Filtered by vendor Sun
Subscribe
Total
1705 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4351 | 2 Redhat, Sun | 2 Icedtea, Openjdk | 2023-02-12 | 6.8 MEDIUM | N/A |
| The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader. | |||||
| CVE-2009-0581 | 4 Gimp, Littlecms, Mozilla and 1 more | 4 Gimp, Little Cms, Firefox and 1 more | 2023-02-12 | 4.3 MEDIUM | N/A |
| Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file. | |||||
| CVE-2011-0706 | 2 Redhat, Sun | 2 Icedtea-web, Jdk | 2023-02-12 | 7.5 HIGH | N/A |
| The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descriptor." | |||||
| CVE-2009-0793 | 2 Littlecms, Sun | 2 Lcms, Openjdk | 2023-02-12 | 4.3 MEDIUM | N/A |
| cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles." | |||||
| CVE-2009-0794 | 1 Sun | 1 Openjdk | 2023-02-12 | 5.0 MEDIUM | N/A |
| Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line. | |||||
| CVE-2013-0543 | 4 Hp, Ibm, Linux and 1 more | 4 Hp-ux, Websphere Application Server, Linux Kernel and 1 more | 2022-12-13 | 6.8 MEDIUM | N/A |
| IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Linux, Solaris, and HP-UX, when a Local OS registry is used, does not properly validate user accounts, which allows remote attackers to bypass intended access restrictions via unspecified vectors. | |||||
| CVE-2012-1717 | 5 Linux, Oracle, Redhat and 2 more | 19 Linux Kernel, Jdk, Jre and 16 more | 2022-12-13 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux. | |||||
| CVE-2001-1583 | 1 Sun | 1 Sunos | 2022-09-13 | 10.0 HIGH | N/A |
| lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. | |||||
| CVE-2003-1229 | 1 Sun | 4 Java Web Start, Jdk, Jre and 1 more | 2022-09-13 | 7.5 HIGH | N/A |
| X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01, (2) JSSE before 1.0.3, (3) Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and (4) Java Web Start 1.0 through 1.2 incorrectly calls the isClientTrusted method when determining server trust, which results in improper validation of digital certificate and allows remote attackers to (1) falsely authenticate peers for SSL or (2) incorrectly validate signed JAR files. | |||||
| CVE-1999-0165 | 3 Bsdi, Linux, Sun | 5 Bsd Os, Linux Kernel, Nfs and 2 more | 2022-08-17 | 10.0 HIGH | N/A |
| NFS cache poisoning. | |||||
| CVE-1999-0214 | 1 Sun | 1 Sunos | 2022-08-17 | 10.0 HIGH | N/A |
| Denial of service by sending forged ICMP unreachable packets. | |||||
| CVE-1999-0982 | 1 Sun | 2 Solaris, Web-based Enterprise Management | 2022-08-17 | 7.2 HIGH | N/A |
| The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. | |||||
| CVE-1999-0966 | 1 Sun | 1 Sunos | 2022-08-17 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0]. | |||||
| CVE-1999-0626 | 1 Sun | 1 Rpc.ruserd | 2022-08-17 | 0.0 LOW | N/A |
| A version of rusers is running that exposes valid user information to any entity on the network. | |||||
| CVE-2000-0069 | 1 Sun | 1 Solstice Backup | 2022-08-17 | 2.1 LOW | N/A |
| The recover program in Solstice Backup allows local users to restore sensitive files. | |||||
| CVE-1999-0513 | 7 Digital, Freebsd, Hp and 4 more | 8 Unix, Freebsd, Hp-ux and 5 more | 2022-08-17 | 5.0 MEDIUM | N/A |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. | |||||
| CVE-1999-0339 | 1 Sun | 2 Solaris, Sunos | 2022-08-17 | 7.2 HIGH | N/A |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. | |||||
| CVE-1999-0303 | 4 Digital, Netbsd, Openbsd and 1 more | 5 Osf 1, Netbsd, Openbsd and 2 more | 2022-08-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. | |||||
| CVE-1999-0517 | 2 Hp, Sun | 2 Hp-ux, Sunos | 2022-08-17 | 7.5 HIGH | N/A |
| An SNMP community name is the default (e.g. public), null, or missing. | |||||
| CVE-1999-0318 | 4 Hp, Ibm, Redhat and 1 more | 5 Hp-ux, Aix, Linux and 2 more | 2022-08-17 | 7.2 HIGH | N/A |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. | |||||