The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Oracle Solaris

ncurses: out-of-bounds memory reading via fmt_entry
An attacker can force a read at an invalid address via fmt_entry() of ncurses, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2019-17595, openSUSE-SU-2019:2550-1, openSUSE-SU-2019:2551-1, SUSE-SU-2019:2997-1, SUSE-SU-2019:3094-1, VIGILANCE-VUL-30902
ncurses: out-of-bounds memory reading via _nc_find_entry
An attacker can force a read at an invalid address via _nc_find_entry() of ncurses, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2019-17594, openSUSE-SU-2019:2550-1, openSUSE-SU-2019:2551-1, SUSE-SU-2019:2997-1, SUSE-SU-2019:3094-1, VIGILANCE-VUL-30901
ImageMagick: use after free via UnmapBlob
An attacker can force the usage of a freed memory area via UnmapBlob() of ImageMagick, in order to trigger a denial of service, and possibly to run code...
CVE-2019-14980, FEDORA-2020-f006145643, openSUSE-SU-2019:2515-1, openSUSE-SU-2019:2519-1, SUSE-SU-2019:2785-2, SUSE-SU-2019:2896-1, VIGILANCE-VUL-30780
libarchive: use after free via archive_read_format_rar_read_data
An attacker can force the usage of a freed memory area via archive_read_format_rar_read_data() of libarchive, in order to trigger a denial of service, and possibly to run code...
CVE-2019-18408, DLA-1971-1, DSA-4557-1, openSUSE-SU-2019:2615-1, openSUSE-SU-2019:2632-1, SUSE-SU-2019:3092-1, SUSE-SU-2019:3093-1, USN-4169-1, VIGILANCE-VUL-30720
file: buffer overflow via cdf_read_property_info
An attacker can trigger a buffer overflow via cdf_read_property_info() of file, in order to trigger a denial of service, and possibly to run code...
CVE-2019-18218, DSA-4550-1, FEDORA-2019-18036b898e, FEDORA-2019-97dcb2762a, USN-4172-1, USN-4172-2, VIGILANCE-VUL-30702
libxslt: buffer overflow via xsltCopyText
An attacker can trigger a buffer overflow via xsltCopyText() of libxslt, in order to trigger a denial of service, and possibly to run code...
CVE-2019-18197, DLA-1973-1, USN-4164-1, VIGILANCE-VUL-30693
Oracle Solaris: vulnerabilities of October 2019
Several vulnerabilities were announced in Oracle products...
CERTFR-2019-AVI-510, cpuoct2019, CVE-2019-2765, CVE-2019-2961, CVE-2019-3008, CVE-2019-3010, VIGILANCE-VUL-30637
GNU Aspell: out-of-bounds memory reading via acommon-unescape
An attacker can force a read at an invalid address via acommon::unescape() of GNU Aspell, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2019-17544, DLA-1966-1, USN-4155-1, USN-4155-2, VIGILANCE-VUL-30630
libiberty: denial of service via cplus_demangle_type
An attacker can trigger a fatal error via cplus_demangle_type() of libiberty, in order to trigger a denial of service...
bulletinapr2019, CVE-2018-17985, openSUSE-SU-2019:2415-1, openSUSE-SU-2019:2432-1, SUSE-SU-2019:2650-1, VIGILANCE-VUL-30620
Sudo: privilege escalation via Runas User -1
An attacker can bypass restrictions via Runas User -1 of Sudo, in order to escalate his privileges...
CVE-2019-14287, DLA-1964-1, DSA-2019-201, DSA-4543-1, FEDORA-2019-72755db9c7, FEDORA-2019-9cb221f2be, openSUSE-SU-2019:2316-1, openSUSE-SU-2019:2333-1, RHSA-2019:3197-01, RHSA-2019:3204-01, RHSA-2019:3205-01, RHSA-2019:3209-01, RHSA-2019:3219-01, RHSA-2019:3278-01, RHSA-2019:3694-01, RHSA-2019:3754-01, RHSA-2019:3755-01, RHSA-2019:3895-01, RHSA-2019:4191-01, SSA:2019-287-01, SUSE-SU-2019:14193-1, SUSE-SU-2019:2656-1, SUSE-SU-2019:2666-1, SUSE-SU-2019:2667-1, SUSE-SU-2019:2668-1, USN-4154-1, VIGILANCE-VUL-30611
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Solaris: