Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1189 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue. | |||||
| CVE-2008-5690 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 2.1 LOW | N/A |
| The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5. | |||||
| CVE-2007-2990 | 1 Sun | 1 Solaris | 2025-04-09 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file. | |||||
| CVE-2009-2675 | 1 Sun | 2 Jdk, Jre | 2025-04-09 | 10.0 HIGH | N/A |
| Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression. | |||||
| CVE-2009-0480 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 4.9 MEDIUM | N/A |
| The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets. | |||||
| CVE-2008-1194 | 1 Sun | 2 Jdk, Jre | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors. | |||||
| CVE-2009-0167 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability." | |||||
| CVE-2007-4492 | 1 Sun | 1 Solaris | 2025-04-09 | 4.9 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the ata disk driver in Sun Solaris 8, 9, and 10 on the x86 platform before 20070821 allow local users to cause a denial of service (system panic) via unspecified ioctl functions, aka Bug 6433123. | |||||
| CVE-2009-1190 | 2 Springsource, Sun | 3 Dm Server, Spring Framework, Jdk | 2025-04-09 | 5.0 MEDIUM | N/A |
| Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 through 2.5.6 and 3.0.0.M1 through 3.0.0.M2 and dm Server 1.0.0 through 1.0.2, allows remote attackers to cause a denial of service (CPU consumption) via serializable data with a long regex string containing multiple optional groups, a related issue to CVE-2004-2540. | |||||
| CVE-2008-2674 | 4 Fujitsu, Microsoft, Redhat and 1 more | 11 Interstage Application Server Enterprise, Interstage Application Server Plus, Interstage Application Server Plus Developer and 8 more | 2025-04-09 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors. | |||||
| CVE-2009-3433 | 1 Sun | 1 Cluster | 2025-04-09 | 7.2 HIGH | N/A |
| Unspecified vulnerability in clsetup in the configuration utility in Sun Solaris Cluster 3.2 allows local users to gain privileges via unknown vectors. | |||||
| CVE-2009-3872 | 2 Microsoft, Sun | 6 Windows, Java Se, Jdk and 3 more | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969. | |||||
| CVE-2007-1918 | 8 Apple, Hp, Ibm and 5 more | 11 Macos, Hp-ux, Tru64 and 8 more | 2025-04-09 | 5.0 MEDIUM | N/A |
| The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. | |||||
| CVE-2009-2489 | 1 Sun | 1 Ray Server Software | 2025-04-09 | 2.1 LOW | N/A |
| Unspecified vulnerability in the utdmsession program in Sun Ray Server Software (SRSS) 4.0 allows local users to access the sessions of arbitrary users via unknown vectors. | |||||
| CVE-2008-4992 | 1 Sun | 13 Blade T6300 Server, Blade T6320 Server, Fire Enterprise Server T1000 and 10 more | 2025-04-09 | 4.6 MEDIUM | N/A |
| The SPARC hypervisor in Sun System Firmware 6.6.3 through 6.6.5 and 7.1.3 through 7.1.3.e on UltraSPARC T1, T2, and T2+ processors allows logical domain users to access memory in other logical domains via unknown vectors. | |||||
| CVE-2009-0875 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | 6.9 MEDIUM | N/A |
| Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. | |||||
| CVE-2007-2466 | 1 Sun | 2 Java System Directory Server, One Directory Server | 2025-04-09 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service (crash) via certain BER encodings. | |||||
| CVE-2008-1188 | 1 Sun | 2 Jdk, Jre | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka "The first two issues." | |||||
| CVE-2010-0313 | 1 Sun | 1 Java System Directory Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message. | |||||
| CVE-2008-3115 | 1 Sun | 2 Jdk, Jre | 2025-04-09 | 7.5 HIGH | N/A |
| Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit vulnerabilities in these older releases. | |||||