Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0217 | 1 Sun | 1 Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. | |||||
| CVE-1999-0408 | 1 Sun | 1 Cobalt Raq | 2025-04-03 | 10.0 HIGH | N/A |
| Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. | |||||
| CVE-2005-1080 | 1 Sun | 1 Sdk | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file. | |||||
| CVE-2005-3269 | 1 Sun | 4 Java System Directory Proxy Server, Java System Directory Server, One Administration Server and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges. | |||||
| CVE-1999-1158 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd. | |||||
| CVE-2001-1583 | 1 Sun | 1 Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. | |||||
| CVE-2006-0616 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue." | |||||
| CVE-2004-1352 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code. | |||||
| CVE-2004-1360 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files. | |||||
| CVE-1999-1438 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments. | |||||
| CVE-2001-1076 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable. | |||||
| CVE-2001-1244 | 7 Freebsd, Hp, Linux and 4 more | 9 Freebsd, Hp-ux, Vvos and 6 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | |||||
| CVE-2002-0884 | 2 Caldera, Sun | 3 Openunix, Unixware, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error. | |||||
| CVE-2002-1337 | 7 Gentoo, Hp, Netbsd and 4 more | 9 Linux, Alphaserver Sc, Hp-ux and 6 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. | |||||
| CVE-2000-0174 | 1 Sun | 1 Staroffice | 2025-04-03 | 5.0 MEDIUM | N/A |
| StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2004-1082 | 8 Apache, Apple, Avaya and 5 more | 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more | 2025-04-03 | 7.5 HIGH | N/A |
| mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | |||||
| CVE-2002-0076 | 3 Hp, Microsoft, Sun | 5 Java Jre-jdk, Virtual Machine, Jdk and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability. | |||||
| CVE-2005-4701 | 1 Sun | 1 Solaris | 2025-04-03 | 2.1 LOW | N/A |
| Unspecified vulnerability in Process File System (procfs) in Sun Solaris 10 allows local users to obtain sensitive information such as process working directories via unknown attack vectors, possibly pwdx. | |||||
| CVE-2006-0161 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown impact and attack vectors. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2004-0780. | |||||
| CVE-2005-3906 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors, a different set of vulnerabilities than CVE-2005-3905. NOTE: this is associated with the "second and third issues" identified in SUNALERT:102003. | |||||