Lucene search
K

8970 matches found

Vulnrichment
Vulnrichment
added 2026/01/14 3:6 p.m.4 views

CVE-2025-71120 SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

5.7AI score0.0016EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/01/14 3:6 p.m.3 views

CVE-2025-71120

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

5.3AI score0.0016EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-71120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The co...

5.5CVSS6.5AI score0.0016EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:45 p.m.10 views

CVE-2005-1150

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service hang...

5CVSS6.8AI score0.01792EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:54 a.m.16 views

CVE-2009-4314

Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking AMGH is enabled, responds to a logout action by immediately logging the user in again, which makes it easier for physically proximate attackers to obtain access to a session by going to an unattended DTU device...

4.4CVSS6.8AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:51 a.m.7 views

CVE-2009-4190

Unspecified vulnerability in the kernel in Sun OpenSolaris 2009.06 allows remote attackers to cause a denial of service panic via unknown vectors, as demonstrated by the vdsolaris2 module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information...

7.8CVSS7AI score0.0121EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:51 a.m.7 views

CVE-2009-4774

Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv49 through snv117, when 64bit mode is used on the Intel x86 platform and a Linux lx branded zone is configured, allows local users to cause a denial of service panic via unspecified vectors, a different vulnerability than CVE-2007-622...

4.9CVSS6.5AI score0.00358EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:50 a.m.5 views

CVE-2009-4294

Unspecified vulnerability in the Authentication Manager aka utauthd in Sun Ray Server Software 4.0 and 4.1 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors...

10CVSS8.2AI score0.05718EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:47 a.m.10 views

CVE-2010-0361

Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via a long URI in an HTTP OPTIONS request...

10CVSS7.8AI score0.80521EPSS
Exploits20References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:43 a.m.11 views

CVE-2010-0360

Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap...

10CVSS6.8AI score0.03573EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:43 a.m.18 views

CVE-2010-0386

The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing XST attack, a related issue to CVE-2004-2763 and CVE-2005-3398...

5.8CVSS7AI score0.13108EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:42 a.m.7 views

CVE-2001-1582

Buffer overflow in the LDAP naming services library libsldap in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAPOPTIONS environment variable to a privileged program that uses libsldap...

7.2CVSS7.8AI score0.01297EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:38 a.m.12 views

CVE-2003-1521

Sun Java Plug-In 1.4 through 1.4.202 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model...

6.4CVSS7.2AI score0.05836EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:38 a.m.5 views

CVE-2003-1125

Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service service halt...

5CVSS6.8AI score0.01157EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:15 a.m.7 views

CVE-2019-2878

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: HTTP data path subsystems. The supported version that is affected is 8.8.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...

6.1CVSS6AI score0.00942EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:15 a.m.8 views

CVE-2019-2788

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Open Fabrics Tools. The supported version that is affected is 11.4. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris executes to compromise...

6.3CVSS6.3AI score0.00392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:2 a.m.10 views

CVE-2011-0846

Unspecified vulnerability in the Oracle Sun Java System Access Manager Policy Agent 2.2 allows remote attackers to affect availability via unknown vectors related to Web Proxy Agent...

5CVSS6.5AI score0.01715EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:42 a.m.9 views

CVE-1999-0054

Sun's ftpd daemon can be subjected to a denial of service...

5CVSS6.9AI score0.01361EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:40 a.m.10 views

CVE-1999-0369

The Sun sdtcmconvert calendar utility for OpenWindows has a buffer overflow which can gain root access...

7.2CVSS7.7AI score0.0081EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:40 a.m.9 views

CVE-1999-0370

In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files...

4.6CVSS7.3AI score0.00333EPSS
Exploits0References1
Rows per page
Query Builder