Search Results (1712 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1347 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash) via an invalid X Display Manager Control Protocol (XDMCP) request.
CVE-2001-0078 1 Sun 1 Cluster 2026-04-16 N/A
in.mond in Sun Cluster 2.x allows local users to read arbitrary files via a symlink attack on the status file of a host running HA-NFS.
CVE-1999-0818 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.
CVE-1999-0209 1 Sun 1 Sunos 2026-04-16 N/A
The SunView (SunTools) selection_svc facility allows remote users to read files.
CVE-2004-1346 1 Sun 1 Solaris 2026-04-16 N/A
The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM.
CVE-2004-1345 1 Sun 3 Enterprise Storage Manager, Storedge 3310 Scsi Array, Storedge 3510 Fc Array 2026-04-16 N/A
Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.
CVE-2001-0077 1 Sun 1 Cluster 2026-04-16 N/A
The clustmon service in Sun Cluster 2.x does not require authentication, which allows remote attackers to obtain sensitive information such as system logs and cluster configurations.
CVE-2004-1307 11 Apple, Avaya, Conectiva and 8 more 20 Mac Os X, Mac Os X Server, Call Management System Server and 17 more 2026-04-16 N/A
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
CVE-2004-1180 3 Debian, Mandrakesoft, Sun 5 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more 2026-04-16 N/A
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
CVE-2001-0059 1 Sun 1 Sunos 2026-04-16 N/A
patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack.
CVE-1999-0806 1 Sun 1 Sunos 2026-04-16 N/A
Buffer overflow in Solaris dtprintinfo program.
CVE-2004-1170 3 Gnu, Sun, Suse 3 A2ps, Java Desktop System, Suse Linux 2026-04-16 N/A
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
CVE-2004-1082 8 Apache, Apple, Avaya and 5 more 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more 2026-04-16 N/A
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
CVE-2000-1156 1 Sun 1 Staroffice 2026-04-16 N/A
StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice.
CVE-2004-1029 5 Conectiva, Gentoo, Hp and 2 more 8 Linux, Linux, Hp-ux and 5 more 2026-04-16 N/A
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
CVE-2004-0827 9 Conectiva, Enlightenment, Imagemagick and 6 more 14 Linux, Imlib, Imlib2 and 11 more 2026-04-16 N/A
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
CVE-2000-1099 1 Sun 1 Jdk 2026-04-16 N/A
Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities.
CVE-1999-0797 1 Sun 1 Sunos 2026-04-16 N/A
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
CVE-1999-0190 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.
CVE-1999-0084 1 Sun 1 Nfs 2026-04-16 8.4 High
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.