Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0568 | 1 Sun | 1 Solaris | 2025-04-03 | 10.0 HIGH | N/A |
| rpc.admind in Solaris is not running in a secure mode. | |||||
| CVE-2005-0418 | 1 Sun | 1 J2se | 2025-04-03 | 7.5 HIGH | N/A |
| Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836. | |||||
| CVE-2001-0269 | 1 Sun | 1 Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password. | |||||
| CVE-2004-1353 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges. | |||||
| CVE-2003-1065 | 1 Sun | 1 Sunos | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash). | |||||
| CVE-2005-0471 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names. | |||||
| CVE-2001-0652 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. | |||||
| CVE-2006-4306 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile. | |||||
| CVE-2002-0058 | 2 Microsoft, Sun | 4 Virtual Machine, Jdk, Jre and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK. | |||||
| CVE-2005-3238 | 1 Sun | 1 Solaris | 2025-04-03 | 2.1 LOW | N/A |
| Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors. | |||||
| CVE-1999-0502 | 3 Hp, Redhat, Sun | 4 Hp-ux, Linux, Solaris and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| A Unix account has a default, null, blank, or missing password. | |||||
| CVE-2000-0407 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option. | |||||
| CVE-2005-3398 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.3 MEDIUM | N/A |
| The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. | |||||
| CVE-2002-1042 | 2 Netscape, Sun | 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. | |||||
| CVE-2002-0391 | 4 Freebsd, Microsoft, Openbsd and 1 more | 7 Freebsd, Windows 2000, Windows Nt and 4 more | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
| Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | |||||
| CVE-2003-1301 | 1 Sun | 1 Jre | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid memory accesses. | |||||
| CVE-2001-1066 | 1 Sun | 1 Solaris | 2025-04-03 | 2.1 LOW | N/A |
| ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-1999-0223 | 1 Sun | 1 Sunos | 2025-04-03 | 2.1 LOW | N/A |
| Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. | |||||
| CVE-2003-1126 | 1 Sun | 1 One Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service. | |||||
| CVE-2002-0573 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed. | |||||