Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0346 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to (1) service.cgi or (2) alert.cgi. | |||||
| CVE-2003-0722 | 1 Sun | 1 Solaris | 2025-04-03 | 10.0 HIGH | N/A |
| The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets. | |||||
| CVE-2002-1587 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
| The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex. | |||||
| CVE-2004-0800 | 2 Avaya, Sun | 4 Call Management System Server, Dtmail, Solaris and 1 more | 2025-04-03 | 4.6 MEDIUM | N/A |
| Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value. | |||||
| CVE-2004-2758 | 1 Sun | 1 Sunforum | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | |||||
| CVE-2003-1065 | 1 Sun | 1 Sunos | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash). | |||||
| CVE-2003-1058 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 3.7 LOW | N/A |
| The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files. | |||||
| CVE-1999-1588 | 1 Sun | 1 Solaris | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766. | |||||
| CVE-2003-0669 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 1.2 LOW | N/A |
| Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users. | |||||
| CVE-2002-0430 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2025-04-03 | 3.7 LOW | N/A |
| MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php. | |||||
| CVE-2002-2425 | 1 Sun | 1 Solaris Answerbook2 | 2025-04-03 | 10.0 HIGH | N/A |
| Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute administrative scripts such as (1) AdminViewError and (2) AdminAddadmin via a direct request. | |||||
| CVE-2006-3783 | 1 Sun | 1 Solaris | 2025-04-03 | 4.9 MEDIUM | N/A |
| Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors involving (1) the /net mount point and (2) the "-hosts" map in a mount point. | |||||
| CVE-2004-1307 | 10 Apple, Avaya, Conectiva and 7 more | 19 Mac Os X, Mac Os X Server, Call Management System Server and 16 more | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. | |||||
| CVE-1999-0136 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access. | |||||
| CVE-2005-0742 | 1 Sun | 1 Java System Application Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-1999-1426 | 1 Sun | 1 Solstice Adminsuite | 2025-04-03 | 6.2 MEDIUM | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files. | |||||
| CVE-1999-0017 | 9 Caldera, Freebsd, Gnu and 6 more | 11 Openlinux, Freebsd, Inet and 8 more | 2025-04-03 | 7.5 HIGH | N/A |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | |||||
| CVE-2005-4552 | 1 Sun | 1 Solaris Pc Netlink | 2025-04-03 | 7.2 HIGH | N/A |
| The (1) slsmgr and (2) slsadmin programs in Sun Solaris PC NetLink 2.0 create temporary files insecurely, which allows local users to gain privileges. | |||||
| CVE-2002-0436 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter. | |||||
| CVE-2001-1328 | 1 Sun | 1 Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code. | |||||