Filtered by vendor Sun
Subscriptions
Total
1712 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1780 | 1 Sun | 1 Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors. | ||||
| CVE-2008-1778 | 1 Sun | 1 Sunos | 2025-04-09 | N/A |
| Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms might allow local users to cause a denial of service (application exit), corrupt data, or trigger incorrect calculations via unknown vectors. | ||||
| CVE-2008-3425 | 1 Sun | 2 Java System Web Server Plugin, N1 Service Provisioning System | 2025-04-09 | N/A |
| Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin in Sun N1 Service Provisioning System (SPS) 5.2 and 6.0 allows remote authenticated SPS users to gain administrative access to the web server via unknown attack vectors. | ||||
| CVE-2008-1995 | 1 Sun | 1 Java System Directory Server | 2025-04-09 | N/A |
| Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server. | ||||
| CVE-2008-2166 | 1 Sun | 1 Java System Web Server | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the search module in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unknown parameters in index.jsp. | ||||
| CVE-2008-2404 | 1 Sun | 1 Java Asp Server | 2025-04-09 | N/A |
| Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field. | ||||
| CVE-2008-2406 | 1 Sun | 1 Java Asp Server | 2025-04-09 | N/A |
| The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102. | ||||
| CVE-2008-2518 | 1 Sun | 1 Java System Web Server | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the next parameter. | ||||
| CVE-2008-2552 | 1 Sun | 2 Service Tag, Sunos | 2025-04-09 | N/A |
| Unspecified vulnerability in the Service Tag Registry on Sun Solaris 10, and Sun Service Tag before 1.1.3, allows local users to cause a denial of service (disk consumption) via unspecified vectors. | ||||
| CVE-2008-3106 | 2 Redhat, Sun | 4 Network Satellite, Rhel Extras, Jdk and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105. | ||||
| CVE-2008-3110 | 2 Redhat, Sun | 3 Rhel Extras, Jdk, Jre | 2025-04-09 | N/A |
| Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to obtain sensitive information by using an applet to read information from another applet. | ||||
| CVE-2008-0240 | 1 Sun | 1 Java System Identity Manager | 2025-04-09 | N/A |
| /idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via the helpUrl parameter, aka "frame injection." | ||||
| CVE-2008-3112 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Jdk and 2 more | 2025-04-09 | N/A |
| Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEntry class, aka CR 6703909. | ||||
| CVE-2009-2724 | 2 Redhat, Sun | 2 Rhel Extras, Java Se | 2025-04-09 | N/A |
| Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks." | ||||
| CVE-2009-1796 | 1 Sun | 1 Java System Portal Server | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to an error page. | ||||
| CVE-2007-5019 | 1 Sun | 3 Java Web Start, Jre, Sdk | 2025-04-09 | N/A |
| Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment (JRE) 1.6.0_X allows remote attackers to have an unknown impact via a long argument to the dnsResolve (isInstalled.dnsResolve) method. | ||||
| CVE-2009-0723 | 5 Gimp, Littlecms, Mozilla and 2 more | 5 Gimp, Little Cms, Firefox and 2 more | 2025-04-09 | N/A |
| Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2004-2764 | 1 Sun | 2 Jre, Sdk | 2025-04-09 | N/A |
| Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, 1.4.1 through 1.4.1_07, and 1.4.0 through 1.4.0_04 allows untrusted applets and unprivileged servlets to gain privileges and read data from other applets via unspecified vectors related to classes in the XSLT processor, aka "XML sniffing." | ||||
| CVE-2007-3880 | 1 Sun | 2 Net Connect Software, Sunos | 2025-04-09 | N/A |
| Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog. | ||||
| CVE-2007-3922 | 2 Redhat, Sun | 5 Enterprise Linux, Rhel Extras, Jdk and 2 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet. | ||||