Oracle Solaris vulnerabilities
549 known vulnerabilities affecting oracle/solaris.
Total CVEs
549
CISA KEV
6
actively exploited
Public exploits
29
Exploited in wild
8
Severity breakdown
CRITICAL45HIGH116MEDIUM285LOW103
Vulnerabilities
Page 14 of 28
CVE-2015-2697MEDIUMCVSS 4.0v11.32015-11-09
CVE-2015-2697 [MEDIUM] CWE-125 CVE-2015-2697: The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14
The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request.
nvd
CVE-2015-2695MEDIUMCVSS 5.0v11.32015-11-09
CVE-2015-2695 [MEDIUM] CWE-763 CVE-2015-2695: lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.
nvd
CVE-2015-4907MEDIUMCVSS 4.6v11.22015-10-22
CVE-2015-4907 [MEDIUM] CVE-2015-4907: Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2015-4820.
nvd
CVE-2015-4913LOWCVSS 3.5v11.32015-10-22
CVE-2015-4913 [LOW] CVE-2015-4913: Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows re
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
nvd
CVE-2015-4819HIGHCVSS 7.2v11.32015-10-21
CVE-2015-4819 [HIGH] CVE-2015-4819: Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.
nvd
CVE-2015-4837MEDIUMCVSS 6.6v11.22015-10-21
CVE-2015-4837 [MEDIUM] CVE-2015-4837: Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Security.
nvd
CVE-2015-4870MEDIUMCVSS 4.0PoCv11.32015-10-21
CVE-2015-4870 [MEDIUM] CVE-2015-4870: Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.
nvd
CVE-2015-4820MEDIUMCVSS 6.2v11.22015-10-21
CVE-2015-4820 [MEDIUM] CVE-2015-4820: Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2015-4907.
nvd
CVE-2015-4817MEDIUMCVSS 6.2v11.22015-10-21
CVE-2015-4817 [MEDIUM] CVE-2015-4817: Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel Zones virtualized NIC driver.
nvd
CVE-2015-2642MEDIUMCVSS 4.4v10v11.22015-10-21
CVE-2015-2642 [MEDIUM] CVE-2015-2642: Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentia
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gzip.
nvd
CVE-2015-4869MEDIUMCVSS 4.9v10v11.22015-10-21
CVE-2015-4869 [MEDIUM] CVE-2015-4869: Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availabilit
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via unknown vectors related to Kernel.
nvd
CVE-2015-4802MEDIUMCVSS 4.0v11.32015-10-21
CVE-2015-4802 [MEDIUM] CVE-2015-4802: Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows re
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792.
nvd
CVE-2015-4826MEDIUMCVSS 4.0v11.32015-10-21
CVE-2015-4826 [MEDIUM] CVE-2015-4826: Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows re
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.
nvd
CVE-2015-4816MEDIUMCVSS 4.0v11.32015-10-21
CVE-2015-4816 [MEDIUM] CVE-2015-4816: Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated user
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
nvd
CVE-2015-4830MEDIUMCVSS 4.0v11.32015-10-21
CVE-2015-4830 [MEDIUM] CVE-2015-4830: Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows re
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
nvd
CVE-2015-4815MEDIUMCVSS 4.0v11.32015-10-21
CVE-2015-4815 [MEDIUM] CVE-2015-4815: Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows re
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.
nvd
CVE-2015-4891MEDIUMCVSS 4.6v11.22015-10-21
CVE-2015-4891 [MEDIUM] CVE-2015-4891: Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to NSCD.
nvd
CVE-2015-4858MEDIUMCVSS 4.0v11.32015-10-21
CVE-2015-4858 [MEDIUM] CVE-2015-4858: Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913.
nvd
CVE-2015-4879MEDIUMCVSS 4.6v11.32015-10-21
CVE-2015-4879 [MEDIUM] CVE-2015-4879: Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.
nvd
CVE-2015-4831MEDIUMCVSS 4.9v11.22015-10-21
CVE-2015-4831 [MEDIUM] CVE-2015-4831: Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via u
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2015-4822.
nvd