Filtered by vendor Sun Subscriptions
Total 1712 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-0480 1 Sun 2 Opensolaris, Solaris 2026-04-23 N/A
The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets.
CVE-2009-0344 1 Sun 2 Fire X2100 M2, Fire X2200 M2 2026-04-23 N/A
Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X2200 M2 x86 platforms before SP/BMC firmware 3.20 allows remote attackers to obtain privileged ELOM login access or execute arbitrary Service Processor (SP) commands via unknown vectors, aka Bug ID 6633175, a different vulnerability than CVE-2007-5717.
CVE-2007-2904 1 Sun 1 Java System Messaging Server 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.0 through 6.3, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly a related issue to CVE-2006-5653.
CVE-2007-4070 1 Sun 1 Solaris 2026-04-23 N/A
Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun Solaris 8 through 10 before 20070725 allows local users to read arbitrary files with root group ownership via unknown vectors.
CVE-2008-1195 3 Canonical, Redhat, Sun 6 Ubuntu Linux, Network Satellite, Rhel Extras and 3 more 2026-04-23 N/A
Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.
CVE-2007-1916 8 Apple, Hp, Ibm and 5 more 11 Macos, Hp-ux, Tru64 and 8 more 2026-04-23 N/A
Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
CVE-2007-0114 1 Sun 1 Java System Content Delivery Server 2026-04-23 N/A
Sun Java System Content Delivery Server 5.0 and 5.0 PU1 allows remote attackers to obtain sensitive information regarding "content details" via unspecified vectors.
CVE-2007-0470 1 Sun 2 Solaris, Sunos 2026-04-23 N/A
Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.
CVE-2007-4395 1 Sun 1 Sunos 2026-04-23 N/A
Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role.
CVE-2004-2763 1 Sun 2 Iplanet Web Server, One Web Server 2026-04-23 N/A
The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.
CVE-2007-4511 1 Sun 1 Java System Application Server 2026-04-23 N/A
The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply certain configuration changes persistently, which causes the (1) SSL and (2) SSL_MutualAuth ORB listener services to enable all protocols and ciphers after the services are restarted, possibly allowing remote attackers to bypass intended policy.
CVE-2007-1898 8 Apple, Hp, Jetbox and 5 more 16 Mac Os X, Hp-ux, Tru64 and 13 more 2026-04-23 N/A
formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.
CVE-2007-3224 1 Sun 2 Java System Directory Server, One Directory Server 2026-04-23 N/A
Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors.
CVE-2006-5654 1 Sun 2 Java System Web Server, One Application Server 2026-04-23 N/A
Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. NOTE: due to lack of details from the vendor, it is unclear whether this is related to vector 1 in CVE-2006-5201 or CVE-2006-3127.
CVE-2007-4289 1 Sun 1 Java System Portal Server 2026-04-23 N/A
Sun Java System Portal Server 7.0 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3715.
CVE-2007-2736 9 Achievo, Apple, Hp and 6 more 18 Achievo, A Ux, Mac Os X and 15 more 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.
CVE-2009-0131 1 Sun 1 Opensolaris 2026-04-23 N/A
The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to cause a denial of service (panic) via the single posix_fallocate test in the SUSv3 POSIX test suite, related to an F_ALLOCSP fcntl call.
CVE-2009-0168 1 Sun 2 Opensolaris, Solaris 2026-04-23 N/A
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files.
CVE-2007-2989 1 Sun 1 Solaris 2026-04-23 N/A
The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298.
CVE-2007-3471 1 Sun 1 Solaris 2026-04-23 N/A
Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.