Filtered by vendor Sun
Subscribe
Total
1704 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0706 | 2 Redhat, Sun | 2 Icedtea-web, Jdk | 2025-04-11 | 7.5 HIGH | N/A |
| The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descriptor." | |||||
| CVE-2010-4450 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-11 | 3.7 LOW | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable. | |||||
| CVE-2013-0407 | 2 Sun, Xerox | 2 Sunos, Freeflow Print Server | 2025-04-11 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/DTrace Framework. | |||||
| CVE-2013-0399 | 1 Sun | 1 Sunos | 2025-04-11 | 6.6 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Umount. | |||||
| CVE-2013-0428 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API. | |||||
| CVE-2010-3643 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652. | |||||
| CVE-2012-3130 | 1 Sun | 1 Sunos | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect integrity via unknown vectors related to pkg.depotd. | |||||
| CVE-2013-5814 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. | |||||
| CVE-2010-4474 | 1 Sun | 2 Jdk, Jre | 2025-04-11 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Java DB component in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows local users to affect confidentiality via unknown vectors related to Security, a similar vulnerability to CVE-2009-4269. | |||||
| CVE-2011-2416 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2025-04-11 | 10.0 HIGH | N/A |
| Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138. | |||||
| CVE-2013-1557 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions" in the LogStream.setDefaultStream method. | |||||
| CVE-2010-4433 | 1 Sun | 1 Sunos | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality via unknown vectors related to Ethernet and the Driver sub-component. | |||||
| CVE-2010-4446 | 1 Sun | 1 Sunos | 2025-04-11 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to RDS and Kernel/InfiniBand. | |||||
| CVE-2011-2285 | 1 Sun | 1 Sunos | 2025-04-11 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Installer. | |||||
| CVE-2012-1698 | 1 Sun | 1 Sunos | 2025-04-11 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows remote authenticated users to affect confidentiality, related to Kernel/GLD. | |||||
| CVE-2010-3557 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-11 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of "behavior and state of certain JDK classes" and "mutable static." | |||||
| CVE-2012-4292 | 3 Opensuse, Sun, Wireshark | 3 Opensuse, Sunos, Wireshark | 2025-04-11 | 3.3 LOW | N/A |
| The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | |||||
| CVE-2011-2290 | 1 Sun | 1 Sunos | 2025-04-11 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel/sockfs. | |||||
| CVE-2010-0708 | 1 Sun | 1 Java System Directory Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request. | |||||
| CVE-2012-5086 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. | |||||