Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Filtered by product Solaris
Total 741 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-2609 1 Oracle 1 Solaris 2025-04-12 4.9 MEDIUM N/A
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via vectors related to CPU performance counters drivers.
CVE-2014-6052 4 Canonical, Debian, Libvncserver and 1 more 4 Ubuntu Linux, Debian Linux, Libvncserver and 1 more 2025-04-12 7.5 HIGH N/A
The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message.
CVE-2015-2578 1 Oracle 1 Solaris 2025-04-12 7.1 HIGH N/A
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows remote attackers to affect availability via vectors related to Kernel IDMap.
CVE-2016-5454 1 Oracle 1 Solaris 2025-04-12 5.4 MEDIUM 6.4 MEDIUM
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot.
CVE-2015-4864 4 Canonical, Mariadb, Oracle and 1 more 10 Ubuntu Linux, Mariadb, Mysql and 7 more 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
CVE-2015-4487 4 Canonical, Mozilla, Opensuse and 1 more 5 Ubuntu Linux, Firefox, Firefox Os and 2 more 2025-04-12 7.5 HIGH N/A
The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
CVE-2015-5143 4 Canonical, Debian, Djangoproject and 1 more 4 Ubuntu Linux, Debian Linux, Django and 1 more 2025-04-12 7.8 HIGH N/A
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.
CVE-2015-4879 6 Canonical, Debian, Fedoraproject and 3 more 13 Ubuntu Linux, Debian Linux, Fedora and 10 more 2025-04-12 4.6 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.
CVE-2014-4243 3 Mariadb, Oracle, Suse 6 Mariadb, Mysql, Solaris and 3 more 2025-04-12 2.8 LOW N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.
CVE-2016-4957 5 Novell, Ntp, Opensuse and 2 more 9 Suse Manager, Ntp, Leap and 6 more 2025-04-12 5.0 MEDIUM 7.5 HIGH
ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.
CVE-2016-4956 6 Novell, Ntp, Opensuse and 3 more 11 Suse Manager, Ntp, Leap and 8 more 2025-04-12 5.0 MEDIUM 5.3 MEDIUM
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.
CVE-2015-0433 6 Canonical, Debian, Mariadb and 3 more 15 Ubuntu Linux, Debian Linux, Mariadb and 12 more 2025-04-12 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.
CVE-2015-0829 4 Canonical, Mozilla, Opensuse and 1 more 4 Ubuntu Linux, Firefox, Opensuse and 1 more 2025-04-12 6.8 MEDIUM N/A
Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.
CVE-2014-6568 7 Canonical, Debian, Fedoraproject and 4 more 16 Ubuntu Linux, Debian Linux, Fedora and 13 more 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.
CVE-2014-3532 6 Debian, Freedesktop, Linux and 3 more 6 Debian Linux, Dbus, Linux Kernel and 3 more 2025-04-12 2.1 LOW N/A
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service (system-bus disconnect of other services or applications) by sending a message containing a file descriptor, then exceeding the maximum recursion depth before the initial message is forwarded.
CVE-2015-0505 6 Canonical, Debian, Mariadb and 3 more 14 Ubuntu Linux, Debian Linux, Mariadb and 11 more 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
CVE-2015-2189 5 Debian, Mageia, Opensuse and 2 more 6 Debian Linux, Mageia, Opensuse and 3 more 2025-04-12 5.0 MEDIUM N/A
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.
CVE-2015-2574 1 Oracle 1 Solaris 2025-04-12 2.1 LOW N/A
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality via unknown vectors related to Text Utilities.
CVE-2014-2436 3 Mariadb, Oracle, Redhat 9 Mariadb, Mysql, Solaris and 6 more 2025-04-12 6.5 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.
CVE-2015-6248 2 Oracle, Wireshark 3 Linux, Solaris, Wireshark 2025-04-12 4.3 MEDIUM N/A
The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.