The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle Solaris

WebKitGTK: use after free via AudioSourceProviderGStreamer
An attacker can force the usage of a freed memory area via AudioSourceProviderGStreamer of WebKitGTK, in order to trigger a denial of service, and possibly to run code...
CVE-2020-13558, DSA-4854-1, FEDORA-2021-ab674d56bc, FEDORA-2021-e03b328043, openSUSE-SU-2021:0376-1, SUSE-SU-2021:0536-1, SUSE-SU-2021:0583-1, USN-4739-1, VIGILANCE-VUL-34601
OpenSSL: buffer overflow via EVP_XUpdate
An attacker can trigger a buffer overflow via EVP_XUpdate of OpenSSL, in order to trigger a denial of service, and possibly to run code...
6429603, CERTFR-2021-AVI-124, CERTFR-2021-AVI-187, cpuapr2021, CVE-2021-23840, DLA-2563-1, DLA-2565-1, DSA-4855-1, openSUSE-SU-2021:0357-1, openSUSE-SU-2021:0372-1, openSUSE-SU-2021:0427-1, openSUSE-SU-2021:0430-1, SUSE-SU-2021:0649-1, SUSE-SU-2021:0651-1, SUSE-SU-2021:0673-1, SUSE-SU-2021:0674-1, SUSE-SU-2021:0725-1, SUSE-SU-2021:0752-1, SUSE-SU-2021:0753-1, SUSE-SU-2021:0754-1, SUSE-SU-2021:0755-1, SUSE-SU-2021:0769-1, SUSE-SU-2021:0793-1, SUSE-SU-2021:0939-1, SUSE-SU-2021:14667-1, SUSE-SU-2021:14670-1, SYMSA17570, USN-4738-1, VIGILANCE-VUL-34597
Python urllib: data transit via parse_qsl
An attacker can bypass filtering rules via parse_qsl() of Python urllib, in order to transmit malicious data...
42967, CVE-2021-23336, DLA-2569-1, DLA-2619-1, DLA-2628-1, FEDORA-2021-1bb399a5af, FEDORA-2021-2897f5366c, FEDORA-2021-309bc2e727, FEDORA-2021-b326fcb83f, FEDORA-2021-b76ede8f4d, FEDORA-2021-ef83e8525a, NTAP-20210326-0004, openSUSE-SU-2021:0435-1, SUSE-SU-2021:0768-1, SUSE-SU-2021:0794-1, SUSE-SU-2021:0886-1, SUSE-SU-2021:0887-1, SUSE-SU-2021:0947-1, USN-4742-1, VIGILANCE-VUL-34588
OpenLDAP: assertion error via issuerAndThisUpdateCheck
An attacker can force an assertion error via issuerAndThisUpdateCheck() of OpenLDAP, in order to trigger a denial of service...
CVE-2021-27212, DLA-2574-1, DSA-4860-1, openSUSE-SU-2021:0408-1, SUSE-SU-2021:0692-1, SUSE-SU-2021:0693-1, SUSE-SU-2021:0723-1, SUSE-SU-2021:14700-1, USN-4744-1, VIGILANCE-VUL-34580
OpenJPEG: memory corruption via t2.c
An attacker can trigger a memory corruption via t2.c of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
CERTFR-2021-AVI-167, cpuapr2021, CVE-2020-27844, DLA-2550-1, openSUSE-SU-2021:0392-1, openSUSE-SU-2021:0401-1, VIGILANCE-VUL-34513
Privoxy: multiple vulnerabilities
An attacker can use several vulnerabilities of Privoxy...
CVE-2020-35502, CVE-2021-20209, CVE-2021-20210, CVE-2021-20211, CVE-2021-20212, CVE-2021-20213, CVE-2021-20214, CVE-2021-20215, CVE-2021-20216, CVE-2021-20217, DLA-2548-1, FEDORA-2021-6fe9346693, FEDORA-2021-f08e89a0d5, openSUSE-SU-2021:0265-1, openSUSE-SU-2021:0279-1, USN-4886-1, VIGILANCE-VUL-34497
PHP: NULL pointer dereference via SoapClient
An attacker can force a NULL pointer to be dereferenced via SoapClient of PHP, in order to trigger a denial of service...
80672, CERTFR-2021-AVI-084, CVE-2021-21702, DSA-4856-1, FEDORA-2021-6edfd606d3, FEDORA-2021-ae5a54ba78, openSUSE-SU-2021:0305-1, SUSE-SU-2021:0494-1, SUSE-SU-2021:0498-1, SUSE-SU-2021:0522-1, SUSE-SU-2021:0584-1, SUSE-SU-2021:14668-1, VIGILANCE-VUL-34488
Django: directory traversal via archive.extract
An attacker can traverse directories via archive.extract() of Django, in order to create a file outside the service root path...
CVE-2021-3281, DLA-2540-1, FEDORA-2021-5329c680f7, NTAP-20210226-0004, USN-4715-1, USN-4715-2, VIGILANCE-VUL-34447
Wireshark: two vulnerabilities via USB HID Dissector
An attacker can use several vulnerabilities via USB HID Dissector of Wireshark...
CERTFR-2021-AVI-069, CVE-2021-22173, CVE-2021-22174, FEDORA-2021-5522a34aa0, FEDORA-2021-f22ce64b3b, VIGILANCE-VUL-34446, wnpa-sec-2021-01, wnpa-sec-2021-02
Sudo: buffer overflow via Command Unescaping Backslashes
An attacker can trigger a buffer overflow via Command Unescaping Backslashes of Sudo, in order to trigger a denial of service, and possibly to run code...
6442607, CERTFR-2021-AVI-063, CERTFR-2021-AVI-108, cisco-sa-sudo-privesc-jan2021-qnYQfcM, CVE-2021-3156, DLA-2534-1, DSA-4839-1, FEDORA-2021-2cb63d912a, FEDORA-2021-8840cbdccd, HT212177, JSA11174, JSA11176, openSUSE-SU-2021:0169-1, openSUSE-SU-2021:0170-1, RHSA-2021:0218-01, RHSA-2021:0219-01, RHSA-2021:0220-01, RHSA-2021:0221-01, RHSA-2021:0222-01, RHSA-2021:0223-01, RHSA-2021:0224-01, RHSA-2021:0225-01, RHSA-2021:0226-01, RHSA-2021:0227-01, SB10348, SSA:2021-026-01, SUSE-SU-2021:0225-1, SUSE-SU-2021:0226-1, SUSE-SU-2021:0227-1, SUSE-SU-2021:0232-1, SUSE-SU-2021:0928-1, SUSE-SU-2021:1267-1, SUSE-SU-2021:1273-1, SUSE-SU-2021:1274-1, SUSE-SU-2021:1275-1, Synology-SA-21:02, USN-4705-1, USN-4705-2, VIGILANCE-VUL-34414
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Solaris: