Page 12 of 300 results (0.008 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en Oracle Sun Solaris 11.3 permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93749 http://www.securitytracker.com/id/1037048 • CWE-284: Improper Access Control •

CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect availability via vectors related to IKE. Vulnerabilidad no especificada en Oracle Sun Solaris 11.3 permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con IKE. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93710 http://www.securitytracker.com/id/1037048 •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel Zones. Vulnerabilidad no especificada en Oracle Sun Solaris 11.3 permite a usuarios locales afectar la disponibilidad a través de vectores relacionados con Kernel Zones. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93713 http://www.securitytracker.com/id/1037048 • CWE-284: Improper Access Control •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.3 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Kernel/X86. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93746 http://www.securitytracker.com/id/1037048 •

CVSS: 7.8EPSS: 97%CPEs: 49EXPL: 2

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. buffer.c en named en ISC BIND 9 en versiones anteriores a 9.9.9-P3, 9.10.x en versiones anteriores a 9.10.4-P3 y 9.11.x en versiones anteriores a 9.11.0rc3 no construye respuestas adecuadamente, lo que permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de una consulta manipulada. A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. A defect in the rendering of messages into packets can cause named to exit with an assertion failure in buffer.c while constructing a response to a query that meets certain criteria. This assertion can be triggered even if the apparent source address isnt allowed to make queries. • https://www.exploit-db.com/exploits/40453 https://github.com/infobyte/CVE-2016-2776 http://rhn.redhat.com/errata/RHSA-2016-1944.html http://rhn.redhat.com/errata/RHSA-2016-1945.html http://rhn.redhat.com/errata/RHSA-2016-2099.html http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html http://www.securityf • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •