Oracle Solaris vulnerabilities

CVE-2018-2892 [HIGH] CVE-2018-2892: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Availabil Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Availability Suite Service). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can r

CVE-2018-2908 [HIGH] CVE-2018-2908: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via RPC to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successf

CVE-2018-2926 [HIGH] CVE-2018-2926: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NVIDIA-GF Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NVIDIA-GFX Kernel driver). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via ISCSI to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to c

CVE-2018-2903 [MEDIUM] CVE-2018-2903: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthori

CVE-2018-2901 [LOW] CVE-2018-2901: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via DHCP to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a parti

CVE-2018-3639 [MEDIUM] CWE-203 CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory rea Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVE-2018-2754 [HIGH] CVE-2018-2754: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: ZVNET Dri Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: ZVNET Driver). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthoriz

CVE-2018-2718 [HIGH] CVE-2018-2718: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Sup Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or f

CVE-2018-2764 [HIGH] CVE-2018-2764: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or

CVE-2018-2753 [MEDIUM] CVE-2018-2753: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Python mo Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Python modules). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person o

CVE-2018-2563 [MEDIUM] CVE-2018-2563: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LDAP Libr Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LDAP Library). Supported versions that are affected are 10 and 11.3. Difficult to exploit vulnerability allows low privileged attacker with network access via LDAP to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert

CVE-2018-2808 [MEDIUM] CVE-2018-2808: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than t

CVE-2018-2763 [LOW] CVE-2018-2763: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NTPD). Th Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NTPD). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update,

CVE-2018-1171 [HIGH] CWE-787 CVE-2018-1171: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joye This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results fro

CVE-2018-1165 [HIGH] CWE-122 CVE-2018-1165: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joye This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMB_IOC_SVCENUM IOCTL. The issue result

CVE-2018-2578 [HIGH] CVE-2018-2578: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than

CVE-2018-2710 [HIGH] CVE-2018-2710: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 10. Easily exploitable vulnerability allows unauthenticated attacker with network access via ICMP to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or freque

CVE-2018-2577 [MEDIUM] CVE-2018-2577: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized acc

CVE-2018-2717 [MEDIUM] CVE-2018-2717: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Pla Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a pers

CVE-2018-2560 [MEDIUM] CVE-2018-2560: Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other tha