CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 0CVE-2018-2717
https://notcve.org/view.php?id=CVE-2018-2717
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Solaris accessible data as well as unauthorized access to critical data or complete access to all Solaris accessible data. • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/102613 http://www.securitytracker.com/id/1040215 •
CVSS: 5.6EPSS: 97%CPEs: 1467EXPL: 3CVE-2017-5753 – Multiple CPUs - 'Spectre' Information Disclosure
https://notcve.org/view.php?id=CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores con ejecución especulativa y predicción de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. • https://www.exploit-db.com/exploits/43427 https://github.com/sachinthaBS/Spectre-Vulnerability-CVE-2017-5753- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html http://nvidia.custhe • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5553
https://notcve.org/view.php?id=CVE-2016-5553
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.3 permite a usuarios locales afectar la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93759 http://www.securitytracker.com/id/1037048 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5544
https://notcve.org/view.php?id=CVE-2016-5544
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.3 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Kernel/X86. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93746 http://www.securitytracker.com/id/1037048 •
CVSS: 4.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5559
https://notcve.org/view.php?id=CVE-2016-5559
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect integrity via vectors related to Kernel. Vulnerabilidad no especificada en Oracle Sun Solaris 10 y 11.3 permite a usuarios locales afectar la integridad a través de vectores relacionados con Kernel. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93722 http://www.securitytracker.com/id/1037048 •