Filtered by vendor Sun
Subscriptions
Total
1712 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0482 | 1 Sun | 1 Ray Server Software | 2025-04-09 | N/A |
| cgi-bin/main in Sun Ray Server Software 2.0 and 3.0 before 20070123 allows local users to obtain the utadmin password by reading a web server's log file, or by conducting a different, unspecified local attack. | ||||
| CVE-2009-0346 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-09 | N/A |
| The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection. | ||||
| CVE-2007-3794 | 6 Hitachi, Hp, Ibm and 3 more | 16 Cosminexus Application Server, Cosminexus Client, Cosminexus Developer and 13 more | 2025-04-09 | N/A |
| Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application. | ||||
| CVE-2009-3878 | 2 Intevydis, Sun | 2 Vulndisco Pack, Java System Web Server | 2025-04-09 | N/A |
| Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vd_sjws module in VulnDisco Pack Professional 8.12. NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2009-2723 | 2 Redhat, Sun | 2 Rhel Extras, Java Se | 2025-04-09 | N/A |
| Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, aka BugId 6444262. | ||||
| CVE-2009-2719 | 2 Redhat, Sun | 2 Rhel Extras, Java Se | 2025-04-09 | N/A |
| The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service (NullPointerException) via a crafted .jnlp file, as demonstrated by the jnlp_file/appletDesc/index.html#misc test in the Technology Compatibility Kit (TCK) for the Java Network Launching Protocol (JNLP). | ||||
| CVE-2007-1346 | 1 Sun | 1 Sun Fire | 2025-04-09 | N/A |
| Unspecified vulnerability in ipmitool for Sun Fire X2100M2 and X2200M2 allows local users to gain privileges and reset or turn off the server. | ||||
| CVE-2007-6232 | 8 Ftp, Hp, Ibm and 5 more | 9 Admin, Hp-ux, Tru64 and 6 more | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action. | ||||
| CVE-2009-2715 | 1 Sun | 1 Virtualbox | 2025-04-09 | N/A |
| Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause a denial of service (Linux host OS reboot) via a sysenter instruction. | ||||
| CVE-2009-3879 | 2 Redhat, Sun | 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057. | ||||
| CVE-2009-2714 | 1 Sun | 1 Virtualbox | 2025-04-09 | N/A |
| Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 allows guest OS users to cause a denial of service (host OS reboot) via unknown vectors. | ||||
| CVE-2009-1006 | 2 Oracle, Sun | 4 Jrockit, Jdk, Jre and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| CVE-2009-2704 | 1 Sun | 1 J2ee | 2025-04-09 | N/A |
| CA SiteMinder allows remote attackers to bypass cross-site scripting (XSS) protections for J2EE applications via a request containing a %00 (encoded null byte). | ||||
| CVE-2007-1918 | 8 Apple, Hp, Ibm and 5 more | 11 Macos, Hp-ux, Tru64 and 8 more | 2025-04-09 | N/A |
| The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. | ||||
| CVE-2009-2712 | 1 Sun | 3 Java System Access Manager, Java System Web Server, Opensso Enterprise | 2025-04-09 | N/A |
| Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files. | ||||
| CVE-2007-1945 | 5 Hp, Ibm, Linux and 2 more | 9 Hp-ux, Aix, I5os and 6 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors. | ||||
| CVE-2009-2458 | 1 Sun | 1 Sun Fire Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Sun Fire V215 Server, when using XVR-100 graphic cards on system boards with part number 375-3463 and a hardware dash level -04 or later, allows remote attackers to cause a denial of service (panic) via unknown vectors. | ||||
| CVE-2007-0165 | 1 Sun | 2 Solaris, Sunos | 2025-04-09 | N/A |
| Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind. | ||||
| CVE-2008-6192 | 1 Sun | 1 Java System Portal Server | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2009-2690 | 2 Redhat, Sun | 4 Enterprise Linux, Rhel Extras, Java Se and 1 more | 2025-04-09 | N/A |
| The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application. | ||||