Filtered by vendor Sun
Subscriptions
Filtered by product Sunos
Subscriptions
Total
609 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2144 | 1 Sun | 1 Sunos | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors. | ||||
| CVE-2007-3093 | 1 Sun | 2 Solaris, Sunos | 2025-04-09 | N/A |
| Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server. | ||||
| CVE-2007-4395 | 1 Sun | 1 Sunos | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role. | ||||
| CVE-2007-4310 | 1 Sun | 1 Sunos | 2025-04-09 | N/A |
| The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503. | ||||
| CVE-2007-3880 | 1 Sun | 2 Net Connect Software, Sunos | 2025-04-09 | N/A |
| Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog. | ||||
| CVE-2008-2121 | 1 Sun | 1 Sunos | 2025-04-09 | N/A |
| The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of service (CPU consumption and new connection timeouts) via a TCP SYN flood attack. | ||||
| CVE-2008-5550 | 1 Sun | 3 Java Web Console, Solaris, Sunos | 2025-04-09 | N/A |
| Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter. | ||||
| CVE-2007-3717 | 1 Sun | 1 Sunos | 2025-04-09 | N/A |
| rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225. | ||||
| CVE-2007-2529 | 1 Sun | 2 Solaris, Sunos | 2025-04-09 | N/A |
| Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local users to cause a denial of service (kernel panic) and possibly gain privileges via a certain argument, related to ACE_SETACL. | ||||
| CVE-2007-2465 | 1 Sun | 2 Solaris, Sunos | 2025-04-09 | N/A |
| Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath function. | ||||
| CVE-2007-2045 | 1 Sun | 1 Sunos | 2025-04-09 | N/A |
| Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments. | ||||
| CVE-2008-0964 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. | ||||
| CVE-2007-1794 | 2 Mozilla, Sun | 3 Mozilla, Solaris, Sunos | 2025-04-09 | N/A |
| The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this issue might be related to CVE-2006-3805. | ||||
| CVE-2007-0882 | 2 Oracle, Sun | 2 Solaris, Sunos | 2025-04-09 | N/A |
| Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account. | ||||
| CVE-2006-7140 | 1 Sun | 2 Solaris, Sunos | 2025-04-09 | N/A |
| The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339. | ||||
| CVE-2006-5073 | 1 Sun | 2 Solaris, Sunos | 2025-04-09 | N/A |
| Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013. | ||||
| CVE-2007-0165 | 1 Sun | 2 Solaris, Sunos | 2025-04-09 | N/A |
| Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind. | ||||
| CVE-2008-0965 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2025-04-09 | N/A |
| Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet. | ||||
| CVE-2008-3450 | 1 Sun | 1 Sunos | 2025-04-09 | N/A |
| Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 through 10 allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors. | ||||
| CVE-2006-0161 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown impact and attack vectors. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2004-0780. | ||||