Total
618 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4433 | 1 Sun | 1 Sunos | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality via unknown vectors related to Ethernet and the Driver sub-component. | |||||
| CVE-2010-4415 | 1 Sun | 1 Sunos | 2024-11-21 | 4.1 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to libc. | |||||
| CVE-2010-3586 | 1 Sun | 1 Sunos | 2024-11-21 | 3.6 LOW | N/A |
| Unspecified vulnerability in Oracle Solaris 9 allows local users to affect confidentiality and integrity via unknown vectors related to XScreenSaver. | |||||
| CVE-2010-2632 | 1 Sun | 1 Sunos | 2024-11-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames. | |||||
| CVE-2009-4191 | 1 Sun | 2 Opensolaris, Sunos | 2024-11-21 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the kernel in Sun Solaris 10 and OpenSolaris 2009.06 on the x86-64 platform allows local users to gain privileges via unknown vectors, as demonstrated by the vd_sol_local module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-4080 | 1 Sun | 2 Opensolaris, Sunos | 2024-11-21 | 2.1 LOW | N/A |
| Multiple unspecified vulnerabilities in ldap_cachemgr (aka the LDAP client configuration cache daemon) in Sun Solaris 9 and 10, and OpenSolaris before snv_78, allow local users to cause a denial of service (daemon crash) via vectors involving multiple serviceSearchDescriptor attributes and a call to the getldap_lookup function, and unspecified other vectors. | |||||
| CVE-2009-0873 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2024-11-21 | 6.8 MEDIUM | N/A |
| The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other." | |||||
| CVE-2009-0838 | 1 Sun | 2 Opensolaris, Sunos | 2024-11-21 | 4.9 MEDIUM | N/A |
| The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function. | |||||
| CVE-2008-7300 | 1 Sun | 2 Opensolaris, Sunos | 2024-11-21 | 8.5 HIGH | N/A |
| The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone. | |||||
| CVE-2008-5550 | 1 Sun | 3 Java Web Console, Solaris, Sunos | 2024-11-21 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter. | |||||
| CVE-2008-5009 | 1 Sun | 2 Solstice X.25, Sunos | 2024-11-21 | 4.0 MEDIUM | N/A |
| Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service (panic) via vectors involving reading the /dev/xty file. | |||||
| CVE-2008-4619 | 1 Sun | 1 Sunos | 2024-11-21 | 10.0 HIGH | N/A |
| The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. NOTE: this might be a duplicate of CVE-2007-0165. | |||||
| CVE-2008-3666 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2024-11-21 | 7.1 HIGH | N/A |
| Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library. | |||||
| CVE-2008-3450 | 1 Sun | 1 Sunos | 2024-11-21 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 through 10 allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors. | |||||
| CVE-2008-3426 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2024-11-21 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and OpenSolaris builds snv_01 through snv_95, allows local users to cause a denial of service via unknown vectors that prevent operation of utilities such as prtdiag, prtpicl, and prtfru. | |||||
| CVE-2008-2946 | 1 Sun | 2 Solaris, Sunos | 2024-11-21 | 7.8 HIGH | N/A |
| The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets. | |||||
| CVE-2008-2710 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2024-11-21 | 7.2 HIGH | N/A |
| Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed comparison. | |||||
| CVE-2008-2708 | 1 Sun | 2 Opensolaris, Sunos | 2024-11-21 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) UltraSPARC T2+ kernel modules in Sun Solaris 10, and OpenSolaris before snv_93, allows local users to cause a denial of service (panic) via unspecified vectors, probably related to core files. | |||||
| CVE-2008-2552 | 1 Sun | 2 Service Tag, Sunos | 2024-11-21 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Service Tag Registry on Sun Solaris 10, and Sun Service Tag before 1.1.3, allows local users to cause a denial of service (disk consumption) via unspecified vectors. | |||||
| CVE-2008-2144 | 1 Sun | 1 Sunos | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors. | |||||