Search Results (1712 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1297 1 Sun 1 Sunos 2026-04-16 N/A
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.
CVE-2005-1887 1 Sun 1 Solaris 2026-04-16 N/A
Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local users to gain privileges.
CVE-2005-0109 5 Freebsd, Redhat, Sco and 2 more 9 Freebsd, Enterprise Linux, Enterprise Linux Desktop and 6 more 2026-04-16 N/A
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
CVE-1999-0295 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges.
CVE-2003-1437 6 Bea, Hp, Ibm and 3 more 8 Weblogic Server, Hp-ux, Aix and 5 more 2026-04-16 N/A
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.
CVE-2005-1591 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors.
CVE-2005-4046 1 Sun 2 Java System Application Server, One Application Server 2026-04-16 N/A
Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers to conduct man-in-the-middle (MITM) attacks and "compromise data privacy."
CVE-2005-3907 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Unspecified vulnerability in Java Runtime Environment in Java JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors involving untrusted Java applets.
CVE-2005-3906 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors, a different set of vulnerabilities than CVE-2005-3905. NOTE: this is associated with the "second and third issues" identified in SUNALERT:102003.
CVE-2004-2540 1 Sun 2 Jdk, Jre 2026-04-16 N/A
readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data.
CVE-2005-3905 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors, a different vulnerability than CVE-2005-3906. NOTE: this is associated with the "first issue" identified in SUNALERT:102003.
CVE-2006-2513 1 Sun 1 Java System Directory Server 2026-04-16 N/A
Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges.
CVE-2005-3781 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that cause in.named to "make unnecessary queries."
CVE-2002-1042 2 Netscape, Sun 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more 2026-04-16 N/A
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
CVE-2006-2426 2 Redhat, Sun 6 Enterprise Linux, Network Satellite, Rhel Extras and 3 more 2026-04-16 N/A
Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory.
CVE-2005-3583 1 Sun 2 Jre, Sdk 2026-04-16 N/A
(1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss.
CVE-1999-0687 4 Cde, Digital, Ibm and 1 more 5 Cde, Unix, Aix and 2 more 2026-04-16 N/A
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
CVE-2005-1150 1 Sun 1 Java System Web Server 2026-04-16 N/A
Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service (hang).
CVE-2005-3472 1 Sun 1 Java System Communications Express 2026-04-16 N/A
Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files.
CVE-2005-0488 4 Microsoft, Mit, Redhat and 1 more 4 Telnet Client, Kerberos 5, Enterprise Linux and 1 more 2026-04-16 N/A
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.