Filtered by vendor Sun Subscriptions
Total 1712 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-0654 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic).
CVE-2004-1358 1 Sun 1 Solaris 2026-04-16 N/A
The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged.
CVE-2001-0115 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.
CVE-2003-1070 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).
CVE-2005-4133 1 Sun 1 Solaris 2026-04-16 N/A
Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via (1) an unspecified vector and (2) proxy log files.
CVE-1999-0078 10 Bsdi, Freebsd, Hp and 7 more 11 Bsd Os, Freebsd, Hp-ux and 8 more 2026-04-16 N/A
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
CVE-2002-0360 1 Sun 1 Solaris Answerbook2 2026-04-16 N/A
Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program.
CVE-2006-4117 1 Sun 1 Solaris 2026-04-16 N/A
The squeue_drain function in Sun Solaris 10, possibly only when run on CMT processors, allows remote attackers to cause a denial of service ("bad trap" and system panic) by opening and closing a large number of TCP connections ("heavy TCP/IP loads"). NOTE: the original report specifies the function name as "drain_squeue," but this is likely incorrect.
CVE-2002-2197 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference.
CVE-2006-3117 3 Openoffice, Redhat, Sun 3 Openoffice, Enterprise Linux, Staroffice 2026-04-16 N/A
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
CVE-2005-0447 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets.
CVE-2000-0055 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.
CVE-1999-0057 5 Eric Allman, Freebsd, Hp and 2 more 7 Vacation, Freebsd, Hp-ux and 4 more 2026-04-16 N/A
Vacation program allows command execution by remote users through a sendmail command.
CVE-2004-1942 1 Sun 1 Patch Manager 2026-04-16 N/A
The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.byname.
CVE-2000-0032 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.
CVE-2002-1525 2 Astaware, Sun 2 Searchdisc, Sunone Starter Kit 2026-04-16 N/A
Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017.
CVE-2005-0426 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference.
CVE-1999-1588 1 Sun 1 Solaris 2026-04-16 9.8 Critical
Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.
CVE-2003-1156 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program.
CVE-2002-0994 1 Sun 1 Sun Pci Ii Driver 2026-04-16 N/A
SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.