Filtered by vendor Sun
Subscribe
Search
Total
1710 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5012 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 6.6 MEDIUM | N/A |
| Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors. | |||||
| CVE-2000-0055 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option. | |||||
| CVE-2000-0032 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 10.0 HIGH | N/A |
| Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database. | |||||
| CVE-2003-1076 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file. | |||||
| CVE-1999-0513 | 7 Digital, Freebsd, Hp and 4 more | 8 Unix, Freebsd, Hp-ux and 5 more | 2018-10-30 | 5.0 MEDIUM | N/A |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. | |||||
| CVE-2004-2764 | 1 Sun | 2 Jre, Sdk | 2018-10-30 | 10.0 HIGH | N/A |
| Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, 1.4.1 through 1.4.1_07, and 1.4.0 through 1.4.0_04 allows untrusted applets and unprivileged servlets to gain privileges and read data from other applets via unspecified vectors related to classes in the XSLT processor, aka "XML sniffing." | |||||
| CVE-2009-0170 | 1 Sun | 1 Java System Access Manager | 2018-10-30 | 6.0 MEDIUM | N/A |
| Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console. | |||||
| CVE-2011-2424 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-10-30 | 9.3 HIGH | N/A |
| Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures." | |||||
| CVE-2011-2427 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2018-10-30 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors. | |||||
| CVE-2006-7028 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.8 HIGH | N/A |
| Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a flood of small TCP/IP packets. NOTE: this issue has not been replicated by third parties. In addition, the cause is unknown, although it might be related to "jabber" and generation of a large amount of interrupts within the console, or a hardware error. | |||||
| CVE-1999-0502 | 3 Hp, Redhat, Sun | 4 Hp-ux, Linux, Solaris and 1 more | 2018-10-30 | 7.5 HIGH | N/A |
| A Unix account has a default, null, blank, or missing password. | |||||
| CVE-2011-2137 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-10-30 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415. | |||||
| CVE-1999-0011 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2018-10-30 | 10.0 HIGH | N/A |
| Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. | |||||
| CVE-2003-1068 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082. | |||||
| CVE-1999-0493 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.5 HIGH | N/A |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. | |||||
| CVE-2011-2134 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-10-30 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. | |||||
| CVE-2003-1066 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets. | |||||
| CVE-2008-3104 | 1 Sun | 3 Jdk, Jre, Sdk | 2018-10-30 | 6.8 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet. | |||||
| CVE-2006-5215 | 3 Netbsd, Sun, X.org | 4 Netbsd, Solaris, Sunos and 1 more | 2018-10-30 | 2.6 LOW | N/A |
| The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file. | |||||
| CVE-1999-0442 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 2.1 LOW | N/A |
| Solaris ff.core allows local users to modify files. | |||||
| CVE-2008-3113 | 1 Sun | 3 Jdk, Jre, Sdk | 2018-10-30 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077. | |||||
| CVE-2011-2110 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2018-10-30 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011. | |||||
| CVE-2003-1063 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.5 HIGH | N/A |
| The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy. | |||||
| CVE-2003-1067 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions. | |||||
| CVE-2003-1062 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in the sysinfo system call for Solaris for SPARC 2.6 through 9, and Solaris for x86 2.6, 7, and 8, allows local users to read kernel memory. | |||||
| CVE-2003-1069 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop). | |||||
| CVE-2003-1070 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash). | |||||
| CVE-2003-1071 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 2.1 LOW | N/A |
| rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header. | |||||
| CVE-2004-1359 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user. | |||||
| CVE-2003-1073 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 1.2 LOW | N/A |
| A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place. | |||||
| CVE-2000-0030 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database. | |||||
| CVE-2003-1075 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients. | |||||
| CVE-2003-1061 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 1.2 LOW | N/A |
| Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines. | |||||
| CVE-2003-1060 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference. | |||||
| CVE-2003-1078 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.5 HIGH | N/A |
| The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login. | |||||
| CVE-2003-1079 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated. | |||||
| CVE-1999-0055 | 2 Ibm, Sun | 3 Aix, Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflows in Sun libnsl allow root access. | |||||
| CVE-1999-0056 | 1 Sun | 1 Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in Sun's ping program can give root access to local users. | |||||
| CVE-2003-1082 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068. | |||||
| CVE-2004-0496 | 5 Gentoo, Linux, Mandrakesoft and 2 more | 13 Linux, Linux Kernel, Mandrake Linux and 10 more | 2018-10-30 | 7.2 HIGH | N/A |
| Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. | |||||
| CVE-2005-1518 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 2.1 LOW | N/A |
| Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500. | |||||
| CVE-2011-2130 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-10-30 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. | |||||
| CVE-2011-2135 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-10-30 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2140, CVE-2011-2417, and CVE-2011-2425. | |||||
| CVE-2004-1307 | 10 Apple, Avaya, Conectiva and 7 more | 19 Mac Os X, Mac Os X Server, Call Management System Server and 16 more | 2018-10-30 | 7.5 HIGH | N/A |
| Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. | |||||
| CVE-2003-1059 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access. | |||||
| CVE-2003-1058 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 3.7 LOW | N/A |
| The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files. | |||||
| CVE-2011-2140 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-10-30 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425. | |||||
| CVE-2011-2414 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-10-30 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415. | |||||
| CVE-2004-1360 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 2.1 LOW | N/A |
| Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files. | |||||
| CVE-2003-1057 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code. | |||||