Filtered by vendor Sun
Subscribe
Total
1705 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2166 | 1 Sun | 1 Java System Web Server | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the search module in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unknown parameters in index.jsp. | |||||
| CVE-2008-1356 | 1 Sun | 1 Solaris | 2017-08-07 | 6.3 MEDIUM | N/A |
| Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using the GNOME On-Screen Keyboard (GOK), allows local users to bypass authentication via unknown vectors that cause the screen saver to crash. | |||||
| CVE-2008-1756 | 1 Sun | 1 N1 Grid Engine | 2017-08-07 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Qmaster daemon in Sun N1 Grid Engine 6.1 allows local users to cause a denial of service (daemon crash) via unspecified vectors. | |||||
| CVE-2008-1205 | 1 Sun | 1 Solaris | 2017-08-07 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daemon for IPsec security associations is running, allows local users to cause a denial of service (panic) via unspecified vectors. | |||||
| CVE-2007-6572 | 1 Sun | 2 Java System Web Proxy Server, Java System Web Server | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204. | |||||
| CVE-2007-6570 | 1 Sun | 2 Java System Web Proxy Server, Java System Web Server | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309. | |||||
| CVE-2007-6481 | 1 Sun | 1 Ray Server Software | 2017-08-07 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to create or delete arbitrary directories via unspecified vectors. | |||||
| CVE-2007-6571 | 1 Sun | 2 Java System Web Proxy Server, Java System Web Server | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356. | |||||
| CVE-2007-6413 | 1 Sun | 1 Solaris | 2017-08-07 | 9.3 HIGH | N/A |
| Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later 120011-* and 120012-* patches, allows remote attackers to bypass certain netgroup restrictions and obtain root access to a filesystem via NFS requests from a client root user. | |||||
| CVE-2008-0709 | 4 Hp, Microsoft, Redhat and 1 more | 6 Hp-ux, Select Identity, Windows 2003 Server and 3 more | 2017-08-07 | 5.5 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to access other user accounts via unknown vectors, a different issue than CVE-2008-0214. | |||||
| CVE-2007-6360 | 1 Sun | 2 Extended System Control Facility Xcp 1040, Sparc Enterprise Server | 2017-08-07 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attackers to cause a denial of service (reboot) via (1) telnet, (2) ssh, or (3) http network traffic that triggers memory exhaustion. | |||||
| CVE-2004-2759 | 1 Sun | 4 Storedge Qfs, Storedge Sam-qfs, Storeedge Performance Suite and 1 more | 2017-08-07 | 2.1 LOW | N/A |
| Shared Sun StorEdge QFS and SAM-QFS file systems, as used in Utilization Suite 4.0 through 4.1 and Performance Suite 4.0 through 4.1, might allow local users to read portions of deleted files by accessing data within sparse files. | |||||
| CVE-2008-1204 | 1 Sun | 1 Java System Access Manager | 2017-08-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) Help and (2) Version windows. | |||||
| CVE-2004-2758 | 1 Sun | 1 Sunforum | 2017-08-07 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | |||||
| CVE-2007-6180 | 1 Sun | 1 Solaris | 2017-07-28 | 7.6 HIGH | N/A |
| Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors. | |||||
| CVE-2007-6225 | 1 Sun | 1 Solaris | 2017-07-28 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows local users in a Linux (lx) branded zone to cause a denial of service (panic) via unspecified vectors. | |||||
| CVE-2007-5726 | 1 Sun | 1 Solaris | 2017-07-28 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Stream Control Transmission Protocol (sctp) functionality in Sun Solaris 10, when at least one SCTP socket is in the LISTEN state, allows remote attackers to cause a denial of service (panic) via unspecified vectors related to "INIT processing." | |||||
| CVE-2007-5717 | 1 Sun | 2 Embedded Lights Out Manager, Sun Fire | 2017-07-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) on x86 before firmware 2.70 allows remote attackers to execute arbitrary commands as root on the Service Processor (SP) via unspecified vectors, a different vulnerability than CVE-2007-5170. | |||||
| CVE-2007-5462 | 1 Sun | 1 Solaris | 2017-07-28 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems. | |||||
| CVE-2007-5152 | 1 Sun | 2 Java System Access Manager, Java System Application Server | 2017-07-28 | 7.5 HIGH | N/A |
| Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks. | |||||