Lucene search
K

132 matches found

CVE
CVE
added 2024/04/16 9:26 p.m.87 views

CVE-2024-21059

Summary for CVE-2024-21059 (Oracle Solaris) : A vulnerability in Oracle Solaris (11.x) affecting the Solaris Utility component. The advisory states the vulnerability allows a low-privileged, local attacker with logon to the host to compromise Oracle Solaris, and that successful exploitation can l...

7.8CVSS8.2AI score0.00169EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/24 12:0 a.m.7 views

The vulnerability of LOV components in terms of technical maintenance, repairs, and major overhauls of Oracle Complex Systems allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of LOV components in Oracle Complex Maintenance, Repair, and Overhaul systems arises due to insufficient validation of input data. Exploitation of this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or delete data using the HTTP...

6.4CVSS6.8AI score0.00168EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2024/01/16 10:15 p.m.24 views

CVE-2024-20920

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the...

3.8CVSS3.3AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2024/01/16 10:15 p.m.28 views

CVE-2024-20914

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Core. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to...

2.3CVSS2.4AI score0.00188EPSS
Exploits0References1
OSV
OSV
added 2024/01/16 10:15 p.m.3 views

CVE-2024-20906

Vulnerability in the Integrated Lights Out Manager ILOM product of Oracle Systems component: System Management. Supported versions that are affected are 3, 4 and 5. Easily exploitable vulnerability allows high privileged attacker with network access via ICMP to compromise Integrated Lights Out...

4.8CVSS7.3AI score
Exploits0References1
NVD
NVD
added 2024/01/16 10:15 p.m.20 views

CVE-2024-20906

Vulnerability in the Integrated Lights Out Manager ILOM product of Oracle Systems component: System Management. Supported versions that are affected are 3, 4 and 5. Easily exploitable vulnerability allows high privileged attacker with network access via ICMP to compromise Integrated Lights Out...

4.8CVSS4.2AI score0.00312EPSS
Exploits0References1
Prion
Prion
added 2024/01/16 10:15 p.m.19 views

Code injection

Vulnerability in the Integrated Lights Out Manager ILOM product of Oracle Systems component: System Management. Supported versions that are affected are 3, 4 and 5. Easily exploitable vulnerability allows high privileged attacker with network access via ICMP to compromise Integrated Lights Out...

4.3CVSS5.8AI score0.00312EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/16 9:41 p.m.59 views

CVE-2024-20946

CVE-2024-20946 affects Oracle Solaris kernel (version 11). The advisory and multiple feeds confirm an input-validation flaw in the Solaris kernel that can be exploited locally by a low-privilege user with logon to cause a hang or a frequent crash (denial of service). CVSS 3.1 base score is 5.5 (A...

5.5CVSS5.3AI score0.00177EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/16 9:41 p.m.58 views

CVE-2024-20920

Oracle Solaris has a CVE-2024-20920 vulnerability in the Filesystem component affecting version 11. The issue is described as a low-privilege, local-access flaw that can lead to unauthorized read access to a subset of Solaris data. The primary sources consistently cite the Solaris Filesystem as a...

3.8CVSS3.9AI score0.00181EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/16 9:41 p.m.73 views

CVE-2024-20906

CVE-2024-20906 affects Oracle’s Integrated Lights Out Manager (ILOM) in the System Management component for versions 3–5. The flaw enables a highly privileged attacker with network access over ICMP to compromise ILOM, with attack success requiring user interaction and potentially affecting other ...

4.8CVSS4.5AI score0.00312EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/10/17 10:15 p.m.25 views

CVE-2023-22129

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful...

5.5CVSS5.2AI score0.00185EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/07/20 12:0 a.m.27 views

Oracle Solaris Critical Patch Update : jul2023_SRU11_4_57_144_3

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Device Driver Interface. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker...

9.1CVSS5.8AI score0.5346EPSS
Exploits16References37
CVE
CVE
added 2023/07/18 8:18 p.m.103 views

CVE-2023-22023

CVE-2023-22023 affects Oracle Solaris 11, in the Device Driver Interface. The issue allows a local, low-privilege attacker with logon to the host to compromise Solaris, potentially taking over the system (CVSS v3.1 base 7.8; C/H/I/A). The CVE is noted as equivalent to CVE-2023-31284. Oracle’s Jul...

7.8CVSS7.7AI score0.0018EPSS
Exploits0References1Affected Software1
Qualys Blog
Qualys Blog
added 2023/04/19 11:47 a.m.394 views

Oracle Patch Tuesday April 2023 Security Update Review

Oracle has released the second quarterly edition of Critical Patch Update, which contains a group of patches for 433 security vulnerabilities. Some of the vulnerabilities addressed this month impact various products. These patches address vulnerabilities in Oracle code and third-party components...

7.5CVSS9.5AI score0.99677EPSS
Exploits130
Tenable Nessus
Tenable Nessus
added 2023/04/19 12:0 a.m.29 views

Oracle Solaris Critical Patch Update : apr2023_SRU11_4_56_138_2

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Utility. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with...

7.7CVSS7.7AI score0.00228EPSS
Exploits0References4
CVE
CVE
added 2023/04/18 7:54 p.m.137 views

CVE-2023-22003

CVE-2023-22003 affects Oracle Solaris (Utilities component) on Solaris 10 and 11. The vulnerability details indicate an unauthenticated attacker with access to the environment where Oracle Solaris runs can compromise Solaris, with exploitation requiring user interaction. CVSS v3.1 base score 3.3 ...

3.3CVSS2.8AI score0.0022EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/18 7:54 p.m.75 views

CVE-2023-21984

CVE-2023-21984 affects Oracle Solaris 11 (Libraries component). The vulnerability allows a low-privilege, network-access attacker (via HTTP) to cause a hang or repeatable crash (DoS) on affected systems. Root cause and affected details are documented in CVE records and Oracle CPU APR2023: CVSS v3...

6.5CVSS6.2AI score0.00658EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/18 7:54 p.m.58 views

CVE-2023-21985

CVE-2023-21985 affects Oracle Solaris (Utility) on Solaris 10 and 11. The vulnerability is exploitable to achieve total compromise with a high-privilege attacker who already has logon, requiring user interaction. The CVSS 3.1 base score is 7.7 (High) with impacts to confidentiality, integrity, an...

7.7CVSS7.4AI score0.00228EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/18 7:54 p.m.65 views

CVE-2023-21928

CVE-2023-21928 affects Oracle Solaris 11, in the IPS repository daemon. The issue is due to insufficient input validation, enabling a high-privilege attacker with local access to compromise Solaris; exploitation requires user interaction. The impact is unauthorized updates/inserts/deletes to Sola...

1.8CVSS1.7AI score0.00186EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/18 7:54 p.m.122 views

CVE-2023-21896

CVE-2023-21896 affects Oracle Solaris NSSwitch on Solaris 10 and 11. The vulnerability, described as difficult to exploit, allows a low-privileged attacker with logon to compromise Solaris and can lead to a full takeover. The CVSS v3.1 base score is 7.0 (Impact: Confidentiality, Integrity, Availa...

7CVSS6.7AI score0.00169EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder