Total
545 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-2296 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-28 | 10.0 HIGH | N/A |
The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors. | |||||
CVE-2008-5111 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-28 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function. | |||||
CVE-2009-3390 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-28 | 7.2 HIGH | N/A |
Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsitadm programs in Sun Solaris 10, and OpenSolaris snv_28 through snv_109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library. | |||||
CVE-2008-2710 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed comparison. | |||||
CVE-2008-0212 | 4 Hp, Linux, Microsoft and 1 more | 5 Hp-ux, Openview Network Node Manager, Linux Kernel and 2 more | 2024-02-28 | 7.8 HIGH | N/A |
ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access. | |||||
CVE-2007-3248 | 1 Sun | 1 Solaris | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in Sun Solaris 10 before 20070614, when IPv6 interfaces are present but not configured for IPsec, allows remote attackers to cause a denial of service (system crash) via certain network traffic. | |||||
CVE-2007-1223 | 3 Hitachi, Ibm, Sun | 4 Hi-ux\/we2, Osas\/ft\/w, Aix and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows attackers to cause a denial of service (responder control processing halt) by sending "data unexpectedly through the port". | |||||
CVE-2007-0668 | 1 Sun | 1 Solaris | 2024-02-28 | 6.2 MEDIUM | N/A |
The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in a non-global zone to move and rename files in a read-only filesystem, which could lead to a denial of service. | |||||
CVE-2007-4732 | 1 Sun | 1 Solaris | 2024-02-28 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function. | |||||
CVE-2007-5368 | 1 Sun | 1 Solaris | 2024-02-28 | 4.9 MEDIUM | N/A |
Multiple unspecified vulnerabilities in labeld in Trusted Extensions in Sun Solaris 10 allow local users to cause a denial of service (multiple application hang) via unspecified vectors. | |||||
CVE-2008-0933 | 1 Sun | 1 Solaris | 2024-02-28 | 4.7 MEDIUM | N/A |
Multiple race conditions in the CPU Performance Counters (cpc) subsystem in the kernel in Sun Solaris 10 allow local users to cause a denial of service (panic) via unspecified vectors related to kcpc_unbind and kcpc_restore. | |||||
CVE-2007-5462 | 1 Sun | 1 Solaris | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems. | |||||
CVE-2007-2191 | 7 Bsd, Freepbx, Hp and 4 more | 8 Bsd, Freepbx, Hp-ux and 5 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php. | |||||
CVE-2007-1794 | 2 Mozilla, Sun | 3 Mozilla, Solaris, Sunos | 2024-02-28 | 10.0 HIGH | N/A |
The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this issue might be related to CVE-2006-3805. | |||||
CVE-2007-6216 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 4.7 MEDIUM | N/A |
Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to cause a denial of service (system hang) via some programs that access hardware resources, as demonstrated by the (1) cfgadm and (2) format programs. | |||||
CVE-2007-3723 | 1 Sun | 1 Solaris | 2024-02-28 | 2.1 LOW | N/A |
The process scheduler in the Sun Solaris kernel does not make use of the process statistics kept by the kernel and performs scheduling based upon CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges." | |||||
CVE-2008-1205 | 1 Sun | 1 Solaris | 2024-02-28 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daemon for IPsec security associations is running, allows local users to cause a denial of service (panic) via unspecified vectors. | |||||
CVE-2007-5632 | 1 Sun | 1 Solaris | 2024-02-28 | 4.9 MEDIUM | N/A |
Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to cause a denial of service (panic), related to the support for retrieval of kernel statistics, and possibly related to the sfmmu_mlspl_enter or sfmmu_mlist_enter functions. | |||||
CVE-2006-5073 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013. | |||||
CVE-2007-1913 | 8 Apple, Hp, Ibm and 5 more | 11 Macos, Hp-ux, Tru64 and 8 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. |