Filtered by vendor Sun
Subscriptions
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0616 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | N/A |
| Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue." | ||||
| CVE-2006-0617 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues." | ||||
| CVE-2006-0745 | 5 Mandrakesoft, Redhat, Sun and 2 more | 6 Mandrake Linux, Fedora Core, Solaris and 3 more | 2025-04-03 | N/A |
| X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. | ||||
| CVE-1999-0973 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. | ||||
| CVE-1999-0797 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries. | ||||
| CVE-2006-4439 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory permissions (755 or 777) if the pkgmap file contains a "?" (question mark) in the mode field, which allows local users to modify arbitrary files or directories, a different vulnerability than CVE-2002-1871. | ||||
| CVE-1999-0767 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. | ||||
| CVE-2006-4353 | 1 Sun | 1 Java System Content Delivery Server | 2025-04-03 | N/A |
| Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local and remote attackers to read data from arbitrary files via unspecified vectors. | ||||
| CVE-2006-4319 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307. | ||||
| CVE-2006-4307 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319. | ||||
| CVE-2006-4306 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile. | ||||
| CVE-2006-4303 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun Solaris 10 allows remote attackers to cause a denial of service ("tight loop" and CPU consumption for listener applications) via unknown vectors related to TCP fusion (do_tcp_fusion). | ||||
| CVE-2006-4302 | 1 Sun | 2 J2se, Java Web Start | 2025-04-03 | N/A |
| The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities. | ||||
| CVE-2006-4139 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Race condition in Sun Solaris 10 allows attackers to cause a denial of service (system panic) via unspecified vectors related to ifconfig and either netstat or SNMP queries. | ||||
| CVE-2006-4117 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| The squeue_drain function in Sun Solaris 10, possibly only when run on CMT processors, allows remote attackers to cause a denial of service ("bad trap" and system panic) by opening and closing a large number of TCP connections ("heavy TCP/IP loads"). NOTE: the original report specifies the function name as "drain_squeue," but this is likely incorrect. | ||||
| CVE-2005-3781 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that cause in.named to "make unnecessary queries." | ||||
| CVE-2006-4049 | 1 Sun | 1 Ray Server Software | 2025-04-03 | N/A |
| Unspecified vulnerability in the utxconfig utility in Sun Ray Server Software 3.x allows local users to create or overwrite arbitrary files via unknown attack vectors. | ||||
| CVE-2006-3968 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified. | ||||
| CVE-2006-3941 | 1 Sun | 1 N1 Grid Engine | 2025-04-03 | N/A |
| Unspecified vulnerability in the daemons for Sun N1 Grid Engine 5.3 and N1 Grid Engine 6.0 allows local users to cause a denial of service (grid service shutdown) and possibly execute arbitrary code using buffer overflows via unknown vectors that cause (1) qmaster or (2) execd to terminate. | ||||
| CVE-2006-3920 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm. | ||||