Lucene search
K

132 matches found

CVE
CVE
added 2020/04/15 1:29 p.m.101 views

CVE-2020-2771

CVE-2020-2771 affects Oracle Solaris 10 and 11, in the Whodo component. The issue is a heap-based buffer overflow in setuid root whodo and w binaries that can be triggered by a low-privileged user with logon access, with required human interaction, potentially allowing unauthorized read access to...

2.5CVSS2AI score0.00536EPSS
Exploits3References4Affected Software1
Cvelist
Cvelist
added 2020/04/15 1:29 p.m.19 views

CVE-2020-2771

Vulnerability in the Oracle Solaris product of Oracle Systems component: Whodo. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

2.5CVSS2.1AI score0.00536EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2020/01/16 12:0 a.m.85 views

Oracle Solaris Critical Patch Update : jan2020_SRU11_4_17_3_0

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Consolidation Infrastructure. The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged...

7.5CVSS6.1AI score0.00402EPSS
Exploits0References7
NVD
NVD
added 2020/01/15 5:15 p.m.19 views

CVE-2020-2680

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While th...

6CVSS5.5AI score0.00353EPSS
Exploits0References1
NVD
NVD
added 2020/01/15 5:15 p.m.21 views

CVE-2020-2578

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via SMB to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris,...

5.8CVSS5.2AI score0.01617EPSS
Exploits0References1
Prion
Prion
added 2020/01/15 5:15 p.m.19 views

Buffer overflow

Vulnerability in the Oracle VM Server for SPARC product of Oracle Systems component: Templates. The supported version that is affected is 3.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM Server for SPARC executes to compromise...

1.9CVSS3.4AI score0.00427EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/01/15 5:15 p.m.18 views

Code injection

Vulnerability in the Oracle Solaris product of Oracle Systems component: Consolidation Infrastructure. The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracl...

3.7CVSS7.7AI score0.00402EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/01/15 4:34 p.m.144 views

CVE-2020-2696

CVE-2020-2696 affects Oracle Solaris 10, specifically the Common Desktop Environment (CDE) dtsession component. A buffer overflow in CheckMonitor() (CDE 2.3.1 and earlier; 1.6 and earlier) allows a local user with logon to gain root privileges via a crafted palette name in a malicious .Xdefaults ...

8.8CVSS8.5AI score0.00643EPSS
Exploits7References6Affected Software1
CVE
CVE
added 2020/01/15 4:34 p.m.62 views

CVE-2020-2664

CVE-2020-2664 affects Oracle Solaris 11 FFilesystem; vulnerability details indicate a locally exploitable issue where a low-privilege attacker with logon and human interaction could compromise Solaris, with potential unauthorized read/update/delete of data and partial confidentiality/integrity im...

4.6CVSS4.6AI score0.00364EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/01/15 4:34 p.m.64 views

CVE-2020-2680

CVE-2020-2680 affects Oracle Solaris 11 in the Filesystem component. The vulnerability can be exploited locally by a high-privilege attacker with logon to the Solaris host, potentially leading to a hang or frequent, complete denial of service of Oracle Solaris. The CVSS v3.0 impact is primarily A...

6CVSS6.1AI score0.00353EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/01/15 4:34 p.m.52 views

CVE-2020-2605

CVE-2020-2605 affects Oracle Solaris 11 in the Filesystem component. The connected documents specify that it is a local, low-privilege vulnerability with the attacker able to log on to the Solaris infrastructure and potentially cause unauthorized access to data, or a hang/frequent crash (DOS) of ...

7.1CVSS6.9AI score0.00384EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/01/15 4:34 p.m.58 views

CVE-2020-2578

CVE-2020-2578 affects Oracle Solaris (Kernel) 11. The connected documents confirm a vulnerability in the Solaris kernel with network access via SMB as the attack surface, leading to a partial denial of service. The CVSSv3 base score is 5.8 (Medium) with network access, low attack complexity, no p...

5.8CVSS5.4AI score0.01617EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/01/15 4:34 p.m.58 views

CVE-2020-2571

CVE-2020-2571 affects Oracle VM Server for SPARC (Templates), with vulnerability resting in version 3.6. The flaw can be triggered by a locally present attacker who has logon to the infrastructure and requires user interaction to exploit, potentially leading to unauthorized updates or reads in Or...

3.3CVSS3.4AI score0.00427EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/01/15 4:34 p.m.10 views

CVE-2020-2571

Vulnerability in the Oracle VM Server for SPARC product of Oracle Systems component: Templates. The supported version that is affected is 3.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM Server for SPARC executes to compromise...

3.3CVSS5.1AI score0.00427EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/01/15 4:34 p.m.10 views

CVE-2020-2565

Vulnerability in the Oracle Solaris product of Oracle Systems component: Consolidation Infrastructure. The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracl...

7.5CVSS6.6AI score0.00402EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/01/15 4:34 p.m.29 views

CVE-2020-2571

Vulnerability in the Oracle VM Server for SPARC product of Oracle Systems component: Templates. The supported version that is affected is 3.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM Server for SPARC executes to compromise...

3.3CVSS3.5AI score0.00427EPSS
Exploits0References1
CVE
CVE
added 2020/01/15 4:34 p.m.90 views

CVE-2020-2565

CVE-2020-2565 affects Oracle Solaris 11 in the Consolidation Infrastructure component. The vulnerability allows a low-privileged user with local logon to Oracle Solaris infrastructure to compromise the system, with user interaction required and potential impact beyond the Solaris host. The CVSS 3...

7.5CVSS7.4AI score0.00402EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/01/15 4:34 p.m.53 views

CVE-2020-2558

CVE-2020-2558 affects Oracle Solaris (kernel) on Solaris 11. An unauthenticated attacker on the network can exploit SMB to compromise the system and cause a partial Denial of Service. The connected sources confirm this kernel-vulnerability scenario and note a patch is available as part of Oracle’...

5.8CVSS5.4AI score0.01776EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/01/15 12:0 a.m.33 views

Solaris 10 (x86) : 150401-68

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

5.3CVSS6.5AI score0.00314EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2020/01/14 11:43 p.m.192 views

Oracle Ties Previous All-Time Patch High with January Updates

Oracle has patched 334 vulnerabilities across all of its product families in its January 2020 quarterly Critical Patch Update CPU. Out of these, 43 are critical/severe flaws carrying CVSS scores of 9.1 and above. The CPU ties for Oracle’s previous all-time high for number of patches issued, in Ju...

7.5CVSS0.89436EPSS
Exploits14References9
Rows per page
Query Builder