The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle Solaris

Thunderbird: information disclosure via STARTTLS IMAP PREAUTH unencrypted
An attacker can bypass access restrictions to data via STARTTLS IMAP PREAUTH unencrypted of Thunderbird, in order to obtain sensitive information...
CERTFR-2020-AVI-344, CVE-2020-12398, DLA-2247-1, DSA-4702-1, FEDORA-2020-19e5635ee3, FEDORA-2020-5f7f8fcbce, MFSA2020-22, openSUSE-SU-2020:0799-1, RHSA-2020:2611-01, RHSA-2020:2613-01, RHSA-2020:2614-01, RHSA-2020:2615-01, RHSA-2020:2616-01, SSA:2020-156-01, SUSE-SU-2020:1591-2, USN-4421-1, VIGILANCE-VUL-32444
Mozilla NSS: vulnerability via DSA Exponentiation
A vulnerability via DSA Exponentiation of Mozilla NSS was announced...
CERTFR-2020-AVI-344, CVE-2020-12399, DLA-2243-1, DLA-2247-1, DLA-2266-1, DSA-4695-1, DSA-4702-1, DSA-4726-1, FEDORA-2020-0fc1639c88, FEDORA-2020-19e5635ee3, FEDORA-2020-5f7f8fcbce, FEDORA-2020-7e974bd2bb, MFSA2020-21, MFSA2020-22, openSUSE-SU-2020:0854-1, SSA:2020-156-01, SSA:2020-189-01, SUSE-SU-2020:14418-1, SUSE-SU-2020:1677-1, SUSE-SU-2020:1839-1, USN-4383-1, USN-4397-1, USN-4397-2, USN-4421-1, VIGILANCE-VUL-32310
Wireshark: denial of service via NFS
An attacker can send malicious NFS packets to Wireshark, in order to trigger a denial of service...
CERTFR-2020-AVI-303, CVE-2020-13164, FEDORA-2020-4f5588cf97, FEDORA-2020-ca3d3f15f0, openSUSE-SU-2020:1188-1, SUSE-SU-2020:2144-1, VIGILANCE-VUL-32308, wnpa-sec-2020-08
json-c: memory corruption
An attacker can trigger a memory corruption of json-c, in order to trigger a denial of service, and possibly to run code...
CVE-2020-12762, DLA-2228-1, DLA-2228-2, DLA-2301-1, DSA-4741-1, USN-4360-1, USN-4360-2, USN-4360-3, USN-4360-4, VIGILANCE-VUL-32277
libexif12: denial of service
An attacker can trigger a fatal error of libexif12, in order to trigger a denial of service...
CVE-2020-12767, DLA-2214-1, openSUSE-SU-2020:0793-1, SSA:2020-140-02, SUSE-SU-2020:1534-1, SUSE-SU-2020:1553-2, USN-4358-1, VIGILANCE-VUL-32272
GNU Mailman: Cross Site Scripting via Options Content Injection
An attacker can trigger a Cross Site Scripting via Options Content Injection of GNU Mailman, in order to run JavaScript code in the context of the web site...
CVE-2020-12108, DLA-2204-1, DLA-2276-1, FEDORA-2020-62f2df3ca4, openSUSE-SU-2020:0661-1, openSUSE-SU-2020:0764-1, USN-4354-1, VIGILANCE-VUL-32209
OpenLDAP: denial of service via search filters
An attacker can trigger a fatal error via search filters of OpenLDAP, in order to trigger a denial of service...
CVE-2020-12243, DLA-2199-1, DSA-4666-1, openSUSE-SU-2020:0647-1, SUSE-SU-2020:1193-1, SUSE-SU-2020:1210-1, SUSE-SU-2020:1219-1, SUSE-SU-2020:14358-1, USN-4352-1, USN-4352-2, VIGILANCE-VUL-32124
Qt: external XML entity injection
An attacker can transmit malicious XML data to Qt, in order to read a file, scan sites, or trigger a denial of service...
CVE-2015-9541, FEDORA-2020-3069e44be5, VIGILANCE-VUL-32098
mailman: Cross Site Scripting via attachement
An attacker can trigger a Cross Site Scripting via attachement of mailman, in order to run JavaScript code in the context of the web site...
CVE-2020-12137, DLA-2200-1, DSA-4664-1, FEDORA-2020-20b748e81e, FEDORA-2020-69f2f1d987, SUSE-SU-2020:14356-1, USN-4348-1, VIGILANCE-VUL-32097
Squid cache: buffer overflow via ESI
An attacker can trigger a buffer overflow via ESI of Squid cache, in order to trigger a denial of service, and possibly to run code...
CERTFR-2020-AVI-239, CVE-2019-12519, CVE-2019-12521, DLA-2278-1, DLA-2278-2, DSA-4682-1, openSUSE-SU-2020:0623-1, RHSA-2020:2038-01, RHSA-2020:2039-01, RHSA-2020:2040-01, RHSA-2020:2041-01, SQUID-2019:12, SQUID-2020:4, SUSE-SU-2020:1134-1, SUSE-SU-2020:1156-1, SUSE-SU-2020:1227-1, USN-4356-1, VIGILANCE-VUL-32087
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Solaris: