8970 matches found
CVE-2025-71120 SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...
CVE-2025-71120
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...
Linux Distros Unpatched Vulnerability : CVE-2025-71120
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The co...
CVE-2005-1150
Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service hang...
CVE-2009-4314
Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking AMGH is enabled, responds to a logout action by immediately logging the user in again, which makes it easier for physically proximate attackers to obtain access to a session by going to an unattended DTU device...
CVE-2009-4190
Unspecified vulnerability in the kernel in Sun OpenSolaris 2009.06 allows remote attackers to cause a denial of service panic via unknown vectors, as demonstrated by the vdsolaris2 module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information...
CVE-2009-4774
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv49 through snv117, when 64bit mode is used on the Intel x86 platform and a Linux lx branded zone is configured, allows local users to cause a denial of service panic via unspecified vectors, a different vulnerability than CVE-2007-622...
CVE-2009-4294
Unspecified vulnerability in the Authentication Manager aka utauthd in Sun Ray Server Software 4.0 and 4.1 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors...
CVE-2010-0361
Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via a long URI in an HTTP OPTIONS request...
CVE-2010-0360
Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap...
CVE-2010-0386
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing XST attack, a related issue to CVE-2004-2763 and CVE-2005-3398...
CVE-2001-1582
Buffer overflow in the LDAP naming services library libsldap in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAPOPTIONS environment variable to a privileged program that uses libsldap...
CVE-2003-1521
Sun Java Plug-In 1.4 through 1.4.202 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model...
CVE-2003-1125
Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service service halt...
CVE-2019-2878
Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: HTTP data path subsystems. The supported version that is affected is 8.8.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...
CVE-2019-2788
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Open Fabrics Tools. The supported version that is affected is 11.4. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris executes to compromise...
CVE-2011-0846
Unspecified vulnerability in the Oracle Sun Java System Access Manager Policy Agent 2.2 allows remote attackers to affect availability via unknown vectors related to Web Proxy Agent...
CVE-1999-0054
Sun's ftpd daemon can be subjected to a denial of service...
CVE-1999-0369
The Sun sdtcmconvert calendar utility for OpenWindows has a buffer overflow which can gain root access...
CVE-1999-0370
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files...