Opensolaris Security Vulnerabilities and Issues — Opensolaris CVE List

Lucene search

SunOpensolaris

11 matches found

CVE•added 2009/03/11 2:19 p.m.•64 views

CVE-2009-0873

The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys ...

6.8CVSS6.6AI score0.01052EPSS

CVE•added 2016/02/06 5:59 a.m.•53 views

CVE-2016-1310

Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033.

6.1CVSS5.9AI score0.0025EPSS

CVE•added 2009/01/28 6:30 p.m.•46 views

CVE-2009-0319

Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems."

6.9CVSS6.6AI score0.00044EPSS

CVE•added 2009/03/12 3:20 p.m.•44 views

CVE-2009-0875

Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is t...

6.9CVSS6.9AI score0.00026EPSS

CVE•added 2016/02/15 11:59 p.m.•41 views

CVE-2016-1331

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 11.5(0.99833.5) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy10766.

6.1CVSS6AI score0.0025EPSS

CVE•added 2009/03/11 2:19 p.m.•38 views

CVE-2009-0872

The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a comb...

6.8CVSS6.6AI score0.00816EPSS

CVE•added 2009/03/30 4:30 p.m.•38 views

CVE-2009-1170

Unspecified vulnerability in Sun OpenSolaris snv_100 through snv_101 allows local users, with privileges in a non-global zone, to execute arbitrary code in the global zone when a global-zone user is using mdb on a non-global zone process.

6.9CVSS7.4AI score0.00049EPSS

CVE•added 2016/03/28 11:59 p.m.•37 views

CVE-2016-1314

Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (CDM) 8.1(1) allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux80760.

6.1CVSS5.7AI score0.00185EPSS

CVE•added 2016/02/06 5:59 a.m.•36 views

CVE-2016-1306

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Fog Director 1.0(0) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux80466.

6.1CVSS5.9AI score0.0025EPSS

CVE•added 2009/08/03 2:30 p.m.•35 views

CVE-2009-2652

Unspecified vulnerability in Solaris Trusted Extensions in Sun Solaris 10, and OpenSolaris snv_37 through snv_120, allows remote attackers to cause a denial of service (panic) via vectors involving the parsing of labeled packets.

6.8CVSS6.7AI score0.01097EPSS

CVE•added 2009/11/02 3:30 p.m.•32 views

CVE-2009-3839

Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server.

6.8CVSS7.7AI score0.01456EPSS