Page 3 of 619 results (0.006 seconds)

CVSS: 10.0EPSS: 89%CPEs: 2EXPL: 7

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. • https://www.exploit-db.com/exploits/49261 https://www.exploit-db.com/exploits/49896 https://www.exploit-db.com/exploits/50039 https://github.com/robidev/CVE-2020-14871-Exploit http://packetstormsecurity.com/files/159961/SunSSH-Solaris-10-x86-Remote-Root.html http://packetstormsecurity.com/files/160510/Solaris-SunSSH-11.0-x86-libpam-Remote-Root.html http://packetstormsecurity.com/files/160609/Oracle-Solaris-SunSSH-PAM-parse_user_name-Buffer-Overflow.html http://packetstormsecurity.com/files/163232 • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 9%CPEs: 67EXPL: 1

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). En el archivo filter.c en slapd en OpenLDAP versiones anteriores a 2.4.50, los filtros de búsqueda de LDAP con expresiones booleanas anidadas pueden resultar en una denegación de servicio (bloqueo del demonio). • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00016.html https://bugs.openldap.org/show_bug.cgi?id=9202 https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440 https://lists.debian.org/debian-lts-announce/2020/05/msg00001.html https://security.netapp.com/advisory/ntap-20200511-0003 https://support.apple.com/kb/HT211289 https://usn.ubuntu.com/4352-1 https&# • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 3

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. • https://www.exploit-db.com/exploits/48359 http://packetstormsecurity.com/files/157280/Common-Desktop-Environment-1.6-Local-Privilege-Escalation.html http://seclists.org/fulldisclosure/2020/Apr/25 http://www.openwall.com/lists/oss-security/2020/04/15/3 https://www.oracle.com/security-alerts/cpuapr2020.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. • https://www.oracle.com/security-alerts/cpuapr2020.html •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. • http://packetstormsecurity.com/files/157281/Common-Desktop-Environment-2.3.1-1.6-libDtSvc-Buffer-Overflow.html http://seclists.org/fulldisclosure/2020/Apr/25 http://www.openwall.com/lists/oss-security/2020/04/15/3 https://www.oracle.com/security-alerts/cpuapr2020.html •