2016-5480 LOW PATCH Monitor

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
2.8
EPSS
0.1%
CVE-2016-2776 HIGH POC THREAT Act Now

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 88.4%.

Denial Of Service Linux Vm Server Bind Hp Ux +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
88.4%
Threat
5.7
CVE-2016-5844 MEDIUM POC PATCH This Month

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Libarchive Enterprise Linux Desktop Enterprise Linux Hpc Node +7
NVD GitHub
CVSS 3.0
6.5
EPSS
1.5%
CVE-2016-6302 HIGH PATCH Act Now

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.4%.

Denial Of Service OpenSSL Linux Solaris
NVD
CVSS 3.0
7.5
EPSS
10.4%
CVE-2016-5358 MEDIUM This Month

epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Wireshark Solaris
NVD GitHub
CVSS 3.0
5.9
EPSS
0.2%
CVE-2016-5357 MEDIUM This Month

wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Wireshark Solaris
NVD GitHub
CVSS 3.0
5.9
EPSS
0.7%
CVE-2016-6185 HIGH POC This Week

The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Perl Fedora Debian Linux Solaris +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2016-5471 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5469. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2016-5469 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5471. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
CVSS 3.0
5.5
EPSS
0.1%
EPSS 2% CVSS 7.4
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LibKMIP). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Solaris
NVD
EPSS 2% CVSS 5.7
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 3% CVSS 8.1
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Remote Administration Daemon (RAD)). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Solaris
NVD
EPSS 1% CVSS 6.2
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones Virtualized NIC Driver). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones). Rated medium severity (CVSS 5.3).

Oracle Denial Of Service Solaris
NVD
EPSS 0% CVSS 1.8
LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 1.8).

Oracle Denial Of Service Solaris
NVD
EPSS 2% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SMB Server). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SMB Server). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LFTP). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Solaris
NVD
EPSS 0% CVSS 3.9
LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Verified Boot). Rated low severity (CVSS 3.9).

Oracle Denial Of Service Solaris
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zones). Rated medium severity (CVSS 4.9), this vulnerability is no authentication required.

Oracle Denial Of Service Solaris
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 2% CVSS 5.6
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Sudo). Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Oracle Denial Of Service Solaris
NVD
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 0% CVSS 2.5
LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 2.5).

Oracle Authentication Bypass Solaris
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RAD). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Solaris
NVD
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NVIDIA-GFX Kernel driver). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Nvidia Denial Of Service +1
NVD
EPSS 2% CVSS 7.7
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
EPSS 2% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Oracle Denial Of Service Solaris
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Availability Suite Service). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Oracle Information Disclosure Solaris
NVD Exploit-DB
EPSS 46% 4.0 CVSS 5.5
MEDIUM POC PATCH THREAT This Month

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 46.0%.

Authentication Bypass Atom C Atom E +280
NVD Exploit-DB VulDB
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NTPD). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: ZVNET Driver). Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Python modules). Rated medium severity (CVSS 6.0).

Oracle Authentication Bypass Python +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 1% CVSS 4.2
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LDAP Library). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Solaris
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. Rated high severity (CVSS 7.0). This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Smartos +1
NVD
EPSS 1% CVSS 7.0
HIGH This Week

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. Rated high severity (CVSS 7.0). No vendor patch available.

Heap Overflow Buffer Overflow Smartos +2
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.2).

Oracle Information Disclosure Solaris
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.0).

Oracle Authentication Bypass Solaris
NVD
EPSS 94% 5.4 CVSS 5.6
MEDIUM POC PATCH THREAT This Month

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Rated medium severity (CVSS 5.6). Public exploit code available and EPSS exploitation probability 94.3%.

Authentication Bypass Atom C Atom E +306
NVD Exploit-DB VulDB
EPSS 10% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: CDE Calendar). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.3%.

Information Disclosure Oracle Solaris
NVD
EPSS 0% CVSS 1.8
LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 1.8).

Authentication Bypass Oracle Solaris
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Oracle Solaris
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Oracle Java Web Console). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity.

Denial Of Service Java Oracle +1
NVD
EPSS 6% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: IKE). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Solaris
NVD
EPSS 6% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NFSv4). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Solaris
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
EPSS 0% CVSS 4.5
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Network Services Library). Rated medium severity (CVSS 4.5).

Denial Of Service Oracle Solaris
NVD
EPSS 11% CVSS 5.3
MEDIUM POC PATCH THREAT This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Buffer Overflow Denial Of Service Oracle +1
NVD Exploit-DB
EPSS 11% CVSS 5.3
MEDIUM POC PATCH THREAT This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Buffer Overflow Memory Corruption Denial Of Service +2
NVD Exploit-DB
EPSS 29% CVSS 7.8
HIGH POC PATCH THREAT Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 29.4%.

Buffer Overflow Oracle Solaris
NVD Exploit-DB
EPSS 77% 5.8 CVSS 10.0
CRITICAL POC PATCH THREAT Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel RPC). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 76.9%.

Information Disclosure Oracle Solaris
NVD Exploit-DB
EPSS 20% CVSS 7.8
HIGH POC PATCH THREAT Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment (CDE)). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 19.6%.

Information Disclosure Oracle Solaris
NVD Exploit-DB
EPSS 0% CVSS 7.9
HIGH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RBAC). Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Solaris
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RBAC). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Solaris
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Smartcard Libraries). Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Solaris
NVD
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized NIC driver). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Solaris
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized NIC driver). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Solaris
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure Solaris
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Remote Administration Daemon). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Solaris
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Zone). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Authentication Bypass Oracle Solaris
NVD
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Deserialization Denial Of Service +3
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Solaris
NVD VulDB
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized block driver). Rated medium severity (CVSS 5.7).

Denial Of Service Oracle Solaris
NVD VulDB
EPSS 0% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Solaris
NVD VulDB
EPSS 16% CVSS 7.8
HIGH POC PATCH THREAT Act Now

Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.3%.

RCE Buffer Overflow 7 Zip +2
NVD
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Information Disclosure Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Imagemagick +1
NVD GitHub
EPSS 23% 4.1 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 23.0%.

Integer Overflow RCE Denial Of Service +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Solaris Imagemagick
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Solaris +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Null Pointer Dereference Solaris +1
NVD GitHub
EPSS 2% CVSS 8.1
HIGH PATCH This Week

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Solaris Imagemagick
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Imagemagick +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Solaris Rabbitmq
NVD GitHub
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel Zones. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect confidentiality via unknown vectors. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Solaris
NVD
EPSS 1% CVSS 3.1
LOW PATCH Monitor

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect availability via vectors related to IKE. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Solaris
NVD
EPSS 0% CVSS 4.1
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect integrity via vectors related to Kernel. Rated medium severity (CVSS 4.1).

Information Disclosure Oracle Solaris
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
EPSS 0% CVSS 2.8
LOW PATCH Monitor

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
EPSS 88% 5.7 CVSS 7.5
HIGH POC THREAT Act Now

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 88.4%.

Denial Of Service Linux Vm Server +3
NVD Exploit-DB
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Libarchive +9
NVD GitHub
EPSS 10% CVSS 7.5
HIGH PATCH Act Now

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.4%.

Denial Of Service OpenSSL Linux +1
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Wireshark Solaris
NVD GitHub
EPSS 1% CVSS 5.9
MEDIUM This Month

wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Wireshark Solaris
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Perl Fedora +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5469. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5471. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Oracle Solaris
NVD
Prev Page 2 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy