Search Results (1712 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0229 1 Sun 1 Chilisoft 2026-04-16 N/A
Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts.
CVE-2005-1232 1 Sun 1 Java System Web Proxy Server 2026-04-16 N/A
Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy Server) 3.6 SP6 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2005-3001 1 Sun 1 Solaris 2026-04-16 N/A
Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.
CVE-1999-0022 6 Bsdi, Freebsd, Hp and 3 more 7 Bsd Os, Freebsd, Hp-ux and 4 more 2026-04-16 7.8 High
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
CVE-1999-0300 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.
CVE-2005-3398 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.
CVE-2005-2072 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT.
CVE-2005-4701 1 Sun 1 Solaris 2026-04-16 N/A
Unspecified vulnerability in Process File System (procfs) in Sun Solaris 10 allows local users to obtain sensitive information such as process working directories via unknown attack vectors, possibly pwdx.
CVE-2005-4796 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown vectors related to the handling of the clipboard selection while an XView application exits.
CVE-2005-4797 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.
CVE-2005-4806 1 Sun 1 Java System Web Proxy Server 2026-04-16 N/A
Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service (unresponsive service) via unknown vectors.
CVE-2005-4845 1 Sun 1 Java Plug-in 2026-04-16 N/A
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
CVE-2004-0780 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument.
CVE-2004-0790 2 Microsoft, Sun 8 Windows 2000, Windows 2003 Server, Windows 98 and 5 more 2026-04-16 N/A
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
CVE-2005-1753 1 Sun 1 Javamail 2026-04-16 N/A
ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products.
CVE-2005-1754 2 Apache Tomcat, Sun 2 Apache Tomcat, Javamail 2026-04-16 N/A
JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products.
CVE-2006-0161 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown impact and attack vectors. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2004-0780.
CVE-2006-3782 1 Sun 1 Solaris 2026-04-16 N/A
Unspecified vulnerability in the kernel debugger (kmdb) in Sun Solaris 10, when running on x86, allows local users to cause a denial of service (system hang) via unspecified vectors.
CVE-2006-0227 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors.
CVE-2006-0408 1 Sun 1 Grid Engine 2026-04-16 N/A
rsh utility in Sun Grid Engine (SGE) before 6.0u7_1 allows local users to gain privileges and execute arbitrary code via unspecified vectors, possibly involving command line arguments.