Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1026 | 1 Sun | 1 Solaris | 2025-04-03 | 7.2 HIGH | N/A |
| aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file. | |||||
| CVE-2005-0742 | 1 Sun | 1 Java System Application Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2006-1601 | 1 Sun | 1 Cluster | 2025-04-03 | 1.7 LOW | N/A |
| Unspecified vulnerability in SunPlex Manager in Sun Cluster 3.1 4/04 allows local users with solaris.cluster.gui authorization to view arbitrary files via unspecified vectors. | |||||
| CVE-1999-0795 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches. | |||||
| CVE-1999-1530 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2025-04-03 | 3.6 LOW | N/A |
| cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system. | |||||
| CVE-1999-0188 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| The passwd command in Solaris can be subjected to a denial of service. | |||||
| CVE-2003-0896 | 1 Sun | 1 Jre | 2025-04-03 | 7.5 HIGH | N/A |
| The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method. | |||||
| CVE-2002-1317 | 4 Hp, Sgi, Sun and 1 more | 5 Hp-ux, Irix, Solaris and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | |||||
| CVE-1999-0408 | 1 Sun | 1 Cobalt Raq | 2025-04-03 | 10.0 HIGH | N/A |
| Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. | |||||
| CVE-2003-1067 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions. | |||||
| CVE-2005-4845 | 1 Sun | 1 Java Plug-in | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. | |||||
| CVE-2005-2530 | 1 Sun | 1 Java | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Java 1.3.1 before 1.3.1_16 on Apple Mac OS X allows an untrusted applet to gain privileges, related to "Mac OS X specific extensions." | |||||
| CVE-1999-0982 | 1 Sun | 2 Solaris, Web-based Enterprise Management | 2025-04-03 | 7.2 HIGH | N/A |
| The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. | |||||
| CVE-2003-1123 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 7.5 HIGH | N/A |
| Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model. | |||||
| CVE-1999-0345 | 4 Freebsd, Ibm, Sco and 1 more | 7 Freebsd, Aix, Sng and 4 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. | |||||
| CVE-2000-0958 | 1 Sun | 1 Hotjava Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window. | |||||
| CVE-1999-1191 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. | |||||
| CVE-1999-0517 | 2 Hp, Sun | 2 Hp-ux, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| An SNMP community name is the default (e.g. public), null, or missing. | |||||
| CVE-2005-4046 | 1 Sun | 2 Java System Application Server, One Application Server | 2025-04-03 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers to conduct man-in-the-middle (MITM) attacks and "compromise data privacy." | |||||
| CVE-2003-1080 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 1.2 LOW | N/A |
| Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users. | |||||