Filtered by vendor Sun
Subscriptions
Total
1712 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4442 | 1 Sun | 1 Java System Directory Server | 2025-04-09 | N/A |
| Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making multiple connections and performing no operations on these connections, aka Bug Id 6648665. | ||||
| CVE-2008-0657 | 2 Redhat, Sun | 4 Network Satellite, Rhel Extras, Jdk and 1 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs. | ||||
| CVE-2006-5075 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before 20060926 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client. | ||||
| CVE-2007-1898 | 8 Apple, Hp, Jetbox and 5 more | 16 Mac Os X, Hp-ux, Tru64 and 13 more | 2025-04-09 | N/A |
| formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters. | ||||
| CVE-2008-0718 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-bit mode is enabled, allows local users to cause a denial of service (panic) via unspecified vectors. | ||||
| CVE-2007-5716 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the Internet Protocol (IP) functionality in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors, probably related to a UDP packet. | ||||
| CVE-2009-2704 | 1 Sun | 1 J2ee | 2025-04-09 | N/A |
| CA SiteMinder allows remote attackers to bypass cross-site scripting (XSS) protections for J2EE applications via a request containing a %00 (encoded null byte). | ||||
| CVE-2007-5319 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service ("unusable" system console) via unspecified vectors. | ||||
| CVE-2006-5201 | 1 Sun | 9 Jdk, Jre, Jsse and 6 more | 2025-04-09 | N/A |
| Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1. | ||||
| CVE-2007-5365 | 5 Debian, Openbsd, Redhat and 2 more | 7 Debian Linux, Openbsd, Enterprise Linux and 4 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU. | ||||
| CVE-2007-5367 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the Virtual File System (VFS) in Sun Solaris 10 allows local users to cause a denial of service (kernel memory consumption) via unspecified vectors. | ||||
| CVE-2009-2445 | 1 Sun | 1 Java System Web Server | 2025-04-09 | N/A |
| Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI. | ||||
| CVE-2006-4175 | 1 Sun | 2 Java System Directory Server, One Directory Server | 2025-04-09 | N/A |
| The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service (crash) via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations. | ||||
| CVE-2007-5422 | 1 Sun | 1 Sunos | 2025-04-09 | N/A |
| Unspecified vulnerability in "Solaris Auditing" in the Basic Security Module (BSM) in Sun Solaris 10, when configured for auditing of networking (nt) events, allows local users to cause a denial of service (panic) via unspecified vectors. | ||||
| CVE-2007-1346 | 1 Sun | 1 Sun Fire | 2025-04-09 | N/A |
| Unspecified vulnerability in ipmitool for Sun Fire X2100M2 and X2200M2 allows local users to gain privileges and reset or turn off the server. | ||||
| CVE-2007-5462 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems. | ||||
| CVE-2009-3867 | 3 Microsoft, Redhat, Sun | 9 Windows, Network Satellite, Rhel Extras and 6 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303. | ||||
| CVE-2007-2788 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Jdk and 2 more | 2025-04-09 | N/A |
| Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow. | ||||
| CVE-2007-1223 | 3 Hitachi, Ibm, Sun | 4 Hi-ux\/we2, Osas\/ft\/w, Aix and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows attackers to cause a denial of service (responder control processing halt) by sending "data unexpectedly through the port". | ||||
| CVE-2008-5266 | 2 Oracle, Sun | 2 Glassfish Server, Java System Application Server | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.1_01 build b09d-fcs and 9.1_02 build b04-fcs allows remote attackers to inject arbitrary web script or HTML via the name parameter, a different vector than CVE-2008-2751. | ||||