Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0773 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in Solaris lpset program allows local users to gain root access.
|
|||||
| CVE-2002-1585 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service via certain packets that cause some network interfaces to stop responding to TCP traffic.
|
|||||
| CVE-2006-0161 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown impact and attack vectors. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2004-0780.
|
|||||
| CVE-2004-0742 | 1 Sun | 1 Java System Calendar Server | 2025-04-03 | 10.0 HIGH | N/A |
|
Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view.
|
|||||
| CVE-1999-1413 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg.
|
|||||
| CVE-2001-0701 | 1 Sun | 1 Sunvts | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and earlier allows a local user to gain privileges via a long -o argument.
|
|||||
| CVE-1999-0833 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in BIND 8.2 via NXT records.
|
|||||
| CVE-2006-3117 | 2 Openoffice, Sun | 2 Openoffice, Staroffice | 2025-04-03 | 7.6 HIGH | N/A |
|
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
|
|||||
| CVE-2004-0653 | 1 Sun | 1 Solaris | 2025-04-03 | 2.1 LOW | N/A |
|
Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files.
|
|||||
| CVE-2006-2930 | 1 Sun | 2 Grid Engine, N1 Grid Engine | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in Sun Grid Engine 5.3 and Sun N1 Grid Engine 6.0, when configured in Certificate Security Protocol (CSP) Mode, allows local users to shut down the grid service or gain access, even if access is denied.
|
|||||
| CVE-1999-0136 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access.
|
|||||
| CVE-2001-0077 | 1 Sun | 1 Cluster | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The clustmon service in Sun Cluster 2.x does not require authentication, which allows remote attackers to obtain sensitive information such as system logs and cluster configurations.
|
|||||
| CVE-1999-0055 | 2 Ibm, Sun | 3 Aix, Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflows in Sun libnsl allow root access.
|
|||||
| CVE-2005-0742 | 1 Sun | 1 Java System Application Server | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
|||||
| CVE-2001-0190 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).
|
|||||
| CVE-1999-0517 | 2 Hp, Sun | 2 Hp-ux, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
|
An SNMP community name is the default (e.g. public), null, or missing.
|
|||||
| CVE-2001-0632 | 1 Sun | 1 Chilisoft | 2025-04-03 | 7.5 HIGH | N/A |
|
Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges.
|
|||||
| CVE-2003-1437 | 6 Bea, Hp, Ibm and 3 more | 8 Weblogic Server, Hp-ux, Aix and 5 more | 2025-04-03 | 2.1 LOW | N/A |
|
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.
|
|||||
| CVE-2004-0523 | 4 Mit, Sgi, Sun and 1 more | 7 Kerberos, Kerberos 5, Propack and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
|
|||||
| CVE-1999-0949 | 3 Sgi, Sun, Turbolinux | 4 Irix, Solaris, Sunos and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
|
|||||
| CVE-1999-1507 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash.
|
|||||
| CVE-1999-0440 | 2 Netscape, Sun | 3 Communicator, Navigator, Java | 2025-04-03 | 7.5 HIGH | N/A |
|
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
|
|||||
| CVE-2001-0236 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event.
|
|||||
| CVE-1999-1318 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs.
|
|||||
| CVE-2002-1871 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges.
|
|||||
| CVE-2005-4350 | 1 Sun | 1 Wbem Services | 2025-04-03 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 and A.02.x before A.02.00.08 on HP-UX B.11.00 through B.11.23 allows remote attackers to cause an unspecified denial of service via unknown attack vectors.
|
|||||
| CVE-2004-2540 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 5.0 MEDIUM | N/A |
|
readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data.
|
|||||
| CVE-2006-4773 | 1 Sun | 1 Storedge 6130 Arrays | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Sun StorEdge 6130 Array Controllers with firmware 06.12.10.11 and earlier allow remote attackers to cause a denial of service (controller reboot) via a flood of traffic on the LAN.
|
|||||
| CVE-1999-0952 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.
|
|||||
| CVE-1999-1584 | 1 Sun | 2 Openwindows, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586.
|
|||||
| CVE-2001-0421 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 6.4 MEDIUM | N/A |
|
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.
|
|||||
| CVE-1999-0303 | 4 Digital, Netbsd, Openbsd and 1 more | 5 Osf 1, Netbsd, Openbsd and 2 more | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
|
|||||
| CVE-2006-3968 | 1 Sun | 1 Solaris | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified.
|
|||||
| CVE-2002-1296 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.
|
|||||
| CVE-2006-4319 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.
|
|||||
| CVE-2002-1228 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.
|
|||||
| CVE-2004-1180 | 3 Debian, Mandrakesoft, Sun | 5 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
|
|||||
| CVE-1999-0691 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
|
|||||
| CVE-2002-0347 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.
|
|||||
| CVE-2006-4303 | 1 Sun | 1 Solaris | 2025-04-03 | 2.6 LOW | N/A |
|
Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun Solaris 10 allows remote attackers to cause a denial of service ("tight loop" and CPU consumption for listener applications) via unknown vectors related to TCP fusion (do_tcp_fusion).
|
|||||