Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5396 | 1 Sun | 1 Solaris | 2017-10-11 | 4.9 MEDIUM | N/A |
| The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints on the same system. | |||||
| CVE-2006-0516 | 1 Sun | 1 Solaris | 2017-10-11 | 2.1 LOW | N/A |
| Unspecified vulnerability in the kernel processing in Solaris 10 64 bit platform, when running in 64-bit mode, allows local users to cause a denial of service (system panic) via unknown attack vectors. | |||||
| CVE-2006-0190 | 1 Sun | 1 Solaris | 2017-10-11 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Sun Solaris 9 and 10 for the x86 platform allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors, possibly involving functions from the mm driver. | |||||
| CVE-2005-4552 | 1 Sun | 1 Solaris Pc Netlink | 2017-10-11 | 7.2 HIGH | N/A |
| The (1) slsmgr and (2) slsadmin programs in Sun Solaris PC NetLink 2.0 create temporary files insecurely, which allows local users to gain privileges. | |||||
| CVE-2006-0191 | 1 Sun | 1 Solaris | 2017-10-11 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Sun Solaris 10 allows local users to cause a denial of service (null dereference) via unspecified vectors involving the use of the find command on the "/proc" filesystem. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2005-3250. | |||||
| CVE-2006-0531 | 1 Sun | 1 Java System Access Manager | 2017-10-11 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool. | |||||
| CVE-2006-0769 | 1 Sun | 1 Solaris | 2017-10-11 | 7.2 HIGH | N/A |
| Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerberos systems via unknown attack vectors. | |||||
| CVE-2003-0722 | 1 Sun | 1 Solaris | 2017-10-11 | 10.0 HIGH | N/A |
| The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets. | |||||
| CVE-2004-1346 | 1 Sun | 1 Solaris | 2017-10-11 | 2.1 LOW | N/A |
| The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM. | |||||
| CVE-2004-1029 | 5 Conectiva, Gentoo, Hp and 2 more | 8 Linux, Linux, Hp-ux and 5 more | 2017-10-11 | 9.3 HIGH | N/A |
| The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. | |||||
| CVE-2004-0827 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 14 Linux, Imlib, Imlib2 and 11 more | 2017-10-11 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | |||||
| CVE-2004-1345 | 1 Sun | 3 Enterprise Storage Manager, Storedge 3310 Scsi Array, Storedge 3510 Fc Array | 2017-10-11 | 7.2 HIGH | N/A |
| Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access. | |||||
| CVE-2004-0817 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2017-10-11 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. | |||||
| CVE-2004-1357 | 1 Sun | 1 Solaris | 2017-10-11 | 5.0 MEDIUM | N/A |
| The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities. | |||||
| CVE-2004-1358 | 1 Sun | 1 Solaris | 2017-10-11 | 5.0 MEDIUM | N/A |
| The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged. | |||||
| CVE-2004-0653 | 1 Sun | 1 Solaris | 2017-10-11 | 2.1 LOW | N/A |
| Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. | |||||
| CVE-2002-1361 | 1 Sun | 1 Cobalt Raq 4 | 2017-10-10 | 10.0 HIGH | N/A |
| overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter. | |||||
| CVE-2002-0090 | 1 Sun | 1 Solaris | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option. | |||||
| CVE-2001-1328 | 1 Sun | 1 Sunos | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code. | |||||
| CVE-2002-0387 | 1 Sun | 1 One Application Server | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL. | |||||