NotCVE - vendor:"Oracle" product:"Solaris" version:"11.3"

Page 10 of 300 results (0.051 seconds)

CVSS: 5.8EPSS: 89%CPEs: 84EXPL: 2

CVE-2016-3715 – ImageMagick Arbitrary File Deletion Vulnerability

https://notcve.org/view.php?id=CVE-2016-3715

05 May 2016 — The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. El codificador EPHEMERAL en ImageMagick en versiones anteriores a 6.9.3-10 y 7.x en versiones anteriores a 7.0.1-1 permite a atacantes remotos eliminar archivos arbitrarios a través de una imagen manipulada. It was discovered that certain ImageMagick coders and pseudo-protocols did not properly prevent security sensitive operations when processing specially crafted... • https://www.exploit-db.com/exploits/39767 • CWE-20: Improper Input Validation CWE-552: Files or Directories Accessible to External Parties •

CVSS: 5.5EPSS: 90%CPEs: 84EXPL: 1

CVE-2016-3718 – ImageMagick Server-Side Request Forgery (SSRF) Vulnerability

https://notcve.org/view.php?id=CVE-2016-3718

05 May 2016 — The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. Los codificadores (1) HTTP y (2) FTP en ImageMagick en versiones anteriores a 6.9.3-10 y 7.x en versiones anteriores a 7.0.1-1 permiten a atacantes remotos llevar a cabo ataques de falsificación de peticiones del lado del servidor (SSRF) a través de una imagen manipulada. A server-side request forgery flaw was discovered in th... • https://www.exploit-db.com/exploits/39767 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 7.5EPSS: 0%CPEs: 28EXPL: 1

CVE-2016-3627 – libxml2: stack exhaustion while parsing xml files in recovery mode

https://notcve.org/view.php?id=CVE-2016-3627

03 May 2016 — The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document. La función xmlStringGetNodeList en tree.c en libxml2.2.9.3 y versiones anteriores, cuando se utiliza en modo de recuperación, permite a atacantes dependientes del contexto provocar una denegación de servicio (bucle infinito, consumo de pila y caída de la ... • https://packetstorm.news/files/id/136900 • CWE-674: Uncontrolled Recursion •

CVSS: 5.9EPSS: 0%CPEs: 16EXPL: 0

CVE-2016-4079 – Debian Security Advisory 3585-1

https://notcve.org/view.php?id=CVE-2016-4079

25 Apr 2016 — epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet. epan/dissectors/packet-pktc.c en el disector PKTC en Wireshark 1.12.x en versiones anteriores a 1.12.11 y 2.0.x en versiones anteriores a 2.0.3 no verifica identificadores BER, lo que permite a atacantes remotos provocar una denegación de servi... • http://www.debian.org/security/2016/dsa-3585 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.9EPSS: 0%CPEs: 16EXPL: 0

CVE-2016-4085 – Debian Security Advisory 3585-1

https://notcve.org/view.php?id=CVE-2016-4085

25 Apr 2016 — Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet. Desbordamiento de buffer basado en pila en epan/dissectors/packet-ncp2222.inc en el disector NCP en Wireshark 1.12.x en versiones anteriores a 1.12.11 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posib... • http://www.debian.org/security/2016/dsa-3585 • CWE-20: Improper Input Validation •

CVSS: 5.9EPSS: 0%CPEs: 16EXPL: 0

CVE-2016-4082 – Debian Security Advisory 3585-1

https://notcve.org/view.php?id=CVE-2016-4082

25 Apr 2016 — epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet. epan/dissectors/packet-gsm_cbch.c en el disector GSM CBCH en Wireshark 1.12.x en versiones anteriores a 1.12.11 y 2.0.x en versiones anteriores a 2.0.3 utiliza la variable incorrecta para indexar un array, lo que permite a at... • http://www.debian.org/security/2016/dsa-3585 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-3419

https://notcve.org/view.php?id=CVE-2016-3419

21 Apr 2016 — Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.3 permite a usuarios locales afectar a la disponibilidad a través de vectores relacionados con Filesystem. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-0623

https://notcve.org/view.php?id=CVE-2016-0623

21 Apr 2016 — Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect integrity via vectors related to the Automated Installer sub-component. Vulnerabilidad no especificada en Oracle Sun Solaris 11.3 permite a atacantes remotos afectar a la integridad a través de vectores relacionados con el subcomponente Automated Installer. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •

CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-0669

https://notcve.org/view.php?id=CVE-2016-0669

21 Apr 2016 — Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Fwflash. Vulnerabilidad no especificada en Oracle Sun Solaris 11.3 permite a usuarios locales afectar a la integridad y disponibilidad a través de vectores relacionados con Fwflash. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-3441

https://notcve.org/view.php?id=CVE-2016-3441

21 Apr 2016 — Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Filesystem. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.3 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con Filesystem. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •

1...8 9 10 11 12