Oracle

Solaris

555 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.73%
  • Veröffentlicht 26.05.2015 15:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a cr...

  • EPSS 2.96%
  • Veröffentlicht 26.05.2015 15:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafte...

  • EPSS 1.8%
  • Veröffentlicht 19.05.2015 18:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a (1) Glance image, (2) Nova flavor or (3) Host Aggregate.

  • EPSS 11.4%
  • Veröffentlicht 18.05.2015 15:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle atta...

  • EPSS 7.42%
  • Veröffentlicht 14.05.2015 10:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2...

  • EPSS 2.88%
  • Veröffentlicht 12.05.2015 19:59:26
  • Zuletzt bearbeitet 06.05.2026 22:30:45

OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keys...

Exploit
  • EPSS 4.46%
  • Veröffentlicht 08.05.2015 14:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malforme...

  • EPSS 37.63%
  • Veröffentlicht 24.04.2015 14:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via...

  • EPSS 3.06%
  • Veröffentlicht 16.04.2015 17:00:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows remote attackers to affect availability via vectors related to Kernel IDMap.

  • EPSS 0.44%
  • Veröffentlicht 16.04.2015 17:00:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Accounting commands.