CVE Daily
← All tags

Tag: Oracle Solaris

All CVEs associated with "Oracle Solaris". Page 2/2 • 219 CVEs.

Subscribe CVEs: RSS for “Oracle Solaris”  ·  RSS (High+Critical only)

About “Oracle Solaris”

A curated feed of “Oracle Solaris”-related CVEs appears below. We currently track 219 CVEs for this tag (all time). In the last 365 days, 7 were published. Average CVSS is 5.1 (all time; 5.8 over 365d), and 21% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor, CWE-267 - Privilege Defined With Unsafe Actions.

In our taxonomy this topic maps to a LOW impact class. Issues here typically affect operating system packages or kernels. Plan reboots or service restarts and coordinate rollouts across fleets. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2013-10-16
Medium

CVE-2013-3837

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows remote attackers to affect availability via unknown vectors related to Cacao.

CVSS: 4.3 CWE: N/A View on NVD
2013-07-17
Medium

CVE-2013-3813

Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality and integrity via vectors related to Libraries/PAM-Unix.

CVSS: 5.8 CWE: N/A View on NVD
Medium

CVE-2013-3799

Unspecified vulnerability in Oracle Solaris 10 and 11, when running on AMD64, allows local users to affect availability via unknown vectors related to Kernel.

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2013-3797

Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Filesystem/DevFS.

CVSS: 4.7 CWE: N/A View on NVD
Medium

CVE-2013-3787

Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Kernel.

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2013-3786

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.

CVSS: 6.0 CWE: N/A View on NVD
Medium

CVE-2013-3765

Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Kernel/VM.

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2013-3757

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect integrity and availability via vectors related to SMF/File Locking Services.

CVSS: 6.4 CWE: N/A View on NVD
High

CVE-2013-3753

Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via vectors related to Kernel/STREAMS framework.

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2013-3752

Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect integrity via vectors related to Service Management Facility (SMF).

CVSS: 4.3 CWE: N/A View on NVD
High

CVE-2013-3750

Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/VM

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2013-3748

Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via vectors related to Driver/IDM (iSCSI Data Mover).

CVSS: 7.8 CWE: N/A View on NVD
Low

CVE-2013-3745

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Libraries/Libc.

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2013-0398

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors related to Utility/Remote Execution Server (in.rexecd).

CVSS: 5.0 CWE: N/A View on NVD
2012-07-17
Medium

CVE-2012-1687

Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability, related to Logical Domains (LDOM).

CVSS: 5.6 CWE: N/A View on NVD
Low

CVE-2012-0563

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kerberos/klist.

CVSS: 2.1 CWE: N/A View on NVD
2012-06-12
High

CVE-2012-0217

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent Sm…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2012-01-18
Low

CVE-2012-0109

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality and availability, related to TCP/IP.

CVSS: 3.6 CWE: N/A View on NVD
Medium

CVE-2012-0103

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to Kernel.

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2012-0100

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kerberos.

CVSS: 6.8 CWE: N/A View on NVD
Low

CVE-2012-0099

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to sshd.

CVSS: 2.6 CWE: N/A View on NVD
Low

CVE-2012-0098

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2011-0813.

CVSS: 1.9 CWE: N/A View on NVD
Low

CVE-2012-0097

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect confidentiality via unknown vectors related to ksh93 Shell.

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2012-0096

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Network.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2012-0094

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect availability, related to TCP/IP.

CVSS: 7.8 CWE: N/A View on NVD
2011-10-18
High

CVE-2011-3543

Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to iSCSI DataMover (IDM).

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2011-3542

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Kernel/Performance Counter BackEnd Module (pcbe).

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2011-3539

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Zones.

CVSS: 1.7 CWE: N/A View on NVD
High

CVE-2011-3537

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel/Filesystem.

CVSS: 7.8 CWE: N/A View on NVD
Low

CVE-2011-3536

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to DTrace Software Library (libdtrace).

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2011-3534

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Network Status Monitor (statd).

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2011-3515

Unspecified vulnerability in the Oracle Solaris 10 and 11 Express allows local users to affect integrity and availability via unknown vectors related to Process File System (procfs).

CVSS: 5.6 CWE: N/A View on NVD
Critical

CVE-2011-3508

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect confidentiality, integrity, and availability, related to LDAP library.

CVSS: 9.3 CWE: N/A View on NVD
Medium

CVE-2011-2313

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to ZFS, a different vulnerability than CVE-2011-2311.

CVSS: 4.3 CWE: N/A View on NVD
Low

CVE-2011-2312

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, related to ZFS.

CVSS: 1.7 CWE: N/A View on NVD
Low

CVE-2011-2311

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to ZFS, a different vulnerability than CVE-2011-2313.

CVSS: 1.7 CWE: N/A View on NVD
Medium

CVE-2011-2304

Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality, related to Network Services Library (libnsl).

CVSS: 4.3 CWE: N/A View on NVD
Low

CVE-2011-2292

Unspecified vulnerability in Oracle Solaris 9 and 11 Express allows local users to affect confidentiality and integrity via unknown vectors related to xscreensaver.

CVSS: 2.4 CWE: N/A View on NVD
Low

CVE-2011-2286

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote authenticated users to affect availability, related to ZFS.

CVSS: 2.1 CWE: N/A View on NVD
2011-07-21
Medium

CVE-2011-2298

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote attackers to affect availability, related to KSSL.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2011-2297

Unspecified vulnerability in Oracle Solaris Cluster 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Data Service for WebLogic Server.

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2011-2296

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, related to Kernel/SCTP.

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2011-2295

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to Driver/USB.

CVSS: 4.7 CWE: N/A View on NVD
Medium

CVE-2011-2294

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote attackers to affect availability, related to SSH.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2011-2293

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to Zones.

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2011-2291

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality via unknown vectors related to Trusted Extensions.

CVSS: 1.7 CWE: N/A View on NVD
Medium

CVE-2011-2290

Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel/sockfs.

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2011-2289

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect integrity and availability via unknown vectors related to LiveUpgrade.

CVSS: 3.6 CWE: N/A View on NVD
High

CVE-2011-2287

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to fingerd.

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2011-2285

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Installer.

CVSS: 7.2 CWE: N/A View on NVD
2011-07-20
Medium

CVE-2011-2259

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to UFS.

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2011-2258

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rksh.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2011-2249

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote authenticated users to affect availability, related to TCP/IP.

CVSS: 5.2 CWE: N/A View on NVD
2011-05-16
Medium

CVE-2011-0419

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in…

CVSS: 4.3 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
2011-04-20
High

CVE-2011-0841

Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to TCP/IP.

CVSS: 7.8 CWE: N/A View on NVD
Low

CVE-2011-0839

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect availability, related to LOFS.

CVSS: 3.7 CWE: N/A View on NVD
Medium

CVE-2011-0829

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/SPARC.

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2011-0821

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to uucp.

CVSS: 3.0 CWE: N/A View on NVD
Medium

CVE-2011-0820

Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Kernel.

CVSS: 5.4 CWE: N/A View on NVD
Medium

CVE-2011-0813

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2012-0098.

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2011-0812

Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel.

CVSS: 3.7 CWE: N/A View on NVD
Low

CVE-2011-0801

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect confidentiality and integrity via unknown vectors related to cp.

CVSS: 3.6 CWE: N/A View on NVD
Medium

CVE-2011-0800

Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to…

CVSS: 6.5 CWE: N/A View on NVD
Low

CVE-2011-0790

Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality via unknown vectors related to wbem.

CVSS: 1.7 CWE: N/A View on NVD
2011-04-19
Low

CVE-2011-0412

Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/, which allows local users to obtain password hashes and conduct brute…

CVSS: 2.1 CWE: CWE-255 View on NVD
2011-01-19
Low

CVE-2010-4460

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Fault Manager Daemon.

CVSS: 3.6 CWE: N/A View on NVD
Medium

CVE-2010-4459

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to SCTP and Kernel/sockfs.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2010-4458

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, related to ZFS.

CVSS: 4.1 CWE: N/A View on NVD
High

CVE-2010-4457

Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to SMB and CIFS.

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2010-4446

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to RDS and Kernel/InfiniBand.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2010-4443

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/NFS.

CVSS: 4.4 CWE: N/A View on NVD
Medium

CVE-2010-4442

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to the Kernel.

CVSS: 4.4 CWE: N/A View on NVD
Critical

CVE-2010-4435

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE:…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2010-4433

Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality via unknown vectors related to Ethernet and the Driver sub-component.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2010-4415

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to libc.

CVSS: 4.1 CWE: N/A View on NVD
Low

CVE-2010-3586

Unspecified vulnerability in Oracle Solaris 9 allows local users to affect confidentiality and integrity via unknown vectors related to XScreenSaver.

CVSS: 3.6 CWE: N/A View on NVD
High

CVE-2010-2632

Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 201…

CVSS: 7.8 CWE: N/A View on NVD
2010-10-14
Low

CVE-2010-3576

Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect integrity and availability, related to the SCSI enclosure services device driver.

CVSS: 3.6 CWE: N/A View on NVD
Low

CVE-2010-3542

Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality, related to USB.

CVSS: 1.9 CWE: N/A View on NVD
Medium

CVE-2010-3540

Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to ZFS.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2010-3517

Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to Kernel/X86.

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2010-3516

Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability via unknown vectors related to InfiniBand.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2010-3515

Unspecified vulnerability in the Solaris component in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to Kernel/Disk Driver.

CVSS: 4.0 CWE: N/A View on NVD
Low

CVE-2010-3513

Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect integrity and availability via unknown vectors related to Device Drivers.

CVSS: 2.4 CWE: N/A View on NVD
Critical

CVE-2010-3509

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scheduler.

CVSS: 10.0 CWE: N/A View on NVD
Low

CVE-2010-3508

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Zones.

CVSS: 3.2 CWE: N/A View on NVD
Medium

CVE-2010-3507

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Live Upgrade.

CVSS: 6.6 CWE: N/A View on NVD
Medium

CVE-2010-3503

Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect confidentiality and integrity via unknown vectors related to su.

CVSS: 6.3 CWE: N/A View on NVD
2010-07-13
Medium

CVE-2010-2400

Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to Kernel/Filesystem.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2010-2399

Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability via unknown vectors related to Kernel/VM.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2010-2394

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to TCP/IP.

CVSS: 4.7 CWE: N/A View on NVD
Low

CVE-2010-2393

Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to RPC.

CVSS: 3.8 CWE: N/A View on NVD
Medium

CVE-2010-2392

Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect integrity and availability, related to ZFS.

CVSS: 5.6 CWE: N/A View on NVD
Medium

CVE-2010-2386

Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to GigaSwift Ethernet Driver.

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2010-2384

Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Management Console.

CVSS: 3.2 CWE: N/A View on NVD
Low

CVE-2010-2383

Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality and integrity, related to NFS.

CVSS: 3.2 CWE: N/A View on NVD
Low

CVE-2010-2382

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors.

CVSS: 3.2 CWE: N/A View on NVD
Low

CVE-2010-2376

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Management Console.

CVSS: 3.2 CWE: N/A View on NVD
2010-03-29
Low

CVE-2010-1183

Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager.

CVSS: 3.3 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD