Shodan
Vulnerabilities
Vulnerable Software
Oracle:  >> Solaris  >> 10  Security Vulnerabilities
CVE-2016-5118
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
CVSS Score
9.8
EPSS Score
0.493
Published
2016-06-10
CVE-2016-3718
Known exploited
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
CVSS Score
5.5
EPSS Score
0.769
Published
2016-05-05
CVE-2016-3715
Known exploited
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
CVSS Score
5.5
EPSS Score
0.754
Published
2016-05-05
CVE-2016-3441
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Filesystem.
CVSS Score
7.8
EPSS Score
0.004
Published
2016-04-21
CVE-2016-3419
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem.
CVSS Score
3.3
EPSS Score
0.003
Published
2016-04-21
CVE-2016-0693
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module.
CVSS Score
9.8
EPSS Score
0.033
Published
2016-04-21
CVE-2016-0676
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to the kernel.
CVSS Score
4.7
EPSS Score
0.003
Published
2016-04-21
CVE-2015-8629
The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.
CVSS Score
5.3
EPSS Score
0.037
Published
2016-02-13
CVE-2016-0535
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via vectors related to RPC.
CVSS Score
4.3
EPSS Score
0.016
Published
2016-01-21
CVE-2015-8000
db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.
CVSS Score
5.0
EPSS Score
0.547
Published
2015-12-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved