Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0089 | 1 Sun | 3 Jdk, Jre, Sdk | 2018-10-30 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors. | |||||
| CVE-2003-1063 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.5 HIGH | N/A |
| The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy. | |||||
| CVE-2008-3104 | 1 Sun | 3 Jdk, Jre, Sdk | 2018-10-30 | 6.8 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet. | |||||
| CVE-1999-0065 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.5 HIGH | N/A |
| Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. | |||||
| CVE-2005-0816 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. | |||||
| CVE-1999-0185 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.5 HIGH | N/A |
| In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. | |||||
| CVE-2011-2416 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-10-30 | 10.0 HIGH | N/A |
| Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138. | |||||
| CVE-1999-1297 | 1 Sun | 1 Sunos | 2018-10-30 | 2.1 LOW | N/A |
| cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key. | |||||
| CVE-1999-0973 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 10.0 HIGH | N/A |
| Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. | |||||
| CVE-1999-0949 | 3 Sgi, Sun, Turbolinux | 4 Irix, Solaris, Sunos and 1 more | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in canuum program for Canna input system allows local users to gain root privileges. | |||||
| CVE-2000-0317 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option. | |||||
| CVE-2001-0124 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument. | |||||
| CVE-1999-1423 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 2.1 LOW | N/A |
| ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i. | |||||
| CVE-1999-0011 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2018-10-30 | 10.0 HIGH | N/A |
| Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. | |||||
| CVE-2001-0595 | 1 Sun | 1 Sunos | 2018-10-30 | 4.6 MEDIUM | N/A |
| Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMS_PROFILES environment variable, e.g. as demonstrated using the kcms_configure program. | |||||
| CVE-1999-1023 | 1 Sun | 1 Sunos | 2018-10-30 | 4.6 MEDIUM | N/A |
| useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired. | |||||
| CVE-2010-4454 | 1 Sun | 3 Jdk, Jre, Sdk | 2018-10-30 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4462 and CVE-2010-4473. | |||||
| CVE-2002-1199 | 3 Caldera, Sco, Sun | 4 Openlinux, Openserver, Solaris and 1 more | 2018-10-30 | 5.0 MEDIUM | N/A |
| The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. | |||||
| CVE-2010-4469 | 1 Sun | 3 Jdk, Jre, Sdk | 2018-10-30 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is heap corruption related to the Verifier and "backward jsrs." | |||||
| CVE-2010-3553 | 1 Sun | 3 Jdk, Jre, Sdk | 2018-10-30 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class. | |||||