Filtered by vendor Sun
Subscriptions
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0430 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2025-04-03 | N/A |
| MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php. | ||||
| CVE-2004-0653 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. | ||||
| CVE-2006-3225 | 1 Sun | 2 Java System Application Server, One Application Server | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Sun ONE Application Server 7 before Update 9, Java System Application Server 7 2004Q2 before Update 5, and Java System Application Server Enterprise Edition 8.1 2005 Q1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors. | ||||
| CVE-1999-0135 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| admintool in Solaris allows a local user to write to arbitrary files and gain root access. | ||||
| CVE-2002-0387 | 1 Sun | 1 One Application Server | 2025-04-03 | N/A |
| Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL. | ||||
| CVE-2002-0348 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2025-04-03 | N/A |
| service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument. | ||||
| CVE-1999-0134 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| vold in Solaris 2.x allows local users to gain root access. | ||||
| CVE-1999-0132 | 2 Hp, Sun | 3 Hp-ux, Solaris, Sunos | 2025-04-03 | N/A |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. | ||||
| CVE-2002-0346 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to (1) service.cgi or (2) alert.cgi. | ||||
| CVE-2006-4353 | 1 Sun | 1 Java System Content Delivery Server | 2025-04-03 | N/A |
| Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local and remote attackers to read data from arbitrary files via unspecified vectors. | ||||
| CVE-2006-4439 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory permissions (755 or 777) if the pkgmap file contains a "?" (question mark) in the mode field, which allows local users to modify arbitrary files or directories, a different vulnerability than CVE-2002-1871. | ||||
| CVE-2002-0158 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument. | ||||
| CVE-2002-0090 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option. | ||||
| CVE-2002-0088 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path. | ||||
| CVE-2002-0033 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name. | ||||
| CVE-2001-1583 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. | ||||
| CVE-2001-1582 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap. | ||||
| CVE-2005-3472 | 1 Sun | 1 Java System Communications Express | 2025-04-03 | N/A |
| Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. | ||||
| CVE-2001-1414 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root. | ||||
| CVE-2001-1307 | 1 Sun | 1 Iplanet Directory Server | 2025-04-03 | N/A |
| Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||