Lucene search

K
SunSunos

114 matches found

CVE
CVE
added 2005/11/01 12:47 p.m.426 views

CVE-2005-3398

The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.

4.3CVSS6.2AI score0.39542EPSS
CVE
CVE
added 2006/10/10 4:6 a.m.64 views

CVE-2006-5201

Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponen...

4CVSS7.4AI score0.03819EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.62 views

CVE-1999-0143

Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.

4.6CVSS7.3AI score0.00082EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.60 views

CVE-2001-0594

kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.

4.6CVSS7.1AI score0.00144EPSS
CVE
CVE
added 2003/12/15 5:0 a.m.58 views

CVE-2003-0914

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

4.3CVSS6.2AI score0.19846EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.57 views

CVE-1999-0125

Buffer overflow in SGI IRIX mailx program.

4.6CVSS7.7AI score0.00634EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.54 views

CVE-1999-1014

Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.

4.6CVSS7.3AI score0.00367EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.54 views

CVE-2002-1323

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

4.6CVSS6.2AI score0.00082EPSS
CVE
CVE
added 2013/07/17 1:41 p.m.54 views

CVE-2013-3799

Unspecified vulnerability in Oracle Solaris 10 and 11, when running on AMD64, allows local users to affect availability via unknown vectors related to Kernel.

4.9CVSS5.6AI score0.0014EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.51 views

CVE-1999-0370

In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.

4.6CVSS7.3AI score0.00082EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.50 views

CVE-1999-0129

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

4.6CVSS6.6AI score0.00122EPSS
CVE
CVE
added 2012/07/17 11:55 p.m.49 views

CVE-2012-1765

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via unknown vectors related to Branded Zone.

4.7CVSS5.5AI score0.00063EPSS
CVE
CVE
added 2013/04/17 12:14 p.m.49 views

CVE-2013-1498

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1496.

4.9CVSS5.5AI score0.00048EPSS
CVE
CVE
added 2011/07/21 12:55 a.m.48 views

CVE-2011-2295

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to Driver/USB.

4.7CVSS5.7AI score0.00049EPSS
CVE
CVE
added 2013/10/16 6:55 p.m.48 views

CVE-2013-5864

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to USB hub driver.

4.9CVSS5.5AI score0.00196EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.47 views

CVE-1999-0167

In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system.

4.6CVSS6.7AI score0.00098EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.47 views

CVE-1999-0263

Solaris SUNWadmap can be exploited to obtain root access.

4.6CVSS7.3AI score0.00082EPSS
CVE
CVE
added 2006/01/10 7:3 p.m.47 views

CVE-2006-0161

Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown impact and attack vectors. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2004-0780.

4.6CVSS6.1AI score0.00084EPSS
CVE
CVE
added 2007/12/04 3:46 p.m.47 views

CVE-2007-6216

Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to cause a denial of service (system hang) via some programs that access hardware resources, as demonstrated by the (1) cfgadm and (2) format programs.

4.7CVSS6.1AI score0.00045EPSS
CVE
CVE
added 2012/05/03 10:55 p.m.46 views

CVE-2012-1681

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kernel/sockfs.

4.9CVSS5.6AI score0.00045EPSS
CVE
CVE
added 2014/10/15 3:55 p.m.46 views

CVE-2014-4284

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than CVE-2014-4280.

4.4CVSS5.7AI score0.00144EPSS
CVE
CVE
added 2008/12/12 6:30 p.m.45 views

CVE-2008-5550

Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter.

4.3CVSS6.5AI score0.00638EPSS
CVE
CVE
added 2011/04/20 10:55 a.m.45 views

CVE-2011-0813

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2012-0098.

4.9CVSS5.5AI score0.00062EPSS
CVE
CVE
added 2011/07/20 11:55 p.m.45 views

CVE-2011-2259

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to UFS.

4.9CVSS5.9AI score0.00049EPSS
CVE
CVE
added 2012/07/17 10:55 p.m.45 views

CVE-2012-1750

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to mailx.

4.4CVSS5.5AI score0.00147EPSS
CVE
CVE
added 2005/09/28 11:3 p.m.44 views

CVE-2005-3099

Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code.

4.6CVSS6.8AI score0.00078EPSS
CVE
CVE
added 2014/07/17 5:10 a.m.44 views

CVE-2014-4215

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers, a different vulnerability than CVE-2013-5862.

4.9CVSS5.5AI score0.00236EPSS
CVE
CVE
added 2015/01/21 3:28 p.m.44 views

CVE-2014-6570

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6600 and CVE-2015-0397.

4.9CVSS5.6AI score0.00061EPSS
CVE
CVE
added 2007/11/10 2:46 a.m.43 views

CVE-2007-5921

Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2004-1346.

4.7CVSS6AI score0.00087EPSS
CVE
CVE
added 2012/05/03 10:55 p.m.43 views

CVE-2012-1692

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability, related to SCTP.

4.9CVSS5.9AI score0.00061EPSS
CVE
CVE
added 2013/10/16 3:55 p.m.43 views

CVE-2013-3837

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows remote attackers to affect availability via unknown vectors related to Cacao.

4.3CVSS6AI score0.00952EPSS
CVE
CVE
added 2014/04/16 12:55 a.m.43 views

CVE-2014-0442

Unspecified vulnerability in Oracle Solaris 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Print Filter Utility.

4.6CVSS5.5AI score0.0007EPSS
CVE
CVE
added 2014/04/16 12:55 a.m.43 views

CVE-2014-0447

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2013-5876.

4.9CVSS5.5AI score0.00139EPSS
CVE
CVE
added 2014/10/15 3:55 p.m.43 views

CVE-2014-4283

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4277.

4.3CVSS5.9AI score0.00428EPSS
CVE
CVE
added 2015/01/21 2:59 p.m.43 views

CVE-2014-6481

Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect confidentiality via vectors related to KSSL.

4.3CVSS5.8AI score0.0025EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.43 views

CVE-2014-6600

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2015-0397.

4.9CVSS5.6AI score0.00061EPSS
CVE
CVE
added 2015/01/21 7:59 p.m.43 views

CVE-2015-0428

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control.

4.9CVSS5.6AI score0.00045EPSS
CVE
CVE
added 2000/03/22 5:0 a.m.42 views

CVE-1999-0786

The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.

4.6CVSS6.8AI score0.00154EPSS
CVE
CVE
added 2004/08/25 4:0 a.m.42 views

CVE-2004-0800

Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.

4.6CVSS6.6AI score0.00096EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.42 views

CVE-2004-1359

Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.

4.6CVSS7.5AI score0.00094EPSS
CVE
CVE
added 2011/01/19 4:0 p.m.42 views

CVE-2010-4415

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to libc.

4.1CVSS5.6AI score0.00059EPSS
CVE
CVE
added 2011/01/19 5:0 p.m.42 views

CVE-2010-4443

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/NFS.

4.4CVSS5.9AI score0.00059EPSS
CVE
CVE
added 2011/01/19 5:0 p.m.42 views

CVE-2010-4446

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to RDS and Kernel/InfiniBand.

4.6CVSS5.7AI score0.00043EPSS
CVE
CVE
added 2011/07/21 12:55 a.m.42 views

CVE-2011-2293

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to Zones.

4.9CVSS5.7AI score0.00049EPSS
CVE
CVE
added 2012/07/17 11:55 p.m.42 views

CVE-2012-3112

Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Solaris Management Console.

4.3CVSS5.9AI score0.006EPSS
CVE
CVE
added 2012/08/16 10:38 a.m.42 views

CVE-2012-4286

The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file.

4.3CVSS6.2AI score0.02186EPSS
CVE
CVE
added 2013/07/17 1:41 p.m.42 views

CVE-2013-3797

Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Filesystem/DevFS.

4.7CVSS5.6AI score0.0014EPSS
CVE
CVE
added 2014/10/15 3:55 p.m.42 views

CVE-2014-4280

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than CVE-2014-4284.

4.6CVSS5.7AI score0.00144EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.41 views

CVE-2001-0548

Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable.

4.6CVSS6.8AI score0.00123EPSS
CVE
CVE
added 2007/10/12 9:17 p.m.41 views

CVE-2007-5422

Unspecified vulnerability in "Solaris Auditing" in the Basic Security Module (BSM) in Sun Solaris 10, when configured for auditing of networking (nt) events, allows local users to cause a denial of service (panic) via unspecified vectors.

4.9CVSS6.2AI score0.00058EPSS
Total number of security vulnerabilities114