📦

opensolaris

Vendor: sun

Actively Exploited 0 CISA KEV List

PoC / Exploits 10 Code Available

Total RCEs 8 Remote Access

Total CVEs 1008 Total Indexed

Avg. EPSS 1.24% Exploit Prob.

Latest CVE CVE-2016-1314 Mar 28

Security Vulnerability Index

Page 1 / 101

6.1 CVSS

CVE-2016-1314

Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (CDM) 8.1(1) allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux80760.

EPSS: 0.19%

Severity: MEDIUM

Mar 28, 2016

7.5 CVSS

CVE-2016-1350

Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.

EPSS: 1.71%

Severity: HIGH

Mar 26, 2016

7.5 CVSS

CVE-2016-1349

The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.

EPSS: 0.71%

Severity: HIGH

Mar 26, 2016

7.5 CVSS

CVE-2016-1348

Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.

EPSS: 0.52%

Severity: HIGH

Mar 26, 2016

5.9 CVSS

CVE-2016-1344

The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.

EPSS: 2.84%

Severity: MEDIUM

Mar 26, 2016

6.1 CVSS

CVE-2016-1331

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 11.5(0.99833.5) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy10766.

EPSS: 0.25%

Severity: MEDIUM

Feb 15, 2016

5.3 CVSS

CVE-2016-1319

Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958.

EPSS: 0.16%

Severity: MEDIUM

Feb 09, 2016

6.1 CVSS

CVE-2016-1310

Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033.

EPSS: 0.25%

Severity: MEDIUM

Feb 06, 2016

6.1 CVSS

CVE-2016-1306

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Fog Director 1.0(0) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux80466.

EPSS: 0.25%

Severity: MEDIUM

Feb 06, 2016

8.5 CVSS

CVE-2008-7300

The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone.

EPSS: 0.27%

Severity: HIGH

Oct 05, 2011

Displaying 10 of 1008 Total Entries

1 2 3 4 5 ... 101

Total 101 Sections