Search Results (1712 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-3202 2 Oracle, Sun 3 Jrockit, Jdk, Jre 2025-04-11 N/A
Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this overlaps CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, and CVE-2012-5085.
CVE-2012-3213 3 Oracle, Redhat, Sun 6 Jdk, Jre, Network Satellite and 3 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.
CVE-2011-2713 2 Libreoffice, Sun 2 Libreoffice, Openoffice.org 2025-04-11 N/A
oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.
CVE-2012-0569 2 Sun, Xerox 2 Sunos, Freeflow Print Server 2025-04-11 N/A
Unspecified vulnerability Oracle Sun Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Install/smpatch.
CVE-2012-3112 1 Sun 1 Sunos 2025-04-11 N/A
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Solaris Management Console.
CVE-2012-3120 1 Sun 1 Sunos 2025-04-11 N/A
Unspecified vulnerability in Oracle Sun Solaris 8 allows remote attackers to affect availability, related to TCP/IP.
CVE-2021-43360 1 Sun 1 Ehrd 2024-11-21 8.8 High
Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbitrary code and control the system or interrupt services.
CVE-2021-43359 1 Sun 1 Ehrd 2024-11-21 8.8 High
Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary code and control the system or interrupt services.
CVE-2021-43358 1 Sun 1 Ehrd 2024-11-21 7.5 High
Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote attacker to perform path traversal attacks without authentication, access restricted paths and download system files.
CVE-2020-10510 1 Sun 1 Ehrd 2024-11-21 8.1 High
Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data.
CVE-2020-10509 1 Sun 1 Ehrd 2024-11-21 6.1 Medium
Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack.
CVE-2020-10508 1 Sun 1 Ehrd 2024-11-21 7.5 High
Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information.