Vulnerabilities (CVE)

Filtered by vendor Sun Subscribe
Filtered by product Sunos
Total 618 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-0412 1 Sun 1 Sunos 2025-04-11 2.1 LOW N/A
Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/, which allows local users to obtain password hashes and conduct brute force password guessing attacks.
CVE-2012-4293 3 Opensuse, Sun, Wireshark 3 Opensuse, Sunos, Wireshark 2025-04-11 3.3 LOW N/A
plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet.
CVE-2010-4443 1 Sun 1 Sunos 2025-04-11 4.4 MEDIUM N/A
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/NFS.
CVE-2012-3120 1 Sun 1 Sunos 2025-04-11 7.8 HIGH N/A
Unspecified vulnerability in Oracle Sun Solaris 8 allows remote attackers to affect availability, related to TCP/IP.
CVE-2013-5876 2 Oracle, Sun 2 Sunos, Sunos 2025-04-11 4.9 MEDIUM N/A
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2014-0447.
CVE-2011-3542 1 Sun 1 Sunos 2025-04-11 4.9 MEDIUM N/A
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Kernel/Performance Counter BackEnd Module (pcbe).
CVE-2012-4291 4 Opensuse, Redhat, Sun and 1 more 4 Opensuse, Enterprise Linux, Sunos and 1 more 2025-04-11 3.3 LOW N/A
The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
CVE-2013-3842 1 Sun 1 Sunos 2025-04-11 2.1 LOW N/A
Unspecified vulnerability Oracle Solaris 10 allows local users to affect confidentiality via vectors related to Oracle Configuration Manager (OCM).
CVE-2013-3750 1 Sun 1 Sunos 2025-04-11 7.2 HIGH N/A
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/VM
CVE-2013-3765 1 Sun 1 Sunos 2025-04-11 4.9 MEDIUM N/A
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Kernel/VM.
CVE-2012-0769 6 Adobe, Apple, Google and 3 more 7 Flash Player, Flash Player For Android, Mac Os X and 4 more 2025-04-11 5.0 MEDIUM N/A
Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors.
CVE-2010-4785 4 Ibm, Linux, Microsoft and 1 more 4 Tivoli Directory Server, Linux Kernel, Windows and 1 more 2025-04-11 4.0 MEDIUM N/A
The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID.
CVE-2013-5864 2 Oracle, Sun 2 Sunos, Sunos 2025-04-11 4.9 MEDIUM N/A
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to USB hub driver.
CVE-2012-0773 6 Adobe, Apple, Google and 3 more 7 Adobe Air, Flash Player, Mac Os X and 4 more 2025-04-11 9.3 HIGH N/A
The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2012-0568 1 Sun 1 Sunos 2025-04-11 2.1 LOW N/A
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality via unknown vectors related to Utility/fdformat.
CVE-2008-7300 1 Sun 2 Opensolaris, Sunos 2025-04-11 8.5 HIGH N/A
The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone.
CVE-2011-4834 3 Hp, Ibm, Sun 4 Application Lifestyle Management, Hp-ux, Aix and 1 more 2025-04-11 4.6 MEDIUM N/A
The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt.
CVE-2012-0103 1 Sun 1 Sunos 2025-04-11 4.9 MEDIUM N/A
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to Kernel.
CVE-2013-3787 1 Sun 1 Sunos 2025-04-11 4.3 MEDIUM N/A
Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Kernel.
CVE-2013-1498 1 Sun 1 Sunos 2025-04-11 4.9 MEDIUM N/A
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1496.