CVSS: 10.0EPSS: 88%CPEs: 2EXPL: 11CVE-2020-14871 – Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2020-14871
21 Oct 2020 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. • https://packetstorm.news/files/id/160609 • CWE-787: Out-of-bounds Write •
CVSS: 3.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14818
https://notcve.org/view.php?id=CVE-2020-14818
21 Oct 2020 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with network access via SSH to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized upd... • https://www.oracle.com/security-alerts/cpuoct2020.html •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14759
https://notcve.org/view.php?id=CVE-2020-14759
21 Oct 2020 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerabil... • https://www.oracle.com/security-alerts/cpuoct2020.html •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14758
https://notcve.org/view.php?id=CVE-2020-14758
21 Oct 2020 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Solaris accessibl... • https://www.oracle.com/security-alerts/cpuoct2020.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14754
https://notcve.org/view.php?id=CVE-2020-14754
21 Oct 2020 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.5 (Availability impacts). • https://www.oracle.com/security-alerts/cpuoct2020.html •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14542
https://notcve.org/view.php?id=CVE-2020-14542
15 Jul 2020 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: libsuri). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.1 Base Score 3.3 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpujul2020.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14537
https://notcve.org/view.php?id=CVE-2020-14537
15 Jul 2020 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Packaging Scripts). The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this ... • https://www.oracle.com/security-alerts/cpujul2020.html • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14545
https://notcve.org/view.php?id=CVE-2020-14545
15 Jul 2020 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device Driver Utility). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical dat... • https://www.oracle.com/security-alerts/cpujul2020.html •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 1CVE-2020-14724 – Oracle Solaris 11 Device Driver Utility 1.3.1 Race Condition
https://notcve.org/view.php?id=CVE-2020-14724
15 Jul 2020 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device Driver Utility). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. • https://packetstorm.news/files/id/158435 •
CVSS: 7.5EPSS: 5%CPEs: 67EXPL: 1CVE-2020-12243 – openldap: denial of service via nested boolean expressions in LDAP search filters
https://notcve.org/view.php?id=CVE-2020-12243
28 Apr 2020 — In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). En el archivo filter.c en slapd en OpenLDAP versiones anteriores a 2.4.50, los filtros de búsqueda de LDAP con expresiones booleanas anidadas pueden resultar en una denegación de servicio (bloqueo del demonio). Red Hat OpenShift Do is a simple CLI tool for developers to create, build, and deploy applications on OpenShift. The odo tool is completely client-based ... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00016.html • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •