Astra Linux – Vulnerability in Ansible

A flaw was discovered in the solariszone module from the Ansible Community modules. When setting the name of a zone on the Solaris host, the zone name is checked by listing the process using the ‘ps’ command on the remote machine. An attacker could exploit this flaw by creating a fake zone name a...

CVE-2026-46978

Vulnerability in the Oracle Solaris product of Oracle Systems component: Remote Administration Daemon. The supported version that is affected is 11.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Solaris. While the vulnerabili...

CVE-2026-46914

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

PT-2026-50021

Name of the Vulnerable Software and Affected Versions Oracle Solaris version 11.4 Description An issue exists in the Filesystem component of Oracle Solaris. A low-privileged attacker with logon access to the infrastructure where the system executes can compromise the environment. Successful...

PT-2026-50075

Name of the Vulnerable Software and Affected Versions Oracle Solaris version 11.4 prior to SRU93 Description An issue exists in the Remote Administration Daemon that allows an unauthenticated attacker with network access via HTTPS to compromise the system. Successful exploitation can lead to...

CVE-2026-34281

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the...

CLSA-2026-1777614493 ansible: Fix of CVE-2019-14904

CVE-2019-14904: validate solariszone name to prevent command injection...

ansible: Fix of CVE-2019-14904

CVE-2019-14904: validate solariszone name to prevent command injection...

CLSA-2026-1777489309 ansible: Fix of CVE-2019-14904

CVE-2019-14904: validate solariszone name to prevent command injection...

Oracle Solaris Critical Patch Update : apr2026_SRU11_4_92_214_1

The version of Solaris installed on the remote host is prior to 11.4.92.214.1. It is, therefore, affected by a vulnerability as referenced in the solaris11apr2026SRU114922141 advisory. - Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is...

Oracle Solaris Kernel Denial of Service Vulnerability

Oracle Solaris is a Unix-like operating system developed by Oracle Corporation for use in server and enterprise-class computing environments. A denial of service vulnerability exists in Oracle Solaris. The vulnerability stems from a failure of a kernel component to properly handle certain...

EUVD-2026-24360

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the...

CVE-2026-34281

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the...

CVE-2026-34281

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the...

Oracle Solaris 安全漏洞

Oracle Solaris is a Unix-like operating system developed by Oracle Corporation for use in server and enterprise-class computing environments. A denial of service vulnerability exists in Oracle Solaris. The vulnerability stems from a failure of a kernel component to properly handle certain...

PT-2026-34105

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the...

CVE-2026-39883

OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed the Darwin ioreg command to use an absolute path but left the BSD kenv command using a bare name, allowing the same PATH hijacking attack on BSD and Solaris platforms. This...

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path through the hostIDReaderBSD.read function in sdk/resource/hostid.go. An attacker can execute a malicious kenv binary by placing it earlier in $PATH and triggering host ID detection on BSD or Solaris systems when...

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path through the hostIDReaderBSD.read function in sdk/resource/hostid.go. An attacker can execute a malicious kenv binary by placing it earlier in $PATH and triggering host ID detection on BSD or Solaris systems when...

CVE-2026-39883

OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed the Darwin ioreg command to use an absolute path but left the BSD kenv command using a bare name, allowing the same PATH hijacking attack on BSD and Solaris platforms. This...