Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0241 | 3 Sgi, Sun, Xfree86 Project | 4 Irix, Solaris, Sunos and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. | |||||
| CVE-2001-0421 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 6.4 MEDIUM | N/A |
| FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition. | |||||
| CVE-2003-1064 | 1 Sun | 1 Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Solaris 8 with IPv6 enabled allows remote attackers to cause a denial of service (kernel panic) via a crafted IPv6 packet. | |||||
| CVE-2002-0677 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2025-04-03 | 7.5 HIGH | N/A |
| CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. | |||||
| CVE-2005-3238 | 1 Sun | 1 Solaris | 2025-04-03 | 2.1 LOW | N/A |
| Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors. | |||||
| CVE-2003-1058 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 3.7 LOW | N/A |
| The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files. | |||||
| CVE-2000-0210 | 1 Sun | 1 Workshop | 2025-04-03 | 1.2 LOW | N/A |
| The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files. | |||||
| CVE-2001-0165 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument. | |||||
| CVE-2001-0633 | 1 Sun | 1 Chilisoft | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'. | |||||
| CVE-2006-2064 | 1 Sun | 1 Solaris | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in the libpkcs11 library in Sun Solaris 10 might allow local users to gain privileges or cause a denial of service (application failure) via unknown attack vectors that involve the getpwnam family of non-reentrant functions. | |||||
| CVE-1999-1371 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument. | |||||
| CVE-1999-0009 | 11 Bsdi, Caldera, Data General and 8 more | 13 Bsd Os, Openlinux, Dg Ux and 10 more | 2025-04-03 | 10.0 HIGH | N/A |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. | |||||
| CVE-2001-0423 | 1 Sun | 1 Solaris | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093. | |||||
| CVE-2000-0629 | 1 Sun | 1 Java System Web Server | 2025-04-03 | 7.5 HIGH | N/A |
| The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet. | |||||
| CVE-2004-0496 | 5 Gentoo, Linux, Mandrakesoft and 2 more | 13 Linux, Linux Kernel, Mandrake Linux and 10 more | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. | |||||
| CVE-2001-0595 | 1 Sun | 1 Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMS_PROFILES environment variable, e.g. as demonstrated using the kcms_configure program. | |||||
| CVE-1999-0142 | 2 Netscape, Sun | 2 Navigator, Java | 2025-04-03 | 7.5 HIGH | N/A |
| The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts. | |||||
| CVE-2002-2374 | 1 Sun | 1 Patchpro | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." | |||||
| CVE-2001-0701 | 1 Sun | 1 Sunvts | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and earlier allows a local user to gain privileges via a long -o argument. | |||||
| CVE-2005-1591 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors. | |||||