Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Filtered by product Solaris
Total 740 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-6530 3 Mariadb, Oracle, Suse 7 Mariadb, Mysql, Solaris and 4 more 2025-04-12 6.5 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP.
CVE-2015-2731 2 Mozilla, Oracle 4 Firefox, Firefox Esr, Thunderbird and 1 more 2025-04-12 10.0 HIGH N/A
Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.
CVE-2015-2737 5 Canonical, Debian, Mozilla and 2 more 10 Ubuntu Linux, Debian Linux, Firefox and 7 more 2025-04-12 10.0 HIGH N/A
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
CVE-2016-4971 4 Canonical, Gnu, Oracle and 1 more 4 Ubuntu Linux, Wget, Solaris and 1 more 2025-04-12 4.3 MEDIUM 8.8 HIGH
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
CVE-2015-3145 8 Apple, Canonical, Debian and 5 more 9 Mac Os X, Ubuntu Linux, Debian Linux and 6 more 2025-04-12 7.5 HIGH N/A
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
CVE-2015-6242 2 Oracle, Wireshark 2 Solaris, Wireshark 2025-04-12 4.3 MEDIUM N/A
The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block allocator in the memory manager in Wireshark 1.12.x before 1.12.7 does not properly consider a certain case of multiple realloc operations that restore a memory chunk to its original size, which allows remote attackers to cause a denial of service (incorrect free operation and application crash) via a crafted packet.
CVE-2016-3419 1 Oracle 1 Solaris 2025-04-12 2.1 LOW 3.3 LOW
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem.
CVE-2016-3718 6 Canonical, Imagemagick, Opensuse and 3 more 30 Ubuntu Linux, Imagemagick, Leap and 27 more 2025-04-12 4.3 MEDIUM 5.5 MEDIUM
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
CVE-2015-7830 2 Oracle, Wireshark 2 Solaris, Wireshark 2025-04-12 4.3 MEDIUM N/A
The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.
CVE-2016-5841 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 7.5 HIGH 9.8 CRITICAL
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
CVE-2015-2589 1 Oracle 1 Solaris 2025-04-12 4.9 MEDIUM N/A
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to S10 Branded Zone.
CVE-2015-2724 5 Canonical, Debian, Mozilla and 2 more 9 Ubuntu Linux, Debian Linux, Firefox and 6 more 2025-04-12 10.0 HIGH N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2015-2662 1 Oracle 1 Solaris 2025-04-12 1.9 LOW N/A
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to DHCP Server.
CVE-2016-5690 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 7.5 HIGH 9.8 CRITICAL
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
CVE-2015-4837 1 Oracle 1 Solaris 2025-04-12 6.6 MEDIUM N/A
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Security.
CVE-2015-2735 5 Canonical, Debian, Mozilla and 2 more 9 Ubuntu Linux, Debian Linux, Firefox and 6 more 2025-04-12 9.3 HIGH N/A
nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.
CVE-2015-2648 6 Canonical, Debian, Mariadb and 3 more 12 Ubuntu Linux, Debian Linux, Mariadb and 9 more 2025-04-12 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2015-3812 2 Oracle, Wireshark 3 Linux, Solaris, Wireshark 2025-04-12 7.8 HIGH N/A
Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet.
CVE-2015-2725 3 Mozilla, Novell, Oracle 7 Firefox, Firefox Esr, Thunderbird and 4 more 2025-04-12 10.0 HIGH N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2015-4817 1 Oracle 1 Solaris 2025-04-12 6.2 MEDIUM N/A
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel Zones virtualized NIC driver.