Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulner…

CVSS: 7.2 · CWE: CWE-284

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope c…

CVSS: 7.8 · CWE: CWE-269

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Zones). The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope chan…

CVSS: 8.2 · CWE: CWE-250

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device Driver Interface). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: CVE-…

CVSS: 7.8 · CWE: CWE-269

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulne…

CVSS: 7.7 · CWE: CWE-284

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Core). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.1 Base Score 7.8 (Conf…

CVSS: 7.8 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.1 Base Sco…

CVSS: 7.0 · CWE: CWE-269

View on NVD

Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. A low privileged user can escalate to root by crafting a malicious printer and double clicking on the the crafted printer's icon.

CVSS: 7.8 · CWE: CWE-120

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Ora…

CVSS: 7.6 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Remote Administration Daemon). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repe…

CVSS: 7.5 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or a…

CVSS: 8.2 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.1 B…

CVSS: 7.8 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. S…

CVSS: 10.0 · CWE: CWE-787

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device Driver Utility). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful att…

CVSS: 7.3 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact addition…

CVSS: 8.8 · CWE: CWE-120

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additi…

CVSS: 7.8 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additi…

CVSS: 7.8 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional pro…

CVSS: 8.8 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access…

CVSS: 7.1 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Consolidation Infrastructure). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and wh…

CVSS: 7.5 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Success…

CVSS: 8.8 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: LDAP Client Tools). The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impa…

CVSS: 8.8 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical…

CVSS: 7.5 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significant…

CVSS: 8.8 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Gnuplot). The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Su…

CVSS: 7.3 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Filesystem). Supported versions that are affected are 11.4 and 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the att…

CVSS: 7.3 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: DHCP Client). The supported version that is affected is 10. Difficult to exploit vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerab…

CVSS: 7.5 · CWE: N/A

View on NVD

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash…

CVSS: 7.5 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.

CVSS: 7.2 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via vectors related to CDE - Power Management Utility.

CVSS: 7.2 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Power Management Utility.

CVSS: 7.2 · CWE: N/A

View on NVD

Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 and 11.1 have unspecified impact and attack vectors related to "Buffer errors."

CVSS: 10.0 · CWE: CWE-119

View on NVD

Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via vectors related to Kernel/STREAMS framework.

CVSS: 7.8 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/VM

CVSS: 7.2 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via vectors related to Driver/IDM (iSCSI Data Mover).

CVSS: 7.8 · CWE: N/A

View on NVD

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems,…

CVSS: 7.2 · CWE: CWE-119

View on NVD

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect availability, related to TCP/IP.

CVSS: 7.8 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to iSCSI DataMover (IDM).

CVSS: 7.8 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel/Filesystem.

CVSS: 7.8 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect confidentiality, integrity, and availability, related to LDAP library.

CVSS: 9.3 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to fingerd.

CVSS: 7.8 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Installer.

CVSS: 7.2 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to TCP/IP.

CVSS: 7.8 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to SMB and CIFS.

CVSS: 7.8 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operating systems, such as HP-UX, or claims fr…

CVSS: 10.0 · CWE: N/A

View on NVD

Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU a…

CVSS: 7.8 · CWE: N/A

View on NVD

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scheduler.

CVSS: 10.0 · CWE: N/A

View on NVD