The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle Solaris

usrsctp: out-of-bounds memory reading via sctp_load_addresses_from_init
An attacker can force a read at an invalid address via sctp_load_addresses_from_init() of usrsctp, in order to trigger a denial of service, or to obtain sensitive information...
ADV200002, bulletinapr2020, CVE-2019-20503, DLA-2140-1, DLA-2150-1, DSA-4639-1, DSA-4642-1, DSA-4645-1, FEDORA-2020-18f712ef2d, FEDORA-2020-39e0b8bd14, FEDORA-2020-b00f3fbb69, HT201222, HT211168, MFSA-2020-08, MFSA2020-08, MFSA-2020-09, MFSA2020-09, MFSA-2020-10, MFSA2020-10, openSUSE-SU-2020:0340-1, openSUSE-SU-2020:0365-1, openSUSE-SU-2020:0366-1, openSUSE-SU-2020:0389-1, RHSA-2020:0815-01, RHSA-2020:0816-01, RHSA-2020:0819-01, RHSA-2020:0820-01, RHSA-2020:0905-01, RHSA-2020:0914-01, RHSA-2020:0918-01, RHSA-2020:0919-01, RHSA-2020:1270-01, SSA:2020-070-01, SSA:2020-073-01, SUSE-SU-2020:0686-1, SUSE-SU-2020:0717-1, SUSE-SU-2020:0721-1, SUSE-SU-2020:14312-1, USN-4299-1, USN-4328-1, USN-4335-1, VIGILANCE-VUL-31834
tcpdump: out-of-bounds memory reading via EXTRACT_32BITS
An attacker can force a read at an invalid address via EXTRACT_32BITS() of tcpdump, in order to trigger a denial of service, or to obtain sensitive information...
bulletinapr2020, CVE-2018-14466, CVE-2018-19325-REJECT, DLA-1955-1, DLA-1967-1, DSA-2019-168, DSA-2019-169, DSA-4547-1, FEDORA-2019-6db0d5b9d9, FEDORA-2019-85d92df70f, FEDORA-2019-b92ce3144a, FEDORA-2019-d06bc63433, FEDORA-2019-eaa681d33e, HT210788, K04367730, K44551633, K56551263, K86252029, openSUSE-SU-2019:2343-1, openSUSE-SU-2019:2344-1, openSUSE-SU-2019:2345-1, openSUSE-SU-2019:2348-1, SSA:2019-274-01, SUSE-SU-2019:14191-1, SUSE-SU-2019:2669-1, SUSE-SU-2019:2674-1, USN-4221-1, USN-4221-2, USN-4252-1, USN-4252-2, VIGILANCE-VUL-31803
Django: SQL injection via Tolerance Parameter
An attacker can use a SQL injection via Tolerance Parameter of Django, in order to read or alter data...
CVE-2020-9402, USN-4296-1, VIGILANCE-VUL-31723
Libarchive: out-of-bounds memory reading via archive_wstring_append_from_mbs
An attacker can force a read at an invalid address via archive_wstring_append_from_mbs() of Libarchive, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2019-19221, USN-4293-1, VIGILANCE-VUL-31716
Wireshark: four vulnerabilities
An attacker can use several vulnerabilities of Wireshark...
bulletinapr2020, CERTFR-2020-AVI-117, CVE-2020-9428, CVE-2020-9429, CVE-2020-9430, CVE-2020-9431, FEDORA-2020-87737529a4, FEDORA-2020-da7dcee2ec, openSUSE-SU-2020:0362-1, SUSE-SU-2020:0693-1, VIGILANCE-VUL-31695, wnpa-sec-2020-03, wnpa-sec-2020-04, wnpa-sec-2020-05, wnpa-sec-2020-06
Apache Tomcat: information disclosure via Reverse Proxy Transfer-Encoding End-of-line HTTP Request Smuggling
An attacker can bypass access restrictions to data via Reverse Proxy Transfer-Encoding End-of-line HTTP Request Smuggling of Apache Tomcat, in order to obtain sensitive information...
bulletinapr2020, CVE-2020-1935, DLA-2133-1, DLA-2209-1, DSA-4673-1, DSA-4680-1, openSUSE-SU-2020:0345-1, SUSE-SU-2020:0598-1, SUSE-SU-2020:0631-1, SUSE-SU-2020:0632-1, VIGILANCE-VUL-31663
Apache Tomcat: information disclosure via Reverse Proxy Transfer-Encoding Header HTTP Request Smuggling
An attacker can bypass access restrictions to data via Reverse Proxy Transfer-Encoding Header HTTP Request Smuggling of Apache Tomcat, in order to obtain sensitive information...
bulletinapr2020, CVE-2019-17569, DLA-2133-1, DSA-4673-1, DSA-4680-1, openSUSE-SU-2020:0345-1, SUSE-SU-2020:0598-1, SUSE-SU-2020:0631-1, SUSE-SU-2020:0632-1, VIGILANCE-VUL-31662
GNU Aspell: out-of-bounds memory reading via ASPELL_CONF UCS
An attacker can force a read at an invalid address via ASPELL_CONF UCS of GNU Aspell, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2019-20433, SUSE-SU-2020:0397-1, SUSE-SU-2020:14289-1, VIGILANCE-VUL-31622
libexif: integer overflow via exif-data.c
An attacker can trigger an integer overflow via exif-data.c of libexif, in order to trigger a denial of service, and possibly to run code...
CVE-2019-9278, DLA-2100-1, DSA-4618-1, openSUSE-SU-2020:0264-1, SSA:2020-140-02, SUSE-SU-2020:0457-1, SUSE-SU-2020:0458-1, SUSE-SU-2020:14294-1, USN-4277-1, VIGILANCE-VUL-31543
Django: SQL injection via StringAgg
An attacker can use a SQL injection via StringAgg of Django, in order to read or alter data...
CVE-2020-7471, DSA-4629-1, USN-4264-1, VIGILANCE-VUL-31500
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Solaris: