Filtered by vendor Sun Subscriptions
Total 1712 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-1942 1 Sun 1 Patch Manager 2026-04-16 N/A
The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.byname.
CVE-1999-0186 1 Sun 1 Solaris 2026-04-16 N/A
In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters.
CVE-1999-0185 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.
CVE-1999-0024 6 Bsdi, Ibm, Isc and 3 more 12 Bsd Os, Aix, Bind and 9 more 2026-04-16 N/A
DNS cache poisoning via BIND, by predictable query IDs.
CVE-2005-0742 1 Sun 1 Java System Application Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2002-2072 1 Sun 1 Jre 2026-04-16 N/A
java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service (JVM crash) via a Java program that calls the doPrivileged method with a null argument.
CVE-2001-0565 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option.
CVE-2001-0594 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.
CVE-2000-1075 2 Netscape, Sun 2 Directory Server, Iplanet Certificate Management System 2026-04-16 N/A
Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.
CVE-2002-0090 1 Sun 1 Solaris 2026-04-16 N/A
Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option.
CVE-2001-0403 1 Sun 1 Sunos 2026-04-16 N/A
/opt/JSparm/bin/perfmon program in Solaris allows local users to create arbitrary files as root via the Logging File option in the GUI.
CVE-1999-0674 3 Netbsd, Openbsd, Sun 4 Netbsd, Openbsd, Solaris and 1 more 2026-04-16 N/A
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
CVE-2004-1394 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges.
CVE-1999-1586 1 Sun 1 Sunos 2026-04-16 N/A
loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584.
CVE-1999-1580 2 Sendmail, Sun 2 Sendmail, Sunos 2026-04-16 N/A
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.
CVE-1999-1424 1 Sun 1 Solstice Adminsuite 2026-04-16 N/A
Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries.
CVE-2002-1344 3 Gnu, Redhat, Sun 4 Wget, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.
CVE-2002-0089 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.
CVE-1999-0626 1 Sun 1 Rpc.ruserd 2026-04-16 N/A
A version of rusers is running that exposes valid user information to any entity on the network.
CVE-1999-1423 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.