Search Results (1712 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1357 1 Sun 1 Solaris 2026-04-16 N/A
The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.
CVE-2004-1359 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.
CVE-2004-1360 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files.
CVE-2004-1394 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges.
CVE-2004-1503 1 Sun 1 Jre 2026-04-16 N/A
Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative.
CVE-2003-0412 1 Sun 1 One Application Server 2026-04-16 N/A
Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities.
CVE-2006-2198 3 Openoffice, Redhat, Sun 3 Openoffice, Enterprise Linux, Staroffice 2026-04-16 N/A
OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
CVE-2004-1816 2 Macromedia, Sun 3 Coldfusion, Jrun, One Application Server 2026-04-16 N/A
Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).
CVE-1999-0008 2 Hp, Sun 3 Hp-ux, Solaris, Sunos 2026-04-16 N/A
Buffer overflow in NIS+, in Sun's rpc.nisd program.
CVE-1999-0120 1 Sun 1 Sunos 2026-04-16 N/A
Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root.
CVE-1999-0164 1 Sun 1 Sunos 2026-04-16 N/A
A race condition in the Solaris ps command allows an attacker to overwrite critical files.
CVE-1999-0128 5 Digital, Ibm, Linux and 2 more 9 Osf 1, Aix, Sng and 6 more 2026-04-16 N/A
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
CVE-2005-4805 1 Sun 1 Java System Application Server 2026-04-16 N/A
Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages (JSP) via unknown vectors.
CVE-2006-2426 2 Redhat, Sun 6 Enterprise Linux, Network Satellite, Rhel Extras and 3 more 2026-04-16 N/A
Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory.
CVE-2002-1228 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.
CVE-2006-2501 1 Sun 4 Java System Application Server, Java System Web Server, One Application Server and 1 more 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise Edition Update 2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving error messages.
CVE-2004-2306 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection.
CVE-2004-2393 1 Sun 1 Jsse 2026-04-16 N/A
Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS.
CVE-2006-2790 1 Sun 1 Storage Automated Diagnostic Environment 2026-04-16 N/A
A package component in Sun Storage Automated Diagnostic Environment (StorADE) 2.4 uses world-writable permissions for certain critical files and directories, which allows local users to gain privileges.
CVE-1999-0134 1 Sun 1 Sunos 2026-04-16 N/A
vold in Solaris 2.x allows local users to gain root access.