Lucene search

K
SunSunos5.10

156 matches found

CVE
CVE
added 2007/02/12 8:28 p.m.138 views

CVE-2007-0882

Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by th...

10CVSS6.6AI score0.9135EPSS
CVE
CVE
added 2011/01/19 4:0 p.m.120 views

CVE-2010-2632

Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the gl...

7.8CVSS5.3AI score0.12495EPSS
CVE
CVE
added 2009/03/11 2:19 p.m.64 views

CVE-2009-0873

The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys ...

6.8CVSS6.6AI score0.01052EPSS
CVE
CVE
added 2007/07/12 4:30 p.m.59 views

CVE-2007-3717

rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.

6.9CVSS9.1AI score0.00082EPSS
CVE
CVE
added 2013/01/17 1:55 a.m.58 views

CVE-2013-0415

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Bind/Postinstall script for Bind package.

6CVSS5.3AI score0.00043EPSS
CVE
CVE
added 2011/01/19 5:0 p.m.56 views

CVE-2010-4435

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims ...

10CVSS6.4AI score0.3648EPSS
CVE
CVE
added 2013/07/17 1:41 p.m.54 views

CVE-2013-3799

Unspecified vulnerability in Oracle Solaris 10 and 11, when running on AMD64, allows local users to affect availability via unknown vectors related to Kernel.

4.9CVSS5.6AI score0.0014EPSS
CVE
CVE
added 2007/06/06 9:30 p.m.50 views

CVE-2007-3093

Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.

10CVSS7.6AI score0.1406EPSS
CVE
CVE
added 2007/06/06 9:30 p.m.50 views

CVE-2007-3094

Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server.

9CVSS7.4AI score0.02031EPSS
CVE
CVE
added 2011/07/21 12:55 a.m.50 views

CVE-2011-2298

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote attackers to affect availability, related to KSSL.

5CVSS6.3AI score0.00455EPSS
CVE
CVE
added 2007/06/14 11:30 p.m.49 views

CVE-2007-3223

Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk_getint32 functions.

7.8CVSS6.6AI score0.02139EPSS
CVE
CVE
added 2012/07/17 11:55 p.m.49 views

CVE-2012-1765

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via unknown vectors related to Branded Zone.

4.7CVSS5.5AI score0.00063EPSS
CVE
CVE
added 2013/04/17 12:14 p.m.49 views

CVE-2013-1498

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1496.

4.9CVSS5.5AI score0.00048EPSS
CVE
CVE
added 2011/07/21 12:55 a.m.48 views

CVE-2011-2295

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to Driver/USB.

4.7CVSS5.7AI score0.00049EPSS
CVE
CVE
added 2013/10/16 6:55 p.m.48 views

CVE-2013-5864

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to USB hub driver.

4.9CVSS5.5AI score0.00196EPSS
CVE
CVE
added 2007/12/04 3:46 p.m.47 views

CVE-2007-6216

Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to cause a denial of service (system hang) via some programs that access hardware resources, as demonstrated by the (1) cfgadm and (2) format programs.

4.7CVSS6.1AI score0.00045EPSS
CVE
CVE
added 2008/08/08 6:41 p.m.47 views

CVE-2008-0964

Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.

9.3CVSS7.3AI score0.24948EPSS
CVE
CVE
added 2011/10/05 2:56 a.m.47 views

CVE-2008-7300

The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone.

8.5CVSS6.5AI score0.00265EPSS
CVE
CVE
added 2012/01/18 10:55 p.m.46 views

CVE-2012-0100

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kerberos.

6.8CVSS5.5AI score0.00028EPSS
CVE
CVE
added 2012/05/03 10:55 p.m.46 views

CVE-2012-1681

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kernel/sockfs.

4.9CVSS5.6AI score0.00045EPSS
CVE
CVE
added 2008/12/12 6:30 p.m.45 views

CVE-2008-5550

Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter.

4.3CVSS6.5AI score0.00638EPSS
CVE
CVE
added 2011/04/20 10:55 a.m.45 views

CVE-2011-0813

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2012-0098.

4.9CVSS5.5AI score0.00062EPSS
CVE
CVE
added 2011/07/20 11:55 p.m.45 views

CVE-2011-2259

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to UFS.

4.9CVSS5.9AI score0.00049EPSS
CVE
CVE
added 2012/07/17 10:55 p.m.45 views

CVE-2012-1750

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to mailx.

4.4CVSS5.5AI score0.00147EPSS
CVE
CVE
added 2013/04/17 12:19 p.m.45 views

CVE-2013-1530

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via unknown vectors related to Kernel.

3.8CVSS5.5AI score0.00045EPSS
CVE
CVE
added 2015/01/21 7:59 p.m.45 views

CVE-2015-0429

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility.

3.3CVSS5.5AI score0.0006EPSS
CVE
CVE
added 2011/07/21 12:55 a.m.44 views

CVE-2011-2289

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect integrity and availability via unknown vectors related to LiveUpgrade.

3.6CVSS5.5AI score0.00055EPSS
CVE
CVE
added 2013/01/17 1:55 a.m.44 views

CVE-2012-0569

Unspecified vulnerability Oracle Sun Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Install/smpatch.

3.3CVSS5.7AI score0.0006EPSS
CVE
CVE
added 2012/05/03 10:55 p.m.44 views

CVE-2012-1683

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to gssd.

5.9CVSS8AI score0.00045EPSS
CVE
CVE
added 2013/04/17 12:14 p.m.44 views

CVE-2013-0408

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to CPU performance counters drivers.

5CVSS5.5AI score0.00363EPSS
CVE
CVE
added 2014/07/17 5:10 a.m.44 views

CVE-2014-4215

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers, a different vulnerability than CVE-2013-5862.

4.9CVSS5.5AI score0.00236EPSS
CVE
CVE
added 2006/09/27 1:7 a.m.43 views

CVE-2006-5012

Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors.

6.6CVSS6.2AI score0.00053EPSS
CVE
CVE
added 2007/11/10 2:46 a.m.43 views

CVE-2007-5921

Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2004-1346.

4.7CVSS6AI score0.00087EPSS
CVE
CVE
added 2012/05/03 10:55 p.m.43 views

CVE-2012-1692

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability, related to SCTP.

4.9CVSS5.9AI score0.00061EPSS
CVE
CVE
added 2013/10/16 3:55 p.m.43 views

CVE-2013-3837

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows remote attackers to affect availability via unknown vectors related to Cacao.

4.3CVSS6AI score0.00952EPSS
CVE
CVE
added 2014/04/16 12:55 a.m.43 views

CVE-2014-0442

Unspecified vulnerability in Oracle Solaris 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Print Filter Utility.

4.6CVSS5.5AI score0.0007EPSS
CVE
CVE
added 2014/04/16 12:55 a.m.43 views

CVE-2014-0447

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2013-5876.

4.9CVSS5.5AI score0.00139EPSS
CVE
CVE
added 2014/10/15 3:55 p.m.43 views

CVE-2014-6473

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Zone Framework.

7.2CVSS5.6AI score0.0014EPSS
CVE
CVE
added 2015/01/21 2:59 p.m.43 views

CVE-2014-6481

Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect confidentiality via vectors related to KSSL.

4.3CVSS5.8AI score0.0025EPSS
CVE
CVE
added 2015/01/21 3:28 p.m.43 views

CVE-2014-6575

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Network, a different vulnerability than CVE-2004-0230.

5CVSS8.3AI score0.11484EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.43 views

CVE-2015-0375

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network.

5CVSS5.8AI score0.01165EPSS
CVE
CVE
added 2015/01/21 7:59 p.m.43 views

CVE-2015-0428

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control.

4.9CVSS5.6AI score0.00045EPSS
CVE
CVE
added 2008/05/09 3:20 p.m.42 views

CVE-2008-2121

The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of service (CPU consumption and new connection timeouts) via a TCP SYN flood attack.

7.8CVSS6.4AI score0.023EPSS
CVE
CVE
added 2008/06/30 10:41 p.m.42 views

CVE-2008-2946

The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets.

7.8CVSS6.3AI score0.00817EPSS
CVE
CVE
added 2011/01/19 4:0 p.m.42 views

CVE-2010-4415

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to libc.

4.1CVSS5.6AI score0.00059EPSS
CVE
CVE
added 2011/01/19 5:0 p.m.42 views

CVE-2010-4443

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/NFS.

4.4CVSS5.9AI score0.00059EPSS
CVE
CVE
added 2012/05/03 10:55 p.m.42 views

CVE-2012-1694

Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality and integrity, related to libsasl.

6.4CVSS6.2AI score0.00377EPSS
CVE
CVE
added 2012/07/17 11:55 p.m.42 views

CVE-2012-3112

Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Solaris Management Console.

4.3CVSS5.9AI score0.006EPSS
CVE
CVE
added 2012/10/17 12:55 a.m.42 views

CVE-2012-3165

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality and integrity via unknown vectors related to mailx.

3.6CVSS5.3AI score0.00153EPSS
CVE
CVE
added 2013/04/17 12:14 p.m.42 views

CVE-2013-0403

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Utility.

1.9CVSS5.5AI score0.00055EPSS
Total number of security vulnerabilities156