Total
545 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-3643 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652. | |||||
CVE-2010-3642 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652. | |||||
CVE-2010-3641 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652. | |||||
CVE-2010-3640 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652. | |||||
CVE-2010-3639 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. | |||||
CVE-2010-3636 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2024-11-21 | 9.3 HIGH | N/A |
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors. | |||||
CVE-2010-2594 | 7 Ibm, Intersect Alliance, Linux and 4 more | 14 Aix, Snare Agent, Snare Epilog and 11 more | 2024-11-21 | 6.8 MEDIUM | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port. | |||||
CVE-2010-1183 | 1 Sun | 1 Solaris | 2024-11-21 | 3.3 LOW | N/A |
Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager. | |||||
CVE-2010-0453 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 4.9 MEDIUM | N/A |
The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision. | |||||
CVE-2010-0444 | 2 Hp, Sun | 2 Operations Agent, Solaris | 2024-11-21 | 10.0 HIGH | N/A |
HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10 uses a blank password for the opc_op account, which allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2010-0310 | 1 Sun | 1 Solaris | 2024-11-21 | 6.8 MEDIUM | N/A |
Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to omission of unspecified libraries from software updates. | |||||
CVE-2009-4777 | 4 Hitachi, Hp, Microsoft and 1 more | 17 Job Management Partner 1\/automatic Job Management System 2-view, Job Management Partner 1\/integrated Management-view, Job Management Partner 1\/integrated Manager-console View and 14 more | 2024-11-21 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in multiple versions of Hitachi JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer, allows remote attackers to cause a denial of service ("abnormal" termination) via vectors related to the display of an "invalid GIF file." | |||||
CVE-2009-4774 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225. | |||||
CVE-2009-4502 | 3 Freebsd, Sun, Zabbix | 3 Freebsd, Solaris, Zabbix | 2024-11-21 | 9.3 HIGH | N/A |
The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this attack is limited to attacks from trusted IP addresses. | |||||
CVE-2009-4314 | 1 Sun | 2 Ray Server Software, Solaris | 2024-11-21 | 4.4 MEDIUM | N/A |
Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking (AMGH) is enabled, responds to a logout action by immediately logging the user in again, which makes it easier for physically proximate attackers to obtain access to a session by going to an unattended DTU device. | |||||
CVE-2009-4211 | 2 Disa, Sun | 2 Srr For Solaris, Solaris | 2024-11-21 | 9.3 HIGH | N/A |
The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, which allows local users to gain privileges via a Trojan horse program. | |||||
CVE-2009-4187 | 1 Sun | 2 Java System Portal Server, Solaris | 2024-11-21 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2009-4075 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the timeout mechanism in sshd in Sun Solaris 10, and OpenSolaris snv_99 through snv_123, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors that trigger a "dangling sshd authentication thread." | |||||
CVE-2009-3899 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 7.8 HIGH | N/A |
Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | |||||
CVE-2009-3877 | 3 Linux, Microsoft, Sun | 6 Linux Kernel, Windows, Jdk and 3 more | 2024-11-21 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911. |