Filtered by vendor Sun
Subscriptions
Total
1712 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1586 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584. | ||||
| CVE-2004-2627 | 1 Sun | 1 J2me | 2025-04-03 | N/A |
| Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code. | ||||
| CVE-2001-1503 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host. | ||||
| CVE-2001-1008 | 1 Sun | 2 Java Plug-in, Jre | 2025-04-03 | N/A |
| Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate. | ||||
| CVE-2004-0802 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2025-04-03 | N/A |
| Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. | ||||
| CVE-2004-0654 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic). | ||||
| CVE-2005-0357 | 2 Emc, Sun | 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software | 2025-04-03 | N/A |
| EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID. | ||||
| CVE-2005-0358 | 2 Emc, Sun | 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software | 2025-04-03 | N/A |
| EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token. | ||||
| CVE-2005-0359 | 2 Emc, Sun | 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software | 2025-04-03 | N/A |
| The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service. | ||||
| CVE-2005-0548 | 1 Sun | 1 Solaris Answerbook2 | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search function. | ||||
| CVE-2005-0576 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files. | ||||
| CVE-2005-0816 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. | ||||
| CVE-2004-1355 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. | ||||
| CVE-2005-0836 | 1 Sun | 1 J2se | 2025-04-03 | N/A |
| Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. | ||||
| CVE-2002-1525 | 2 Astaware, Sun | 2 Searchdisc, Sunone Starter Kit | 2025-04-03 | N/A |
| Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017. | ||||
| CVE-2002-0076 | 3 Hp, Microsoft, Sun | 5 Java Jre-jdk, Virtual Machine, Jdk and 2 more | 2025-04-03 | N/A |
| Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability. | ||||
| CVE-2002-0084 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument. | ||||
| CVE-2002-0085 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request. | ||||
| CVE-2005-2071 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot). | ||||
| CVE-2002-1589 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic). | ||||