Filtered by vendor Sun Subscriptions
Total 1712 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-1083 1 Sun 1 Java System Identity Manager 2026-04-23 N/A
Sun Java System Identity Manager (IdM) 7.0 through 8.0 on Linux, AIX, Solaris, and HP-UX permits "control characters" in the passwords of user accounts, which allows remote attackers to execute arbitrary commands via vectors involving "resource adapters."
CVE-2009-1101 2 Redhat, Sun 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more 2026-04-23 N/A
Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to cause a denial of service (probably resource consumption) for a JAX-WS service endpoint via a connection without any data, which triggers a file descriptor "leak."
CVE-2010-0271 1 Sun 1 Opensolaris 2026-04-23 N/A
hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification.
CVE-2007-5019 1 Sun 3 Java Web Start, Jre, Sdk 2026-04-23 N/A
Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment (JRE) 1.6.0_X allows remote attackers to have an unknown impact via a long argument to the dnsResolve (isInstalled.dnsResolve) method.
CVE-2010-0272 1 Sun 1 Java System Web Server 2026-04-23 N/A
Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to discover process memory locations via crafted data to TCP port 80, as demonstrated by the vd_sjws2 module in VulnDisco. NOTE: as of 20100106, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2008-4131 1 Sun 1 Solaris 2026-04-23 N/A
Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow local users to gain privileges via vectors related to handling of tags with (1) the -t option and (2) the :tag command in the (a) vi, (b) ex, (c) vedit, (d) view, and (e) edit programs.
CVE-2009-0601 6 Apple, Freebsd, Linux and 3 more 6 Mac Os X, Freebsd, Linux Kernel and 3 more 2026-04-23 N/A
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.
CVE-2009-0875 1 Sun 2 Opensolaris, Solaris 2026-04-23 N/A
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server.
CVE-2010-0313 1 Sun 1 Java System Directory Server 2026-04-23 N/A
The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message.
CVE-2009-1332 1 Sun 1 Java System Directory Server 2026-04-23 N/A
The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors.
CVE-2007-5462 1 Sun 1 Solaris 2026-04-23 N/A
Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems.
CVE-2009-0609 1 Sun 1 Java System Directory Server 2026-04-23 N/A
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote attackers to cause a denial of service (JDBC backend outage) via crafted LDAP requests.
CVE-2009-3000 1 Sun 2 Opensolaris, Solaris 2026-04-23 N/A
The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7c_http_log function, related to "improper http response handling."
CVE-2012-0507 5 Debian, Oracle, Redhat and 2 more 10 Debian Linux, Jre, Enterprise Linux and 7 more 2026-04-22 9.8 Critical
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
CVE-2013-2465 4 Oracle, Redhat, Sun and 1 more 10 Jre, Enterprise Linux, Network Satellite and 7 more 2026-04-22 9.8 Critical
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
CVE-2000-0174 1 Sun 1 Staroffice 2026-04-16 N/A
StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2005-4133 1 Sun 1 Solaris 2026-04-16 N/A
Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via (1) an unspecified vector and (2) proxy log files.
CVE-2004-0654 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic).
CVE-2004-1358 1 Sun 1 Solaris 2026-04-16 N/A
The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged.
CVE-2003-0201 7 Apple, Compaq, Hp and 4 more 10 Mac Os X, Tru64, Cifs-9000 Server and 7 more 2026-04-16 N/A
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.