The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle Solaris

Skia: information disclosure via Timing Side-channel drawImage
An attacker can bypass access restrictions to data via Timing Side-channel drawImage() of Skia, in order to obtain sensitive information...
CERTFR-2020-AVI-766, CVE-2020-16012, DLA-2457-1, DLA-2464-1, DSA-4793-1, DSA-4796-1, DSA-4824-1, FEDORA-2020-10ec8aca61, FEDORA-2020-24bedcb95c, FEDORA-2020-3e005ce2e0, FEDORA-2020-9493cfc1ac, FEDORA-2020-b4b9280811, FEDORA-2020-f9f7305137, MFSA2020-50, MFSA2020-51, MFSA2020-52, openSUSE-SU-2020:2010-1, openSUSE-SU-2020:2012-1, openSUSE-SU-2020:2020-1, openSUSE-SU-2020:2021-1, openSUSE-SU-2020:2026-1, openSUSE-SU-2020:2031-1, openSUSE-SU-2020:2032-1, openSUSE-SU-2020:2055-1, openSUSE-SU-2020:2096-1, openSUSE-SU-2020:2187-1, openSUSE-SU-2020:2315-1, RHSA-2020:5231-01, RHSA-2020:5232-01, RHSA-2020:5233-01, RHSA-2020:5234-01, RHSA-2020:5235-01, RHSA-2020:5236-01, RHSA-2020:5237-01, RHSA-2020:5238-01, RHSA-2020:5239-01, RHSA-2020:5240-01, RHSA-2020:5257-01, RHSA-2020:5314-01, SUSE-SU-2020:14548-1, SUSE-SU-2020:3383-1, SUSE-SU-2020:3458-1, SUSE-SU-2020:3528-1, SUSE-SU-2020:3548-1, USN-4637-1, USN-4637-2, USN-4647-1, VIGILANCE-VUL-33923
Python Waitress: information disclosure via HTTP Request Smuggling
An attacker can bypass access restrictions to data via HTTP Request Smuggling of Python Waitress, in order to obtain sensitive information...
CVE-2019-16785, CVE-2019-16786, CVE-2019-16789, CVE-2019-16792, openSUSE-SU-2020:1911-1, openSUSE-SU-2020:1922-1, SUSE-SU-2020:3269-1, VIGILANCE-VUL-33880
Wireshark: two vulnerabilities
An attacker can use several vulnerabilities of Wireshark...
CERTFR-2020-AVI-697, CVE-2020-26575, CVE-2020-28030, FEDORA-2020-4cff262f07, FEDORA-2020-d4344dd12f, openSUSE-SU-2020:2076-1, openSUSE-SU-2020:2107-1, SUSE-SU-2020:3376-1, VIGILANCE-VUL-33746, wnpa-sec-2020-14, wnpa-sec-2020-15
tmux: buffer overflow via input_csi_dispatch_sgr_colon
An attacker can trigger a buffer overflow via input_csi_dispatch_sgr_colon() of tmux, in order to trigger a denial of service, and possibly to run code...
CVE-2020-27347, openSUSE-SU-2020:1834-1, USN-4618-1, VIGILANCE-VUL-33740
Oracle MySQL: vulnerabilities of October 2020
Several vulnerabilities were announced in Oracle products...
CERTFR-2020-AVI-664, cpuoct2020, CVE-2020-14672, CVE-2020-14760, CVE-2020-14765, CVE-2020-14769, CVE-2020-14771, CVE-2020-14773, CVE-2020-14775, CVE-2020-14776, CVE-2020-14777, CVE-2020-14785, CVE-2020-14786, CVE-2020-14789, CVE-2020-14790, CVE-2020-14791, CVE-2020-14793, CVE-2020-14794, CVE-2020-14799, CVE-2020-14800, CVE-2020-14804, CVE-2020-14809, CVE-2020-14812, CVE-2020-14814, CVE-2020-14821, CVE-2020-14827, CVE-2020-14828, CVE-2020-14829, CVE-2020-14830, CVE-2020-14836, CVE-2020-14837, CVE-2020-14838, CVE-2020-14839, CVE-2020-14844, CVE-2020-14845, CVE-2020-14846, CVE-2020-14848, CVE-2020-14852, CVE-2020-14853, CVE-2020-14860, CVE-2020-14861, CVE-2020-14866, CVE-2020-14867, CVE-2020-14868, CVE-2020-14869, CVE-2020-14870, CVE-2020-14873, CVE-2020-14878, CVE-2020-14888, CVE-2020-14891, CVE-2020-14893, FEDORA-2020-561eed63ef, FEDORA-2020-ac2d47d89a, FEDORA-2020-b995eb2973, NTAP-20201023-0003, openSUSE-SU-2020:2090-1, openSUSE-SU-2020:2149-1, openSUSE-SU-2020:2254-1, RHSA-2020:5246-01, RHSA-2020:5500-01, RHSA-2020:5654-01, RHSA-2020:5663-01, RHSA-2020:5665-01, SUSE-SU-2020:3497-1, SUSE-SU-2020:3500-1, SUSE-SU-2020:3564-1, USN-4604-1, VIGILANCE-VUL-33648
usersctp: use after free via sctp_process_a_data_chunk
An attacker can force the usage of a freed memory area via sctp_process_a_data_chunk() of usersctp, in order to trigger a denial of service, and possibly to run code...
ADV200002, CVE-2020-15969, DLA-2411-1, DLA-2416-1, DSA-4778-1, DSA-4780-1, DSA-4824-1, FEDORA-2020-127d40f1ab, FEDORA-2020-4e8e48da22, FEDORA-2020-8aca25b5c8, FEDORA-2020-aba1d14e9e, HT212003, MFSA2020-45, MFSA2020-46, openSUSE-SU-2020:1705-1, openSUSE-SU-2020:1715-1, openSUSE-SU-2020:1731-1, openSUSE-SU-2020:1732-1, openSUSE-SU-2020:1748-1, openSUSE-SU-2020:1780-1, openSUSE-SU-2020:1785-1, openSUSE-SU-2020:1829-1, RHSA-2020:4235-01, RHSA-2020:4310-01, RHSA-2020:4311-01, RHSA-2020:4315-01, RHSA-2020:4317-01, RHSA-2020:4330-01, RHSA-2020:4909-01, RHSA-2020:4913-01, RHSA-2020:4944-01, RHSA-2020:4945-01, RHSA-2020:4947-01, RHSA-2020:4948-01, SUSE-SU-2020:14522-1, SUSE-SU-2020:3021-1, SUSE-SU-2020:3022-1, SUSE-SU-2020:3053-1, SUSE-SU-2020:3091-1, USN-4599-1, USN-4599-2, USN-4599-3, USN-4647-1, VIGILANCE-VUL-33635
Apache Tomcat: information disclosure via HTTP/2 Concurrent Streams Request Mix-up
An attacker can bypass access restrictions to data via HTTP/2 Concurrent Streams Request Mix-up of Apache Tomcat, in order to obtain sensitive information...
CVE-2020-13943, DLA-2407-1, DSA-2021-001, openSUSE-SU-2020:1799-1, openSUSE-SU-2020:1842-1, SUSE-SU-2020:2996-1, SUSE-SU-2020:3068-1, SUSE-SU-2020:3069-1, VIGILANCE-VUL-33544
Oniguruma: buffer overflow via concat_opt_exact_str
An attacker can trigger a buffer overflow via concat_opt_exact_str() of Oniguruma, in order to trigger a denial of service, and possibly to run code...
CVE-2020-26159, FEDORA-2020-952c499e9d, FEDORA-2020-d53469eceb, VIGILANCE-VUL-33531
WEBrick: information disclosure via Transfer-Encoding Header Smuggling
An attacker can bypass access restrictions to data via Transfer-Encoding Header Smuggling of WEBrick, in order to obtain sensitive information...
CVE-2020-25613, DLA-2391-1, DLA-2392-1, VIGILANCE-VUL-33468
PHP: information disclosure via __Host- Cookie Names
An attacker can bypass access restrictions to data via __Host- Cookie Names of PHP, in order to obtain sensitive information...
CERTFR-2020-AVI-615, CVE-2020-7070, DLA-2397-1, FEDORA-2020-4fe6b116e5, FEDORA-2020-94763cb98b, openSUSE-SU-2020:1703-1, openSUSE-SU-2020:1767-1, SUSE-SU-2020:14516-1, SUSE-SU-2020:2894-1, SUSE-SU-2020:2896-1, SUSE-SU-2020:2920-1, SUSE-SU-2020:2941-1, SUSE-SU-2020:2943-1, SUSE-SU-2020:2997-1, USN-4583-1, USN-4583-2, VIGILANCE-VUL-33467
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Solaris: