Oracle

Solaris

546 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6

CVE-2015-4482

  • EPSS 0.08%
  • Published 16.08.2015 01:59:09
  • Last modified 12.04.2025 10:46:40

mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows local users to gain privileges or cause a denial of service (out-of-bounds write) via a crafted name of a Mozilla Archive (aka MAR) file.

3.3

CVE-2015-4481

  • EPSS 0.19%
  • Published 16.08.2015 01:59:08
  • Last modified 12.04.2025 10:46:40

Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log fi...

5

CVE-2015-1819

  • EPSS 2.91%
  • Published 14.08.2015 18:59:03
  • Last modified 12.04.2025 10:46:40

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

8.8

CVE-2015-4495

Warning Exploit
  • EPSS 69.92%
  • Published 08.08.2015 00:59:04
  • Last modified 30.07.2025 03:15:45

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript...

6.8

CVE-2015-1283

  • EPSS 0.63%
  • Published 23.07.2015 00:59:12
  • Last modified 12.04.2025 10:46:40

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspec...

6.8

CVE-2015-1270

  • EPSS 1.17%
  • Published 23.07.2015 00:59:00
  • Last modified 12.04.2025 10:46:40

The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a d...

5

CVE-2015-4651

  • EPSS 0.43%
  • Published 22.07.2015 01:59:03
  • Last modified 12.04.2025 10:46:40

The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remot...

5

CVE-2015-0253

  • EPSS 12.98%
  • Published 20.07.2015 23:59:00
  • Last modified 12.04.2025 10:46:40

The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending...

4.9

CVE-2015-4770

  • EPSS 0.27%
  • Published 16.07.2015 11:01:01
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to UNIX filesystem.

4

CVE-2015-4752

  • EPSS 0.36%
  • Published 16.07.2015 11:00:46
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.