Filtered by vendor Sun
Subscribe
Total
1704 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0974 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. | |||||
| CVE-2004-1352 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code. | |||||
| CVE-2005-3674 | 1 Sun | 1 Solaris | 2025-04-03 | 7.8 HIGH | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-1999-1424 | 1 Sun | 1 Solstice Adminsuite | 2025-04-03 | 6.2 MEDIUM | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries. | |||||
| CVE-2003-1156 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 4.6 MEDIUM | N/A |
| Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program. | |||||
| CVE-2004-1356 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. | |||||
| CVE-1999-0674 | 3 Netbsd, Openbsd, Sun | 4 Netbsd, Openbsd, Solaris and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. | |||||
| CVE-1999-0298 | 2 Slackware, Sun | 2 Slackware Linux, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack. | |||||
| CVE-1999-0099 | 5 Bsdi, Convex, Cray and 2 more | 7 Bsd Os, Convexos, Spp-ux and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. | |||||
| CVE-2004-1351 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code. | |||||
| CVE-2002-1587 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
| The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex. | |||||
| CVE-1999-0010 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. | |||||
| CVE-2001-0283 | 1 Sun | 1 Sun Ftp | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT. | |||||
| CVE-2004-2540 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 5.0 MEDIUM | N/A |
| readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data. | |||||
| CVE-2002-0360 | 1 Sun | 1 Solaris Answerbook2 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program. | |||||
| CVE-2004-2759 | 1 Sun | 4 Storedge Qfs, Storedge Sam-qfs, Storeedge Performance Suite and 1 more | 2025-04-03 | 2.1 LOW | N/A |
| Shared Sun StorEdge QFS and SAM-QFS file systems, as used in Utilization Suite 4.0 through 4.1 and Performance Suite 4.0 through 4.1, might allow local users to read portions of deleted files by accessing data within sparse files. | |||||
| CVE-1999-1402 | 2 Freebsd, Sun | 3 Freebsd, Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
| The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket. | |||||
| CVE-1999-0214 | 1 Sun | 1 Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| Denial of service by sending forged ICMP unreachable packets. | |||||
| CVE-2004-1082 | 8 Apache, Apple, Avaya and 5 more | 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more | 2025-04-03 | 7.5 HIGH | N/A |
| mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | |||||
| CVE-2005-1754 | 2 Apache Tomcat, Sun | 2 Apache Tomcat, Javamail | 2025-04-03 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products." | |||||