Oracle

Solaris

553 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2015-1351

Exploit
  • EPSS 19.13%
  • Veröffentlicht 30.03.2015 10:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

4.3

CVE-2015-2317

  • EPSS 2.88%
  • Veröffentlicht 25.03.2015 14:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a con...

5

CVE-2015-2316

  • EPSS 2.25%
  • Veröffentlicht 25.03.2015 14:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the ...

7.5

CVE-2015-2155

  • EPSS 4.54%
  • Veröffentlicht 24.03.2015 17:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

5

CVE-2015-2190

  • EPSS 0.3%
  • Veröffentlicht 08.03.2015 02:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is ...

5

CVE-2015-2189

  • EPSS 0.41%
  • Veröffentlicht 08.03.2015 02:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via...

5

CVE-2015-2188

  • EPSS 0.34%
  • Veröffentlicht 08.03.2015 02:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and applicatio...

6.8

CVE-2015-0829

  • EPSS 2.65%
  • Veröffentlicht 25.02.2015 11:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.

6.8

CVE-2015-0828

  • EPSS 1.36%
  • Veröffentlicht 25.02.2015 11:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruptio...

6.4

CVE-2014-9512

Exploit
  • EPSS 8.88%
  • Veröffentlicht 12.02.2015 16:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.