Filtered by vendor Sun
Subscriptions
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1229 | 2 Oracle, Sun | 3 Jre, Java Web Start, Jsse | 2025-04-03 | N/A |
| X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01, (2) JSSE before 1.0.3, (3) Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and (4) Java Web Start 1.0 through 1.2 incorrectly calls the isClientTrusted method when determining server trust, which results in improper validation of digital certificate and allows remote attackers to (1) falsely authenticate peers for SSL or (2) incorrectly validate signed JAR files. | ||||
| CVE-1999-0298 | 2 Slackware, Sun | 2 Slackware Linux, Sunos | 2025-04-03 | N/A |
| ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack. | ||||
| CVE-2005-1518 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500. | ||||
| CVE-2003-1301 | 1 Sun | 1 Jre | 2025-04-03 | N/A |
| Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid memory accesses. | ||||
| CVE-2006-0227 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors. | ||||
| CVE-2002-1296 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module. | ||||
| CVE-2005-0248 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts. | ||||
| CVE-2003-1437 | 6 Bea, Hp, Ibm and 3 more | 8 Weblogic Server, Hp-ux, Aix and 5 more | 2025-04-03 | N/A |
| BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. | ||||
| CVE-2005-3250 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference. | ||||
| CVE-2005-3781 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that cause in.named to "make unnecessary queries." | ||||
| CVE-2003-1516 | 1 Sun | 1 Java Plug-in | 2025-04-03 | N/A |
| The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet. | ||||
| CVE-2005-4133 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via (1) an unspecified vector and (2) proxy log files. | ||||
| CVE-2005-4701 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Unspecified vulnerability in Process File System (procfs) in Sun Solaris 10 allows local users to obtain sensitive information such as process working directories via unknown attack vectors, possibly pwdx. | ||||
| CVE-2006-0531 | 1 Sun | 1 Java System Access Manager | 2025-04-03 | N/A |
| Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool. | ||||
| CVE-2003-1563 | 1 Sun | 3 Cluster, Solaris, Sunos | 2025-04-03 | N/A |
| Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real Application Clusters (OPS/RAC) allows local users to cause a denial of service (cluster node panic or abort) by launching a daemon listening on a TCP port that would otherwise be used by the Distributed Lock Manager (DLM), possibly involving this daemon responding in a manner that spoofs a cluster reconfiguration. | ||||
| CVE-1999-0223 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. | ||||
| CVE-2002-1228 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon. | ||||
| CVE-1999-0213 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. | ||||
| CVE-1999-0212 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server. | ||||
| CVE-2002-1871 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | ||||