CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10004
https://notcve.org/view.php?id=CVE-2017-10004
08 Aug 2017 — Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in takeover of Solaris. CVSS 3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html •
CVSS: 1.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10122
https://notcve.org/view.php?id=CVE-2017-10122
08 Aug 2017 — Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Solaris accessible ... • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 4CVE-2017-3629 – Solaris - RSH Stack Clash Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-3629
22 Jun 2017 — Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in takeover of Solaris. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). • https://packetstorm.news/files/id/143202 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 4CVE-2017-3630 – Solaris - RSH Stack Clash Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-3630
22 Jun 2017 — Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Solaris accessible data as well as unauthorized read access to a subset of Solaris accessible data and una... • https://packetstorm.news/files/id/143202 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 4CVE-2017-3631 – Solaris - RSH Stack Clash Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-3631
22 Jun 2017 — Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Solaris accessible data as well as unauthorized read access to a subset of Solaris accessible data and unauthori... • https://packetstorm.news/files/id/143202 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5544
https://notcve.org/view.php?id=CVE-2016-5544
25 Oct 2016 — Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.3 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Kernel/X86. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5553
https://notcve.org/view.php?id=CVE-2016-5553
25 Oct 2016 — Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.3 permite a usuarios locales afectar la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 4.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5559
https://notcve.org/view.php?id=CVE-2016-5559
25 Oct 2016 — Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect integrity via vectors related to Kernel. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.3 permite a usuarios locales afectar la integridad a través de vectores relacionados con Kernel. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 7.8EPSS: 97%CPEs: 49EXPL: 4CVE-2016-2776 – ISC BIND 9 - Denial of Service
https://notcve.org/view.php?id=CVE-2016-2776
28 Sep 2016 — buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. buffer.c en named en ISC BIND 9 en versiones anteriores a 9.9.9-P3, 9.10.x en versiones anteriores a 9.10.4-P3 y 9.11.x en versiones anteriores a 9.11.0rc3 no construye respuestas adecuadamente, lo que permite a atacantes remotos provocar una denegación d... • https://packetstorm.news/files/id/180551 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 18%CPEs: 34EXPL: 0CVE-2016-6302 – openssl: Insufficient TLS session ticket HMAC length checks
https://notcve.org/view.php?id=CVE-2016-6302
16 Sep 2016 — The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. La función tls_decrypt_ticket en ssl/t1_lib.c en OpenSSL en versiones anteriores a 1.1.0 no considera el tamaño HMAC durante la validación de la longitud del ticket, lo que permite a atacantes remotos provocar una denegación de servicio a través de un ticket que es muy corto. ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •