Oracle: >> Solaris >> 10 Security Vulnerabilities
IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system.
CVSS Score
5.5
EPSS Score
0.003
Published
2017-02-01
The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.
CVSS Score
7.8
EPSS Score
0.005
Published
2017-01-27
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.
CVSS Score
8.1
EPSS Score
0.016
Published
2017-01-18
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.
CVSS Score
7.8
EPSS Score
0.148
Published
2016-12-13
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
CVSS Score
7.5
EPSS Score
0.063
Published
2016-12-13
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect integrity via vectors related to Kernel.
CVSS Score
4.1
EPSS Score
0.003
Published
2016-10-25
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors.
CVSS Score
5.0
EPSS Score
0.004
Published
2016-10-25
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86.
CVSS Score
7.8
EPSS Score
0.004
Published
2016-10-25
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via vectors related to Bash.
CVSS Score
2.8
EPSS Score
0.004
Published
2016-10-25
The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
CVSS Score
7.5
EPSS Score
0.264
Published
2016-09-16