132 matches found
CVE-2020-14759
Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful...
Code injection
Vulnerability in the Oracle Solaris product of Oracle Systems component: Pluggable authentication module. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris...
CVE-2020-14871
Vulnerability in the Oracle Solaris product of Oracle Systems component: Pluggable authentication module. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris...
CVE-2020-14818
CVE-2020-14818 targets Oracle Solaris 11, specifically the Utility component. The issue is a vulnerability in Solaris 11 allowing a low-privileged attacker who can reach the system over SSH on the network to compromise Oracle Solaris. Attacks require user interaction, and while the flaw exists in...
CVE-2020-14758
Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful...
CVE-2020-14754
CVE-2020-14754 affects Oracle Solaris 11, specifically the Filesystem component. The vulnerability is described as an authorization issue that could allow a low-privileged, logged-on attacker to compromise Solaris, potentially causing the system to hang or crash (complete/ frequent DOS). The base...
CVE-2020-14758
CVE-2020-14758 affects Oracle Solaris (Kernel) on the 11.x line. The vulnerability is a local, low-privilege issue where an attacker with logon can exploit a kernel component flaw to gain unauthorized access to data or achieve partial denial of service; human interaction is required. CVSS 3.1 bas...
CVE-2020-14759
CVE-2020-14759 affects Oracle Solaris kernel (likely Solaris 11) with a vulnerability in the Kernel component. The available connected documents describe a low-privilege, logon-access vulnerability that requires user interaction to exploit and can lead to unauthorized updates, inserts, or deletio...
The vulnerability of the Data Masking component regarding data copying from working Oracle systems allows attackers to modify, add, or delete data, or gain unauthorized access to protected information.
The vulnerability of Data Masking in copying data from Oracle workstations exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to protected information...
Design/Logic Flaw
Vulnerability in the Oracle Solaris product of Oracle Systems component: Device Driver Utility. The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle...
CVE-2020-14724
CVE-2020-14724 is a vulnerability in Oracle Solaris, specifically impacting the Device Driver Utility component. Multiple connected sources confirm affected product: Oracle Solaris (version 11). The vulnerability allows a low-privileged attacker who has logon access to the system to compromise Or...
CVE-2020-14545
CVE-2020-14545 is a vulnerability in Oracle Solaris (component: Device Driver Utility) affecting the 11.x family. The connected documents specify that the vulnerability allows a low-privilege, logon-based attacker, with required user interaction, to compromise Oracle Solaris and potentially perfo...
CVE-2020-14542
Based on connected records, CVE-2020-14542 affects Oracle Solaris (libsuri) on the 11.x line. It is described as an information-disclosure vulnerability allowing a local, low-privilege attacker with logon to read a subset of Solaris data. The Red Hat entry reinforces the same component/version im...
CVE-2020-14537
CVE-2020-14537 affects Oracle Solaris 11 Packaging Scripts. A local, high-privilege attacker with logon and, per the 2020 Jul CPU notes, user interaction can cause a hang or complete DOS. CVSSv3.1 base score 5.5 (A: HIGH, Availability). No exploitation details are provided beyond vendor advisorie...
Unspecified Vulnerability in Oracle Systems Solaris (CNVD-2020-24432)
Oracle Systems Solaris is an Oracle MySQL server product from Oracle Corporation. A security vulnerability exists in Oracle Systems Solaris, which can be exploited by attackers to compromise the availability, confidentiality, and integrity of data by taking control of Solaris...
Oracle Solaris Critical Patch Update : apr2020_SRU11_4_19_3_0
This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Sun ZFS Storage Appliance Kit product of Oracle Systems component: Operating System Image. The supported version that is affected is 8.8. Difficult to exploit vulnerability allows low...
CVE-2020-2851
Vulnerability in the Oracle Solaris product of Oracle Systems component: Common Desktop Environment. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise...
CVE-2020-2944
CVE-2020-2944 is a local privilege-escalation vulnerability in Oracle Solaris, affecting the Common Desktop Environment (CDE) component. A buffer overflow in sdtcm_convert allows a low-privileged user with logon to Solaris to gain root privileges when handling a malicious calendar file; the issue...
CVE-2020-2927
CVE-2020-2927 affects Oracle Solaris (Common Desktop Environment) on Solaris 10 and 11. It is a local-privilege vulnerability in the CDE component that can lead to takeover of Oracle Solaris; CVSS 3.0 base score 7.8 (HIGH). Oracle’s APR2020 CPU/SRU11 3.36.20.0 patch bundle includes this CVE, indi...
CVE-2020-2851
CVE-2020-2851 affects Oracle Solaris (Common Desktop Environment: libDtSvc) on Solaris 10 and 11. A stack-based buffer overflow in libDtSvc may allow a low-privilege local user to gain control of the system, potentially leading to takeover of Solaris and impact to other products. The vulnerabilit...