CVSS: 3.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22128
https://notcve.org/view.php?id=CVE-2023-22128
17 Oct 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via rquota to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. • https://www.oracle.com/security-alerts/cpuoct2023.html •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22003
https://notcve.org/view.php?id=CVE-2023-22003
18 Apr 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessib... • https://www.oracle.com/security-alerts/cpuapr2023.html •
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21985
https://notcve.org/view.php?id=CVE-2023-21985
18 Apr 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attac... • https://www.oracle.com/security-alerts/cpuapr2023.html • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21948
https://notcve.org/view.php?id=CVE-2023-21948
18 Apr 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Core). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpuapr2023.html •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21896
https://notcve.org/view.php?id=CVE-2023-21896
18 Apr 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpuapr2023.html • CWE-269: Improper Privilege Management •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21900
https://notcve.org/view.php?id=CVE-2023-21900
17 Jan 2023 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulner... • https://www.oracle.com/security-alerts/cpujan2023.html •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2CVE-2021-43395
https://notcve.org/view.php?id=CVE-2021-43395
26 Dec 2022 — An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected. Se descubrió un problema en illumos antes de f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04 y SmartOS 20210923. Un usuario... • http://www.tribblix.org/relnotes.html • CWE-667: Improper Locking •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2022-43752
https://notcve.org/view.php?id=CVE-2022-43752
31 Oct 2022 — Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. A low privileged user can escalate to root by crafting a malicious printer and double clicking on the the crafted printer's icon. Oracle Solaris versión 10 1/13, cuando se utiliza Common Desktop Environment (CDE), es vulnerable a una vulnerabilidad de escalada de privilegios. Un usuario con pocos privilegios puede escalar a root creando una impresora maliciosa y haciendo do... • http://phrack.org/issues/70/13.html#article • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21439
https://notcve.org/view.php?id=CVE-2022-21439
19 Jul 2022 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DO... • https://www.oracle.com/security-alerts/cpujul2022.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-2167
https://notcve.org/view.php?id=CVE-2021-2167
22 Apr 2021 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpuapr2021.html •