CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22003
https://notcve.org/view.php?id=CVE-2023-22003
18 Apr 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessib... • https://www.oracle.com/security-alerts/cpuapr2023.html •
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21985
https://notcve.org/view.php?id=CVE-2023-21985
18 Apr 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attac... • https://www.oracle.com/security-alerts/cpuapr2023.html • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21984
https://notcve.org/view.php?id=CVE-2023-21984
18 Apr 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Libraries). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 6.5 (Availability impacts). • https://www.oracle.com/security-alerts/cpuapr2023.html •
CVSS: 1.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21928
https://notcve.org/view.php?id=CVE-2023-21928
18 Apr 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: IPS repository daemon). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solari... • https://www.oracle.com/security-alerts/cpuapr2023.html •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21896
https://notcve.org/view.php?id=CVE-2023-21896
18 Apr 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpuapr2023.html • CWE-269: Improper Privilege Management •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21900
https://notcve.org/view.php?id=CVE-2023-21900
17 Jan 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulner... • https://www.oracle.com/security-alerts/cpujan2023.html •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2CVE-2021-43395
https://notcve.org/view.php?id=CVE-2021-43395
26 Dec 2022 — An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected. Se descubrió un problema en illumos antes de f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04 y SmartOS 20210923. Un usuario... • http://www.tribblix.org/relnotes.html • CWE-667: Improper Locking •
CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-9579
https://notcve.org/view.php?id=CVE-2019-9579
26 Dec 2022 — An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. The SMB server allows an attacker to have unintended access, e.g., an attacker with WRITE_XATTR can change permissions. This occurs because of a combination of three factors: ZFS extended attributes are used to implement NT named streams, the SMB protocol requires implementations to have open handle semantics similar to those of NTFS, and the SMB server passes along certain attribute requests to the underlying obj... • https://www.illumos.org/issues/10506 • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39401
https://notcve.org/view.php?id=CVE-2022-39401
18 Oct 2022 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.5 (Availability impacts). • https://www.oracle.com/security-alerts/cpuoct2022.html •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21610
https://notcve.org/view.php?id=CVE-2022-21610
18 Oct 2022 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDoms). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data and unauthorize... • https://www.oracle.com/security-alerts/cpuoct2022.html •