threat
engine
.sh
Back
·
··:··
Home
/
Product
/
sun sunos
Product
sun sunos
500 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2015-0430
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC
CVE-2015-0429
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors rela
CVE-2015-0428
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to
CVE-2015-0397
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File S
CVE-2015-0375
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors re
CVE-2014-6600
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File S
CVE-2014-6575
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors relat
CVE-2014-6570
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File S
CVE-2014-6524
all versions
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unkno
CVE-2014-6521
all versions
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via vecto
CVE-2014-6518
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability via vectors related
CVE-2014-6510
all versions
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unkno
CVE-2014-6509
all versions
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability via unknown vectors related to Kernel.
CVE-2014-6481
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect confidentiality via vectors related to KSS
CVE-2014-6529
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability
CVE-2014-6508
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via vectors related to iS
CVE-2014-6501
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via vectors related to SSH.
CVE-2014-6497
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Kernel
CVE-2014-6490
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via vectors related to SMB serve
CVE-2014-6473
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availabilit
CVE-2014-6470
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via u
CVE-2014-4284
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via v
CVE-2014-4283
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related t
CVE-2014-4282
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via v
CVE-2014-4280
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via v
CVE-2014-4277
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related t
CVE-2014-4276
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability
CVE-2014-4275
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to SMB server ker
CVE-2014-4239
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows remote authenticated users to affect confidentiality via
CVE-2014-4225
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via u
CVE-2014-4224
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows local users to affect availability via unknown vectors r
CVE-2014-4215
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU perfo
CVE-2014-2469
all versions
Unspecified vulnerability in lighttpd in Oracle Solaris 11.1 allows attackers to cause a denial of service via unknown vectors.
CVE-2014-0447
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via unknown vectors related to K
CVE-2014-0442
all versions
Unspecified vulnerability in Oracle Solaris 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availabil
CVE-2014-0421
all versions
Unspecified vulnerability in Oracle Solaris 10, when running on the SPARC64-X Platform, allows local users to affect confidentiali
CVE-2013-5885
all versions
Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect integrity via unknown vectors related to Audit.
CVE-2013-5883
all versions
Unspecified vulnerability in Oracle Solaris 8 allows local users to affect integrity and availability via unknown vectors related
CVE-2013-5876
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via unknown vectors related to K
CVE-2013-5875
all versions
Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect integrity and availability via vectors related to Ro
CVE-2013-5872
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to Name Serv
CVE-2013-5834
all versions
Unspecified vulnerability in Oracle Solaris 8 allows local users to affect confidentiality, integrity, and availability via unknow
CVE-2013-5833
all versions
Unspecified vulnerability in Oracle Solaris 8 and 9 allows local users to affect availability via unknown vectors related to Files
CVE-2013-5821
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availa
CVE-2014-0390
all versions
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Java Web
CVE-2013-5866
all versions
Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect confidentiality, integrity, and availability via unk
CVE-2013-5865
all versions
Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect availability via unknown vectors related to Utility/
CVE-2013-5864
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to USB hub d
CVE-2013-5863
all versions
Unspecified vulnerability in Oracle Solaris 11.1 allows remote attackers to affect integrity via vectors related to IPS repository
CVE-2013-5862
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU perfo
CVE-2013-5861
all versions
Unspecified vulnerability in Oracle Solaris 11.1 allows remote attackers to affect availability via vectors related to Kernel/KSSL
CVE-2013-5839
all versions
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Oracle J
CVE-2013-3842
all versions
Unspecified vulnerability Oracle Solaris 10 allows local users to affect confidentiality via vectors related to Oracle Configurati
CVE-2013-3837
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows remote attackers to affect availability via unknown vectors related
CVE-2013-3813
all versions
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality and integrity via vectors related
CVE-2013-3799
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11, when running on AMD64, allows local users to affect availability via unknow
CVE-2013-3797
all versions
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Filesystem
CVE-2013-3787
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related t
CVE-2013-3786
all versions
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect confidentiality, integrity, and availabilit
CVE-2013-3765
all versions
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Kernel/VM.
CVE-2013-3757
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect integrity and availability via vect
CVE-2013-3753
all versions
Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via vectors related to Kernel/STREAM
CVE-2013-3752
all versions
Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect integrity via vectors related to Service Manageme
CVE-2013-3750
all versions
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unkno
CVE-2013-3748
all versions
Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via vectors related to Driver/IDM (i
CVE-2013-3745
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related
CVE-2013-0398
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors
CVE-2013-1530
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via unknown vectors related to Kernel
CVE-2013-1507
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to
CVE-2013-1499
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Networ
CVE-2013-1498
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to
CVE-2013-1496
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to
CVE-2013-1494
all versions
Unspecified vulnerability in Oracle Sun Solaris 10, when running on SPARC T4 servers, allows local users to affect availability vi
CVE-2013-0413
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availabilit
CVE-2013-0412
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect integrity and availability via unkno
CVE-2013-0411
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availabi
CVE-2013-0408
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to CPU performanc
CVE-2013-0406
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via unknown vectors via vectors rel
CVE-2013-0405
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality and integrity v
CVE-2013-0404
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via u
CVE-2013-0403
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors rel
CVE-2012-0570
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors rel
CVE-2012-0568
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality via unknown vectors rela
CVE-2013-0415
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via u
CVE-2013-0414
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availability via unknown vectors rel
CVE-2013-0407
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to
CVE-2013-0400
all versions
Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability
CVE-2013-0399
all versions
Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability
CVE-2012-3178
all versions
Unspecified vulnerability in the kernel in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors.
CVE-2012-0569
all versions
Unspecified vulnerability Oracle Sun Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors rel
CVE-2012-5095
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via u
CVE-2012-3215
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC, allows local users to affect confidentiality via
CVE-2012-3212
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC T4 servers, allows local users to affect availabi
CVE-2012-3211
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to
CVE-2012-3210
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via unknown vectors related to K
CVE-2012-3209
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC, allows local users to affect integrity and avail
CVE-2012-3208
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability, related to Kernel/RCTL.
CVE-2012-3207
all versions
Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows local users to affect availability via unknown vectors relate
CVE-2012-3205
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity via unknown vectors related to Vino serv
CVE-2012-3204
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via u
CVE-2012-3203
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, related to Gnome Display Manager GDM
CVE-2012-3199
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availabilit
CVE-2012-3189
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability, related to COMSTAR.
CVE-2012-3187
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via u
CVE-2012-3165
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality and integrity via un
CVE-2012-4298
all versions
Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wiresha
CVE-2012-4297
all versions
Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in
CVE-2012-4296
all versions
Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, an
CVE-2012-4295
all versions
Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wiresha
CVE-2012-4294
all versions
Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark
CVE-2012-4293
all versions
plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.
CVE-2012-4292
all versions
The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x b
CVE-2012-4291
all versions
The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a
CVE-2012-4290
all versions
The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause
CVE-2012-4289
all versions
epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 al
CVE-2012-4288
all versions
Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before
CVE-2012-4287
all versions
epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial
CVE-2012-4286
all versions
The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-a
CVE-2012-4285
all versions
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x be
CVE-2012-3131
all versions
Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows remote attackers to affect confidentiality, related to Networ
CVE-2012-3130
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect integrity via unknown vectors related to pkg.
CVE-2012-3129
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, integrity, and availability,
CVE-2012-3127
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect availability, related to SCTP.
CVE-2012-3125
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows remote attackers to affect availability, related to TCP/IP.
CVE-2012-3124
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect availability, related to Kernel/KSSL.
CVE-2012-3123
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, related to Apache HTTP Serve
CVE-2012-3122
all versions
Unspecified vulnerability in Oracle Sun Solaris 8 and 9 allows local users to affect confidentiality and integrity via unknown vec
CVE-2012-3121
all versions
Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows remote attackers to affect availability via unknown vectors relate
CVE-2012-3120
all versions
Unspecified vulnerability in Oracle Sun Solaris 8 allows remote attackers to affect availability, related to TCP/IP.
CVE-2012-3112
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Sola
CVE-2012-1765
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via unknown vectors related to Branded Z
CVE-2012-1752
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, related to Kernel/NFS.
CVE-2012-1750
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and avai
CVE-2012-1687
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability, related to Logical
CVE-2012-0563
all versions
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect availability via unknown vectors related to
CVE-2012-0217
<= 5.11
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other prod
CVE-2012-1698
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote authenticated users to affect confidentiality, related to Kernel/
CVE-2012-1694
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality and integrity, related to lib
CVE-2012-1692
all versions
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability, related to SCTP.
CVE-2012-1691
all versions
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via u
CVE-2012-1684
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and avai
CVE-2012-1683
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and avai
CVE-2012-1681
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors rel
CVE-2012-0539
all versions
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availabi
CVE-2012-0109
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality and availability
CVE-2012-0103
all versions
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to Ke
CVE-2012-0100
all versions
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and ava
CVE-2012-0099
all versions
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect availability via unknown vecto
CVE-2012-0098
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors
CVE-2012-0097
all versions
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect confidentiality via unknown vectors related to
CVE-2012-0096
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown ve
CVE-2012-0094
all versions
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect availability, related to TCP/I
CVE-2011-3543
all versions
Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to iSCSI DataMover
CVE-2011-3542
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors relate
CVE-2011-3515
all versions
Unspecified vulnerability in the Oracle Solaris 10 and 11 Express allows local users to affect integrity and availability via unkn
CVE-2011-3508
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect confidentiality, integrity,
CVE-2011-2313
all versions
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to ZFS, a different vulnerabilit
CVE-2008-7300
all versions
The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when
CVE-2011-2298
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote attackers to affect availability, related to KSSL.
CVE-2011-2296
all versions
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, related to Kernel/SCTP.
CVE-2011-2295
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to Driver/
CVE-2011-2294
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote attackers to affect availability, related to SSH.
CVE-2011-2293
all versions
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to Zo
CVE-2011-2291
all versions
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality via unknown vectors related to Trusted
CVE-2011-2290
all versions
Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows local users to affect availability via unknown vectors relat
CVE-2011-2289
all versions
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect integrity and availability via unknown vectors related
CVE-2011-2287
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown ve
CVE-2011-2285
all versions
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unkno
CVE-2011-2259
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to UFS.
CVE-2011-2258
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and
CVE-2011-2249
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote authenticated users to affect availability, related to TCP/
CVE-2011-0841
all versions
Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to TCP/IP.
CVE-2011-0839
all versions
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect availability, related to LOFS.
CVE-2011-0829
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/SPARC.
CVE-2011-0821
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown ve
CVE-2011-0820
all versions
Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows remote attackers to affect availability via unknown vectors
CVE-2011-0813
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors
CVE-2011-0812
all versions
Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availab
CVE-2011-0801
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect confidentiality and integrity via unkno
CVE-2011-0800
all versions
Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confide
CVE-2011-0790
all versions
Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality via unknown vectors related to w
CVE-2011-0412
all versions
Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/,
CVE-2010-4460
all versions
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors rela
CVE-2010-4459
all versions
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to SC
CVE-2010-4458
all versions
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, related to ZFS.
CVE-2010-4457
all versions
Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to SMB and CIFS.
CVE-2010-4446
all versions
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to RD
CVE-2010-4443
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/NFS.
CVE-2010-4442
all versions
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors relate
CVE-2010-4440
all versions
Unspecified vulnerability in Oracle 10 and 11 Express allows local users to affect availability via unknown vectors related to the
CVE-2010-4435
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availab
CVE-2010-4433
all versions
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality via unknown vectors related to Et
CVE-2010-4415
all versions
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability
CVE-2010-3586
all versions
Unspecified vulnerability in Oracle Solaris 9 allows local users to affect confidentiality and integrity via unknown vectors relat
CVE-2010-2632
all versions
Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availabil
CVE-2009-4191
all versions
Unspecified vulnerability in the kernel in Sun Solaris 10 and OpenSolaris 2009.06 on the x86-64 platform allows local users to gai
CVE-2009-4080
all versions
Multiple unspecified vulnerabilities in ldap_cachemgr (aka the LDAP client configuration cache daemon) in Sun Solaris 9 and 10, an
CVE-2009-0873
all versions
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combin
CVE-2009-0838
all versions
The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which al
CVE-2008-5550
all versions
Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 a
CVE-2008-4619
all versions
The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to pr
CVE-2008-3666
all versions
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial
CVE-2008-0965
all versions
Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is o
CVE-2008-0964
all versions
Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is om
CVE-2008-3450
all versions
Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 through 10 allows local users to gain privileges or cause a
CVE-2008-3426
all versions
Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and
CVE-2008-2946
all versions
The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attack
CVE-2008-2710
<= -
Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kerne
CVE-2008-2708
all versions
Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) UltraSPARC T2+ kernel modules in Sun Solaris 10, and OpenSolaris be
CVE-2008-2144
all versions
Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denia
CVE-2008-2121
all versions
The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of service (CPU consumption and new c
CVE-2008-1778
all versions
Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms might allow
CVE-2008-1480
all versions
rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request.
CVE-2008-1369
all versions
A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_conf
CVE-2008-1095
all versions
Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypa
CVE-2008-0269
all versions
Unspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a denial of service (panic) via
CVE-2007-6216
all versions
Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to c
CVE-2007-5921
all versions
Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to
CVE-2007-5422
all versions
Unspecified vulnerability in "Solaris Auditing" in the Basic Security Module (BSM) in Sun Solaris 10, when configured for auditing
CVE-2007-5225
all versions
Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of
CVE-2007-4395
all versions
Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers
CVE-2007-4310
all versions
The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstanda
CVE-2007-3717
all versions
rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to ga
CVE-2007-3223
all versions
Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service
CVE-2007-3094
all versions
Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 2
CVE-2007-3093
all versions
Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605
CVE-2007-2882
all versions
Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, a
CVE-2007-2529
all versions
Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local users to cause a denial of servi
CVE-2007-2465
all versions
Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create,
CVE-2007-2045
all versions
Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CP
CVE-2006-7140
all versions
The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes
CVE-2006-7028
all versions
Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console ha
CVE-2007-0895
all versions
Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allo
CVE-2007-0882
all versions
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certai
CVE-2007-0503
all versions
Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary command
CVE-2007-0470
all versions
Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unsp
CVE-2007-0165
all versions
Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malfor
CVE-2006-6495
all versions
Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precisio
CVE-2006-6494
all versions
Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (do
CVE-2006-6275
all versions
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified v
CVE-2006-5215
all versions
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10
CVE-2006-5214
all versions
Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and So
CVE-2006-5201
all versions
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_
CVE-2006-5073
all versions
Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6
CVE-2006-5012
all versions
Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable sys
CVE-2006-4319
all versions
Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System M
CVE-2006-4307
all versions
Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary file
CVE-2006-4306
all versions
Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified
CVE-2006-3920
all versions
The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource
CVE-2006-3728
all versions
Unspecified vulnerability in the kernel in Solaris 10 with patch 118822-29 (118844-29 on x86) and without patch 118833-11 (118855-
CVE-2006-3664
all versions
Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service
CVE-2006-3606
all versions
Unspecified vulnerability in Sun Solaris X Inter Client Exchange library (libICE) on Solaris 8 and 9 allows context-dependent atta
CVE-2006-1782
all versions
Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name (rootD
CVE-2006-1780
all versions
The Bourne shell (sh) in Solaris 8, 9, and 10 allows local users to cause a denial of service (sh crash) via an unspecified attack
CVE-2006-1092
all versions
Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users
CVE-2006-0901
all versions
Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service
CVE-2006-0227
all versions
Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable
CVE-2006-0161
all versions
Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown impact and attack vectors. NOTE: due to the vagueness of the
CVE-2005-4797
all versions
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete ar
CVE-2005-4796
all versions
Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown
CVE-2005-4795
all versions
Unspecified vulnerability in the multi-language environment library (libmle) in Solaris 7 and 8, as shipped with the Japanese loca
CVE-2005-3781
all versions
Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that ca
CVE-2005-3398
all versions
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRAC
CVE-2005-3099
all versions
Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary
CVE-2005-3071
all versions
Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a den
CVE-2005-2072
all versions
The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which al
CVE-2005-2032
all versions
Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files.
CVE-2005-0488
all versions
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read se
CVE-2005-1591
all versions
Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and N
CVE-2005-1518
all versions
Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, all
CVE-2005-1124
all versions
Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges
CVE-2005-0816
all versions
Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges.
CVE-2005-0426
all versions
Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that t
CVE-2005-0248
all versions
The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging,
CVE-2004-0791
all versions
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP
CVE-2004-0790
all versions
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed I
CVE-2004-0481
all versions
The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to c
CVE-2005-0447
all versions
Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets.
CVE-2004-2686
all versions
Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary ke
CVE-2004-2306
all versions
Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of secu
CVE-2004-1767
all versions
The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), p
CVE-2004-1394
all versions
The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_a
CVE-2004-1393
all versions
Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of se
CVE-2004-0780
all versions
Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument.
CVE-2004-1307
all versions
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitra
CVE-2004-1351
all versions
Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code.
CVE-2004-0496
all versions
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set
CVE-2004-1352
all versions
Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code.
CVE-2004-0360
all versions
Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.
CVE-2004-1353
all versions
Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute c
CVE-2004-1348
all versions
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash).
CVE-2004-0800
all versions
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in
CVE-2004-0523
all versions
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute
CVE-2004-0654
all versions
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wi
CVE-2004-1354
all versions
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist vers
CVE-2004-1355
all versions
Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) v
CVE-2004-1356
all versions
Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system pan
CVE-2004-1359
all versions
Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.
CVE-2004-1180
all versions
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a d
CVE-2004-1082
all versions
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which al
CVE-2003-1024
all versions
Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other user
CVE-2003-0999
all versions
Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execut
CVE-2003-1082
all versions
Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 47
CVE-2003-1076
all versions
Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and pos
CVE-2003-1073
all versions
A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with
CVE-2003-1066
all versions
Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash
CVE-2003-0914
all versions
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that
CVE-2003-1056
all versions
The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temp
CVE-2003-1057
all versions
Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary c
CVE-2003-1058
all versions
The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a de
CVE-2003-1059
all versions
Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain ro
CVE-2003-1060
all versions
The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS re
CVE-2003-1061
all versions
Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the na
CVE-2003-0694
all versions
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstr
CVE-2003-1081
all versions
Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file.
CVE-2003-0669
all versions
Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack
CVE-2003-0609
all versions
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges vi
CVE-2003-1063
all versions
The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.co
CVE-2003-1065
all versions
Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users t
CVE-2003-1055
all versions
Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname
CVE-2003-1067
all versions
Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 throu
CVE-2003-1068
all versions
Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 46
CVE-2003-1069
all versions
The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by
CVE-2003-0201
all versions
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and
CVE-2003-0196
all versions
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service
CVE-2003-1072
all versions
Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption).
CVE-2003-1070
all versions
Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).
CVE-2003-0161
all versions
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions
CVE-2003-0092
all versions
Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long
CVE-2003-0091
all versions
Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.
CVE-2003-0028
all versions
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries
CVE-2002-1337
all versions
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields,
CVE-2003-0064
all versions
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert i
CVE-2003-1078
all versions
The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login.
CVE-2003-0058
all versions
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (cra
CVE-2003-1079
all versions
Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to ca
CVE-2003-0027
all versions
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote a
CVE-2003-1075
all versions
Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (
CVE-2003-1071
all versions
rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from
CVE-2002-2327
all versions
Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows lo
CVE-2002-2203
all versions
Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes
CVE-2002-2197
all versions
Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /d
CVE-2002-1980
all versions
Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via un
CVE-2002-1871
all versions
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (
CVE-2002-1763
all versions
The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which al
CVE-2002-1584
all versions
Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly o
CVE-2002-1345
all versions
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwr
CVE-2002-1296
all versions
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." se
CVE-2002-1323
all versions
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe:
CVE-2002-1317
all versions
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a
CVE-2002-1587
all versions
The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an ap
CVE-2002-1586
all versions
Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the
CVE-2002-1585
all versions
Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service vi
CVE-2002-1590
all versions
The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when i
CVE-2002-1228
all versions
Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the l
CVE-2002-1199
all versions
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp,
CVE-2002-1589
all versions
Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parame
CVE-2002-0885
all versions
Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and
CVE-2002-0884
all versions
Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other ope
CVE-2002-0679
all versions
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to exec
CVE-2002-0797
all versions
Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
CVE-2002-0796
all versions
Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root priv
CVE-2002-0391
all versions
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC in
9.8
CRITICAL
CVE-2002-0436
all versions
sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metachar
CVE-2002-0678
all versions
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction
CVE-2002-0677
all versions
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibl
CVE-2002-0573
all versions
Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitra
CVE-2002-0572
all versions
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted fi
CVE-2002-0033
all versions
Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a req
CVE-2002-0158
all versions
Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) comman
CVE-2002-0089
all versions
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d
CVE-2002-0088
all versions
Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation pat
CVE-2002-0085
all versions
cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an
CVE-2002-0084
all versions
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via
CVE-2001-1583
<= 5.9
lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafte
CVE-2001-1582
all versions
Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a
CVE-2001-1555
all versions
pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users
CVE-2001-1503
all versions
The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts
CVE-2001-0797
all versions
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a l
CVE-2001-0652
<= 5.9
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) X
CVE-2001-0779
all versions
Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long
CVE-2001-1414
all versions
The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers
CVE-2001-0699
all versions
Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary co
CVE-2001-0565
<= 5.9
Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command li
CVE-2001-0554
all versions
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary comma
CVE-2001-0548
all versions
Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable.
CVE-2001-0595
all versions
Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KC
CVE-2001-0594
all versions
kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a c
CVE-2001-0353
all versions
Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privi
CVE-2001-1244
all versions
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting t
CVE-2001-1076
all versions
Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2)
CVE-2001-0426
all versions
Buffer overflow in dtsession on Solaris, and possibly other operating systems, allows local users to gain privileges via a long LA
CVE-2001-0422
all versions
Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental va
CVE-2001-0421
<= 5.9
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with wo
CVE-2001-0470
all versions
Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long
CVE-2001-1328
all versions
Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.
CVE-2001-0403
all versions
/opt/JSparm/bin/perfmon program in Solaris allows local users to create arbitrary files as root via the Logging File option in the
CVE-2001-0401
<= 5.9
Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental var
CVE-2001-0269
all versions
pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password.
CVE-2001-0236
all versions
Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "i
CVE-2001-0165
all versions
Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (proce
CVE-2001-0190
<= 5.8
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privil
CVE-2001-0124
all versions
Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line arg
CVE-2001-0115
all versions
Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.
CVE-2001-0095
all versions
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
CVE-2001-0059
all versions
patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack.
CVE-2000-0949
all versions
Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -
CVE-2000-0844
all versions
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows loc
CVE-2000-0471
all versions
Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.
CVE-2000-0407
all versions
Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.
CVE-2000-0337
all versions
Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter.
CVE-2000-0317
all versions
Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option.
CVE-2000-0316
all versions
Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option.
CVE-2000-0055
all versions
Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.
CVE-1999-1587
all versions
/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variable
CVE-1999-1586
all versions
loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileg
CVE-1999-1585
all versions
The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if f
CVE-1999-1584
all versions
Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 thr
CVE-1999-1102
<= 4.1.1
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary
CVE-2000-0032
all versions
Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.
CVE-2000-0030
all versions
Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.
CVE-1999-0977
all versions
Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.
CVE-1999-0974
all versions
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
CVE-1999-0973
all versions
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is runn
CVE-1999-0860
all versions
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
CVE-1999-0859
all versions
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
CVE-1999-0841
all versions
Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type.
CVE-1999-0840
all versions
Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option.
CVE-1999-0818
all versions
Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.
CVE-1999-0851
all versions
Denial of service in BIND named via naptr.
CVE-1999-0848
all versions
Denial of service in BIND named via consuming more than "fdmax" file descriptors.
CVE-1999-0837
all versions
Denial of service in BIND by improperly closing TCP sessions via so_linger.
CVE-1999-0835
all versions
Denial of service in BIND named via malformed SIG records.
CVE-1999-0833
all versions
Buffer overflow in BIND 8.2 via NXT records.
CVE-1999-0949
all versions
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
CVE-1999-0948
all versions
Buffer overflow in uum program for Canna input system allows local users to gain root privileges.
CVE-1999-0908
all versions
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursiv
CVE-1999-0786
all versions
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlin
CVE-1999-1014
all versions
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
CVE-1999-0691
all versions
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user na
CVE-1999-0689
all versions
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
CVE-1999-0687
all versions
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
CVE-1999-0767
all versions
Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.
CVE-1999-0875
all versions
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.
CVE-1999-0676
all versions
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.
CVE-1999-0674
all versions
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
CVE-1999-0696
all versions
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
CVE-1999-1023
all versions
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which
CVE-2000-0118
all versions
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows lo
CVE-1999-0493
all versions
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which
CVE-1999-0773
all versions
Buffer overflow in Solaris lpset program allows local users to gain root access.
CVE-1999-0806
all versions
Buffer overflow in Solaris dtprintinfo program.
CVE-1999-0417
all versions
64 bit Solaris 7 procfs allows local users to perform a denial of service.
CVE-1999-1371
all versions
Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal nam
CVE-1999-0410
all versions
The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.
CVE-1999-0223
all versions
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.
CVE-1999-0370
all versions
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.
CVE-1999-0952
all versions
Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.
CVE-1999-0442
all versions
Solaris ff.core allows local users to modify files.
CVE-1999-0188
all versions
The passwd command in Solaris can be subjected to a denial of service.
CVE-1999-0139
all versions
Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.
CVE-1999-0057
all versions
Vacation program allows command execution by remote users through a sendmail command.
CVE-1999-1025
all versions
CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is
CVE-1999-0056
all versions
Buffer overflow in Sun's ping program can give root access to local users.
CVE-1999-0302
all versions
SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.
CVE-1999-0065
all versions
Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.
CVE-1999-0339
all versions
Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.
CVE-1999-1432
all versions
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has com
CVE-1999-0263
all versions
Solaris SUNWadmap can be exploited to obtain root access.
CVE-1999-1297
all versions
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display
CVE-1999-0213
all versions
libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.
CVE-1999-0797
all versions
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of
CVE-1999-0054
all versions
Sun's ftpd daemon can be subjected to a denial of service.
CVE-1999-0008
all versions
Buffer overflow in NIS+, in Sun's rpc.nisd program.
CVE-1999-0303
all versions
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
CVE-1999-0055
all versions
Buffer overflows in Sun libnsl allow root access.
CVE-1999-0212
all versions
Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server.
CVE-1999-0069
all versions
Solaris ufsrestore buffer overflow.
8.4
HIGH
CVE-1999-0190
all versions
Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.
CVE-1999-0011
all versions
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
5.4
MEDIUM
CVE-1999-0010
all versions
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
CVE-1999-0009
all versions
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
CVE-1999-0003
all versions
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
CVE-1999-0795
all versions
The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information,
CVE-1999-0502
all versions
A Unix account has a default, null, blank, or missing password.
CVE-1999-0320
all versions
SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.
CVE-1999-0296
all versions
Solaris volrmmount program allows attackers to read any file.
CVE-1999-0125
all versions
Buffer overflow in SGI IRIX mailx program.
CVE-1999-0513
all versions
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
CVE-1999-0273
all versions
Denial of service through Solaris 2.5.1 telnet by sending ^D characters.
CVE-1999-0104
all versions
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
CVE-1999-0015
all versions
Teardrop IP denial of service.
CVE-1999-0017
all versions
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVE-1999-0018
all versions
Buffer overflow in statd allows root privileges.
CVE-1999-0016
all versions
Land IP denial of service.
CVE-1999-0210
all versions
Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.
CVE-1999-0097
all versions
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
CVE-1999-0300
all versions
nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.
CVE-1999-0295
all versions
Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges.
CVE-1999-0185
all versions
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin