Filtered by vendor Sun
Subscriptions
Filtered by product Solaris
Subscriptions
Total
545 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3825 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| The IPv4 implementation in Sun Solaris 10 before 20060721 allows local users to select routes that differ from the routing table, possibly facilitating firewall bypass or unauthorized network communication. | ||||
| CVE-2006-3920 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm. | ||||
| CVE-2006-3824 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness error or integer underflow. | ||||
| CVE-1999-0213 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. | ||||
| CVE-2006-4139 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Race condition in Sun Solaris 10 allows attackers to cause a denial of service (system panic) via unspecified vectors related to ifconfig and either netstat or SNMP queries. | ||||
| CVE-2006-4307 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319. | ||||
| CVE-2006-4303 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun Solaris 10 allows remote attackers to cause a denial of service ("tight loop" and CPU consumption for listener applications) via unknown vectors related to TCP fusion (do_tcp_fusion). | ||||
| CVE-1999-0057 | 5 Eric Allman, Freebsd, Hp and 2 more | 7 Vacation, Freebsd, Hp-ux and 4 more | 2025-04-03 | N/A |
| Vacation program allows command execution by remote users through a sendmail command. | ||||
| CVE-2006-4655 | 2 Sco, Sun | 2 Unixware, Solaris | 2025-04-03 | N/A |
| Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value. | ||||
| CVE-1999-0859 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly. | ||||
| CVE-1999-0908 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter. | ||||
| CVE-1999-0321 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Buffer overflow in Solaris kcms_configure command allows local users to gain root access. | ||||
| CVE-1999-1137 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone. | ||||
| CVE-1999-0442 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Solaris ff.core allows local users to modify files. | ||||
| CVE-1999-1402 | 2 Freebsd, Sun | 3 Freebsd, Solaris, Sunos | 2025-04-03 | N/A |
| The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket. | ||||
| CVE-1999-1432 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges. | ||||
| CVE-2005-3781 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that cause in.named to "make unnecessary queries." | ||||
| CVE-2000-0407 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option. | ||||
| CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2025-04-03 | N/A |
| Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | ||||
| CVE-1999-0097 | 3 Hp, Ibm, Sun | 4 Hp-ux, Aix, Solaris and 1 more | 2025-04-03 | N/A |
| The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). | ||||