Search Results (1712 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0669 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users.
CVE-2004-0800 2 Avaya, Sun 4 Call Management System Server, Dtmail, Solaris and 1 more 2026-04-16 N/A
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
CVE-2004-0791 2 Redhat, Sun 3 Enterprise Linux, Solaris, Sunos 2026-04-16 N/A
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
CVE-2002-1584 2 Sgi, Sun 3 Irix, Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.
CVE-2002-1199 3 Caldera, Sco, Sun 4 Openlinux, Openserver, Solaris and 1 more 2026-04-16 N/A
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
CVE-2005-0447 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets.
CVE-2006-0769 1 Sun 1 Solaris 2026-04-16 N/A
Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerberos systems via unknown attack vectors.
CVE-2004-0742 1 Sun 1 Java System Calendar Server 2026-04-16 N/A
Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view.
CVE-1999-0084 1 Sun 1 Nfs 2026-04-16 8.4 High
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.
CVE-2005-0418 1 Sun 1 J2se 2026-04-16 N/A
Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836.
CVE-2000-0210 1 Sun 1 Workshop 2026-04-16 N/A
The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files.
CVE-2001-1328 1 Sun 1 Sunos 2026-04-16 N/A
Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.
CVE-2002-0994 1 Sun 1 Sun Pci Ii Driver 2026-04-16 N/A
SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.
CVE-2003-0609 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.
CVE-2006-3127 1 Sun 2 Java Enterprise System, Java System Directory Server 2026-04-16 N/A
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.
CVE-2005-3238 1 Sun 1 Solaris 2026-04-16 N/A
Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors.
CVE-1999-0223 1 Sun 1 Sunos 2026-04-16 N/A
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.
CVE-2004-0653 1 Sun 1 Solaris 2026-04-16 N/A
Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files.
CVE-2001-1308 1 Sun 1 Iplanet Directory Server 2026-04-16 N/A
Format string vulnerabilities in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2004-0651 1 Sun 2 Jre, Sdk 2026-04-16 N/A
Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang).