Product:

Solaris

(Oracle)
Date Id Summary Products Score Patch Annotated
2016-01-20 CVE-2015-5295 A vulnerability was discovered in the OpenStack Orchestration service (heat), where a specially formatted template could be used to trick the heat-engine service into opening a local file. Although the file contents are never disclosed to the end user, an OpenStack-authenticated attacker could use this flaw to cause a denial of service or determine whether a given file name is present on the server. Fedora, Orchestration_api, Solaris, Openstack 5.4
2016-06-30 CVE-2016-4971 It was found that wget used a file name provided by the server for the downloaded file when following a HTTP redirect to a FTP server resource. This could cause wget to create a file with a different name than expected, possibly allowing the server to execute arbitrary code on the client. Ubuntu_linux, Wget, Solaris, Pan\-Os 8.8
2013-03-08 CVE-2011-3201 CVE-2011-3201 evolution: mailto URL scheme attachment header improper input validation Evolution, Solaris, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation N/A
2014-12-10 CVE-2014-8094 An integer overflow flaw was found in the way the X.Org server calculated memory requirements for certain DRI2 extension requests. A malicious, authenticated client could use this flaw to crash the X.Org server. Debian_linux, Solaris, Xorg\-Server N/A
2014-12-12 CVE-2014-8124 A denial of service flaw was found in the OpenStack Dashboard (horizon) when using the db or memcached session engine. An attacker could make repeated requests to the login page, which would result in a large number of unwanted backend session entries, possibly leading to a denial of service. Fedora, Horizon, Opensuse, Solaris N/A
2016-04-21 CVE-2016-3419 Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem. Solaris 3.3
2016-04-21 CVE-2016-3441 Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Filesystem. Solaris 7.8
2019-10-16 CVE-2019-3010 Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score... Solaris 8.8
2023-01-18 CVE-2023-21900 Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful... Solaris 4.0
2022-12-26 CVE-2021-43395 An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected. Illumos, Smartos, Omnios, Openindiana, Solaris 5.5