Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle solaris - vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2020-14871
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromis...
Oracle Solaris 9
Oracle Solaris
2 Github repositories
10
CVSSv3
CVE-2017-10137
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that are affected are 10.3.6.0 and 12.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
1 Article
10
CVSSv3
CVE-2017-3623
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel RPC). For supported versions that are affected see note. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to co...
Oracle Solaris
1 Article
9.9
CVSSv3
CVE-2021-3781
A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript in...
Artifex Ghostscript 9.52
Artifex Ghostscript 9.50
Artifex Ghostscript 9.53.3
Artifex Ghostscript 9.54.0
Fedoraproject Fedora 34
1 Github repository
9.8
CVSSv3
CVE-2020-10108
In Twisted Web up to and including 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined reques...
Twistedmatrix Twisted
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Oracle Solaris 11
Oracle Solaris 10
Oracle Zfs Storage Appliance Kit 8.8
9.8
CVSSv3
CVE-2019-17195
Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.
Connect2id Nimbus Jose+jwt
Apache Hadoop 3.2.1
Oracle Solaris Cluster 4.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Primavera Gateway 19.12.0
Oracle Data Integrator 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Primavera Gateway
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Jd Edwards Enterpriseone Tools
Oracle Policy Automation
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Insurance Policy Administration
Oracle Healthcare Data Repository 8.1.0
Oracle Jd Edwards Enterpriseone Orchestrator
9.8
CVSSv3
CVE-2018-2930
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via RPC to compromis...
Oracle Solaris Cluster 3.3
Oracle Solaris Cluster 4.3
9.8
CVSSv3
CVE-2017-3632
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: CDE Calendar). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Solaris. Succes...
Oracle Solaris 11
Oracle Solaris 10
1 Article
9.8
CVSSv3
CVE-2016-5690
The ReadDCMImage function in DCM reader in ImageMagick prior to 6.9.4-5 and 7.x prior to 7.0.1-7 allows remote malicious users to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
Oracle Solaris 11.3
Imagemagick Imagemagick 7.0.1-4
Imagemagick Imagemagick 7.0.1-1
Imagemagick Imagemagick 7.0.1-5
Imagemagick Imagemagick 7.0.1-3
Imagemagick Imagemagick 7.0.1-2
Imagemagick Imagemagick
Imagemagick Imagemagick 7.0.1-0
Imagemagick Imagemagick 7.0.1-6
9.8
CVSSv3
CVE-2016-5691
The DCM reader in ImageMagick prior to 6.9.4-5 and 7.x prior to 7.0.1-7 allows remote malicious users to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.
Oracle Solaris 11.3
Imagemagick Imagemagick 7.0.1-4
Imagemagick Imagemagick 7.0.1-1
Imagemagick Imagemagick 7.0.1-5
Imagemagick Imagemagick 7.0.1-3
Imagemagick Imagemagick 7.0.1-2
Imagemagick Imagemagick
Imagemagick Imagemagick 7.0.1-0
Imagemagick Imagemagick 7.0.1-6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »