Latest oracle solaris Vulnerabilities

CVE-2024-20946
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with ...
Oracle Solaris=11
CVE-2024-20920
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker w...
Oracle Solaris=11
CVE-2023-22129
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with ...
Oracle Solaris=11
CVE-2023-22128
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows unauthenticated a...
Oracle Solaris=10
Oracle Solaris=11
CVE-2023-1995
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-2...
Hitachi Hirdb Server With Additional Function>=09-00<=09-00-2d
Hitachi Hirdb Server With Additional Function>=09-01<=09-01-\/x
Hitachi Hirdb Server With Additional Function>=09-02<=09-02-2f
Hitachi Hirdb Server With Additional Function>=09-03<=09-03-2a
Hitachi Hirdb Server With Additional Function>=09-04<=09-04-2s
Hitachi Hirdb Server With Additional Function>=09-50<=09-50-2k
and 40 more
CVE-2023-28513
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caus...
IBM MQ=9.0.0.0
IBM MQ=9.1.0.0
IBM MQ=9.2.0
IBM MQ=9.2.0
IBM MQ=9.3.0
IBM MQ=9.3.0
and 15 more
CVE-2023-22023
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device Driver Interface). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileg...
Oracle Solaris=11
CVE-2022-4146
Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02.
Hitachi Replication Manager<8.8.5-02
Linux Linux kernel
Microsoft Windows
Oracle Solaris
CVE-2023-29259
IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID: 252055.
IBM Sterling Connect:Express for UNIX<=1.5.x
Ibm Sterling Connect\=express_for_unix-1.5.0
IBM AIX
Linux Linux kernel
Microsoft Windows
Oracle Solaris
CVE-2021-38933
IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210574.
IBM Sterling Connect:Express for UNIX<=1.5.x
Ibm Sterling Connect\<1.5.0.1609
IBM AIX
Linux Linux kernel
Oracle Solaris
CVE-2023-29260
IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leadi...
Ibm Sterling Connect\=express_for_unix-1.5.0
IBM AIX
Linux Linux kernel
Microsoft Windows
Oracle Solaris
IBM Sterling Connect:Express for UNIX<=1.5.x
CVE-2023-30446
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253361 ...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-23487
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to insufficient audit logging. IBM X-Force ID: 245918.
Ibm Db2=11.1
Ibm Db2=11.5
IBM AIX
Linux Linux kernel
Microsoft Windows
Oracle Solaris
and 2 more
CVE-2023-27867
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code via JNDI Injection. By sending a specially crafted re...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-30445
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253357.
IBM IBM® Db2®<=10.5.0.11
IBM IBM® Db2®<=11.1.4.7
IBM IBM® Db2®<=11.5.x
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
and 5 more
CVE-2023-30431
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow the bu...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-27868
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked class instantia...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-27869
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked logger injectio...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-30448
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253437.
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-30449
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 253439.
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-30447
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253436.
IBM IBM® Db2®<=10.5.0.11
IBM IBM® Db2®<=11.1.4.7
IBM IBM® Db2®<=11.5.x
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
and 5 more
CVE-2023-30442
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper usi...
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
Microsoft Windows
and 3 more
CVE-2023-29256
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to an information disclosure due to improper privilege management when certain federation features ...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-28950
IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358.
IBM MQ=8.0.0.0
IBM MQ=9.0.0.0
IBM MQ=9.1.0.0
IBM MQ=9.2.0
IBM MQ=9.2.0
IBM MQ=9.3.0
and 7 more
CVE-2023-28514
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398.
IBM MQ=8.0.0.0
IBM MQ=9.0.0.0
IBM MQ=9.1.0
IBM MQ=9.1.0.0
HP HP-UX
IBM AIX
and 8 more
CVE-2023-22003
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attack...
Oracle Solaris=10
Oracle Solaris=11
CVE-2023-21984
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Libraries). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker wi...
Oracle Solaris=11
CVE-2023-21985
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attack...
Oracle Solaris=10
Oracle Solaris=11
CVE-2023-21928
Vulnerability in the Oracle Solaris product of Oracle Systems (component: IPS repository daemon). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privile...
Oracle Solaris=11
CVE-2023-21896
Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged atta...
Oracle Solaris=10
Oracle Solaris=11
CVE-2023-26283
IBM WebSphere Application Server 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality po...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
IBM i
Ibm Z\/os
and 3 more
CVE-2023-26281
IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296.
IBM HTTP Server<=8.5
IBM HTTP Server=8.5.0.0
HP HP-UX
IBM AIX
Ibm Z\/os
Linux Linux kernel
and 2 more
CVE-2022-43929
IBM Db2 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command.
Ibm Db2=11.1
Ibm Db2=11.1
Ibm Db2=11.1
Ibm Db2=11.5
Ibm Db2=11.5
Ibm Db2=11.5
and 5 more
CVE-2022-43927
IBM Db2 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used.
Ibm Db2=10.5
Ibm Db2=10.5
Ibm Db2=10.5
Ibm Db2=11.1
Ibm Db2=11.1
Ibm Db2=11.1
and 8 more
CVE-2022-42436
IBM MQ Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files.
IBM MQ<=8.0
IBM MQ<=9.0 LTS
IBM MQ<=9.1 CD
IBM MQ<=9.1 LTS
IBM MQ<=9.2 CD
IBM MQ<=9.2 LTS
and 16 more
CVE-2023-23477
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects. IBM X-Force ID: ...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server=8.5
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
and 5 more
CVE-2022-43917
IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the con...
IBM WebSphere Application Server - traditional container<=9.0
IBM WebSphere Application Server - traditional container<=8.5
Ibm Websphere Application Server=8.5
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
and 5 more
CVE-2023-21900
Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged att...
Oracle Solaris=10
Oracle Solaris=11
CVE-2019-9579
An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. The SMB server allows an attacker to have unintended access, e.g., an attacker with WRITE_XATTR can chang...
Illumos Illumos
Nexenta NexentaStor=4.0.5
Nexenta NexentaStor=5.1.2
Oracle Solaris=11
CVE-2021-43395
An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can c...
Illumos Illumos<2022-01-18
Omniosce Omnios=r151038
Openindiana Openindiana=hipster_2021.04
Joyent SmartOS=20210923
Oracle Solaris=10
Oracle Solaris=11
CVE-2022-35646
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM...
IBM Security Verify Governance=10.0.1
IBM AIX
Linux Linux kernel
Microsoft Windows
Oracle Solaris
CVE-2022-31772
IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335.
IBM MQ=8.0.0.0
IBM MQ=9.0.0.0
IBM MQ=9.1.0
IBM MQ=9.1.0.0
IBM MQ=9.2.0
IBM MQ=9.2.0
and 8 more
CVE-2022-40750
IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functio...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server=8.5
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
and 5 more
CVE-2022-43752
** UNSUPPORTED WHEN ASSIGNED ** Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. A low privileged user can escala...
Common Desktop Environment Project Common Desktop Environment
Oracle Solaris=10
Common Desktop Environment Project Common Desktop Environment
Oracle Solaris=10
CVE-2022-39417
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker wit...
Oracle Solaris=11
CVE-2022-39401
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with lo...
Oracle Solaris=11
CVE-2022-21610
Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDoms). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with l...
Oracle Solaris=11
CVE-2022-38712
"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Forc...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server<=8.0
Ibm Websphere Application Server<=7.0
Ibm Websphere Application Server>=7.0.0.0<7.0.0.45
Ibm Websphere Application Server>=8.0.0.0<8.0.0.15
and 9 more
CVE-2022-22483
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when...
Ibm Db2=9.7.0.0
Ibm Db2=9.7.0.0
Ibm Db2=9.7.0.0
Ibm Db2=10.1
Ibm Db2=10.1
Ibm Db2=10.1
and 14 more
CVE-2022-35637
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823.
Ibm Db2=10.5
Ibm Db2=10.5
Ibm Db2=10.5
Ibm Db2=11.1
Ibm Db2=11.1
Ibm Db2=11.1
and 8 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203