Filtered by vendor Sun
Subscriptions
Filtered by product Solaris
Subscriptions
Total
545 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3868 | 3 Microsoft, Redhat, Sun | 9 Windows, Network Satellite, Rhel Extras and 6 more | 2025-04-09 | N/A |
| Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970. | ||||
| CVE-2007-5462 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems. | ||||
| CVE-2008-1779 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets. | ||||
| CVE-2008-1780 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors. | ||||
| CVE-2006-4842 | 2 Netscape, Sun | 2 Portable Runtime Api, Solaris | 2025-04-09 | N/A |
| The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files. | ||||
| CVE-2009-4075 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the timeout mechanism in sshd in Sun Solaris 10, and OpenSolaris snv_99 through snv_123, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors that trigger a "dangling sshd authentication thread." | ||||
| CVE-2008-0836 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319. | ||||
| CVE-2007-3723 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| The process scheduler in the Sun Solaris kernel does not make use of the process statistics kept by the kernel and performs scheduling based upon CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges." | ||||
| CVE-2007-2736 | 9 Achievo, Apple, Hp and 6 more | 18 Achievo, A Ux, Mac Os X and 15 more | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. | ||||
| CVE-2009-4187 | 1 Sun | 2 Java System Portal Server, Solaris | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-1115 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial of service (panic) via an unspecified sequence of system calls or commands. | ||||
| CVE-2008-1286 | 2 Linux, Sun | 3 Linux Kernel, Java Web Console, Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors. | ||||
| CVE-2008-1480 | 1 Sun | 2 Solaris, Sunos | 2025-04-09 | N/A |
| rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request. | ||||
| CVE-2008-1684 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file. | ||||
| CVE-2008-2674 | 4 Fujitsu, Microsoft, Redhat and 1 more | 11 Interstage Application Server Enterprise, Interstage Application Server Plus, Interstage Application Server Plus Developer and 8 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors. | ||||
| CVE-2008-2706 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to cause a denial of service (panic) by submitting and retrieving user-defined events, probably related to a NULL dereference. | ||||
| CVE-2008-5111 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function. | ||||
| CVE-2008-5133 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | N/A |
| ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named. | ||||
| CVE-2009-2430 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and OpenSolaris snv_01 through snv_58, when Solaris Auditing is enabled, allows local users with an RBAC execution profile for auditconfig to gain privileges via unknown attack vectors. | ||||
| CVE-2007-5716 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the Internet Protocol (IP) functionality in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors, probably related to a UDP packet. | ||||