Filtered by vendor Oracle
Subscriptions
Filtered by product Solaris
Subscriptions
Total
755 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-8768 | 4 Canonical, Opensuse, Oracle and 1 more | 4 Ubuntu Linux, Opensuse, Solaris and 1 more | 2025-04-12 | N/A |
| Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame. | ||||
| CVE-2014-8124 | 5 Fedoraproject, Openstack, Opensuse and 2 more | 5 Fedora, Horizon, Opensuse and 2 more | 2025-04-12 | N/A |
| OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page. | ||||
| CVE-2015-3811 | 3 Oracle, Redhat, Wireshark | 4 Linux, Solaris, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188. | ||||
| CVE-2015-3814 | 2 Oracle, Wireshark | 2 Solaris, Wireshark | 2025-04-12 | N/A |
| The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | ||||
| CVE-2015-2614 | 1 Oracle | 1 Solaris | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via vectors related to NVM Express SSD driver. | ||||
| CVE-2015-1038 | 3 7-zip, Fedoraproject, Oracle | 3 P7zip, Fedora, Solaris | 2025-04-12 | N/A |
| p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive. | ||||
| CVE-2014-1501 | 4 Google, Mozilla, Oracle and 1 more | 6 Android, Firefox, Solaris and 3 more | 2025-04-12 | N/A |
| Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection. | ||||
| CVE-2015-0561 | 3 Opensuse, Oracle, Wireshark | 3 Opensuse, Solaris, Wireshark | 2025-04-12 | N/A |
| asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet. | ||||
| CVE-2014-2432 | 3 Mariadb, Oracle, Redhat | 11 Mariadb, Mysql, Solaris and 8 more | 2025-04-12 | N/A |
| Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated. | ||||
| CVE-2015-4869 | 1 Oracle | 1 Solaris | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via unknown vectors related to Kernel. | ||||
| CVE-2016-3419 | 1 Oracle | 1 Solaris | 2025-04-12 | 3.3 Low |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem. | ||||
| CVE-2015-2317 | 6 Canonical, Debian, Djangoproject and 3 more | 6 Ubuntu Linux, Debian Linux, Django and 3 more | 2025-04-12 | N/A |
| The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL. | ||||
| CVE-2015-2729 | 3 Mozilla, Oracle, Redhat | 5 Firefox, Firefox Esr, Thunderbird and 2 more | 2025-04-12 | N/A |
| The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2016-0535 | 1 Oracle | 1 Solaris | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via vectors related to RPC. | ||||
| CVE-2016-0406 | 1 Oracle | 1 Solaris | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availability via vectors related to Libc. | ||||
| CVE-2015-0499 | 6 Canonical, Debian, Mariadb and 3 more | 16 Ubuntu Linux, Debian Linux, Mariadb and 13 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated. | ||||
| CVE-2016-4082 | 3 Debian, Oracle, Wireshark | 3 Debian Linux, Solaris, Wireshark | 2025-04-12 | N/A |
| epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet. | ||||
| CVE-2014-6568 | 7 Canonical, Debian, Fedoraproject and 4 more | 19 Ubuntu Linux, Debian Linux, Fedora and 16 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML. | ||||
| CVE-2015-4483 | 3 Mozilla, Opensuse, Oracle | 3 Firefox, Opensuse, Solaris | 2025-04-12 | N/A |
| Mozilla Firefox before 40.0 allows man-in-the-middle attackers to bypass a mixed-content protection mechanism via a feed: URL in a POST request. | ||||
| CVE-2014-1561 | 2 Mozilla, Oracle | 2 Firefox, Solaris | 2025-04-12 | N/A |
| Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization. | ||||