Total
609 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1369 | 1 Sun | 2 Sparc Enterprise Server, Sunos | 2018-10-30 | 10.0 HIGH | N/A |
| A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors. | |||||
| CVE-2001-0699 | 1 Sun | 1 Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument. | |||||
| CVE-1999-1585 | 1 Sun | 1 Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges. | |||||
| CVE-1999-0806 | 1 Sun | 1 Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris dtprintinfo program. | |||||
| CVE-2001-0403 | 1 Sun | 1 Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| /opt/JSparm/bin/perfmon program in Solaris allows local users to create arbitrary files as root via the Logging File option in the GUI. | |||||
| CVE-1999-0212 | 1 Sun | 1 Sunos | 2018-10-30 | 7.8 HIGH | N/A |
| Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server. | |||||
| CVE-1999-1137 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 2.1 LOW | N/A |
| The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone. | |||||
| CVE-2001-0421 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 6.4 MEDIUM | N/A |
| FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition. | |||||
| CVE-2001-0652 | 1 Sun | 1 Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. | |||||
| CVE-2010-4435 | 1 Sun | 1 Sunos | 2018-10-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operating systems, such as HP-UX, or claims from a reliable third party that this is a buffer overflow in rpc.cmsd via long XDR-encoded ASCII strings in RPC call 10. | |||||
| CVE-2012-0711 | 3 Ibm, Linux, Sun | 4 Aix, Db2, Linux Kernel and 1 more | 2018-10-10 | 7.5 HIGH | N/A |
| Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow. | |||||
| CVE-2014-4239 | 2 Oracle, Sun | 2 Sunos, Sunos | 2018-10-09 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Common Agent Container (Cacao). | |||||
| CVE-2014-4225 | 1 Sun | 1 Sunos | 2018-10-09 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Patch installation scripts. | |||||
| CVE-2014-4224 | 2 Oracle, Sun | 2 Sunos, Sunos | 2018-10-09 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows local users to affect availability via unknown vectors related to sockfs. | |||||
| CVE-2014-4215 | 2 Oracle, Sun | 2 Sunos, Sunos | 2018-10-09 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers, a different vulnerability than CVE-2013-5862. | |||||
| CVE-2011-4834 | 3 Hp, Ibm, Sun | 4 Application Lifestyle Management, Hp-ux, Aix and 1 more | 2018-10-09 | 4.6 MEDIUM | N/A |
| The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt. | |||||
| CVE-1999-0104 | 4 Caldera, Hp, Microsoft and 1 more | 5 Openlinux, Hp-ux, Windows 95 and 2 more | 2018-08-22 | 5.0 MEDIUM | N/A |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. | |||||
| CVE-1999-1122 | 1 Sun | 1 Sunos | 2018-05-03 | 4.6 MEDIUM | N/A |
| Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges. | |||||
| CVE-1999-1080 | 1 Sun | 1 Sunos | 2018-05-03 | 7.2 HIGH | N/A |
| rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf. | |||||
| CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2018-05-03 | 5.0 MEDIUM | N/A |
| Teardrop IP denial of service. | |||||