Opensolaris

opensolaris

Vendor: Sun • 113 CVEs

CVEs (113)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-1291 2Cisco Sun 3Evolved Programmable Network Manager OpensolarisPrime Infrastructure May 6, 2026 Apr 6, 2016 N/A· v4 9.8 CRITICAL· v3 9.3 HIGH· v2 Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID...Show more Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192.Show less
CVE-2016-1290 2Cisco Sun 3Evolved Programmable Network Manager OpensolarisPrime Infrastructure May 6, 2026 Apr 6, 2016 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to bypass intended RBAC restrictions and gain privileges via an H...Show more The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to bypass intended RBAC restrictions and gain privileges via an HTTP request that is inconsistent with a pattern filter, aka Bug ID CSCuy10227.Show less
CVE-2015-6313 3Sun ZyxelZzinc 3Gs1900 10hp Firmware Keymouse FirmwareOpensolaris May 6, 2026 Apr 6, 2016 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of servic...Show more Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP requests that are not followed by an unspecified negotiation, aka Bug ID CSCuv47565.Show less
CVE-2016-1314 1Sun 1Opensolaris May 6, 2026 Mar 28, 2016 N/A· v4 6.1 MEDIUM· v3 3.5 LOW· v2 Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (CDM) 8.1(1) allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux80760.
CVE-2016-1350 6Cisco LenovoSamsung+3 more 6Gs1900 10hp Firmware Ios XeKeymouse Firmware+3 more May 6, 2026 Mar 26, 2016 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.
CVE-2016-1349 7Cisco IntelNetgear+4 more 7Core I5 9400f Firmware Gs1900 10hp FirmwareIos Xe+4 more May 6, 2026 Mar 26, 2016 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Insta...Show more The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.Show less
CVE-2016-1348 6Cisco NetgearSamsung+3 more 6Gs1900 10hp Firmware Ios XeJr6150 Firmware+3 more May 6, 2026 Mar 26, 2016 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.
CVE-2016-1344 7Cisco LenovoNetgear+4 more 7Gs1900 10hp Firmware Ios XeJr6150 Firmware+4 more May 6, 2026 Mar 26, 2016 N/A· v4 5.9 MEDIUM· v3 7.1 HIGH· v2 The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.
CVE-2015-0718 6Cisco NetgearSamsung+3 more 7Gs1900 10hp Firmware Jr6150 FirmwareKeymouse Firmware+4 more May 6, 2026 Mar 3, 2016 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted...Show more Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579.Show less
CVE-2016-1329 4Samsung SunZyxel+1 more 4Gs1900 10hp Firmware Keymouse FirmwareOpensolaris+1 more May 6, 2026 Mar 3, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileg...Show more Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.Show less
CVE-2016-1331 1Sun 1Opensolaris May 6, 2026 Feb 15, 2016 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 11.5(0.99833.5) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy10766.
CVE-2016-1319 4Samsung SunZyxel+1 more 4Gs1900 10hp Firmware Keymouse FirmwareOpensolaris+1 more May 6, 2026 Feb 9, 2016 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express...Show more Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958.Show less
CVE-2016-1302 5Cisco SamsungSun+2 more 5Gs1900 10hp Firmware Keymouse FirmwareNx Os+2 more May 6, 2026 Feb 7, 2016 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote a...Show more Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.Show less
CVE-2016-1310 1Sun 1Opensolaris May 6, 2026 Feb 6, 2016 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033.
CVE-2016-1306 1Sun 1Opensolaris May 6, 2026 Feb 6, 2016 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Fog Director 1.0(0) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux80466.
CVE-2015-6319 2Cisco Sun 2Opensolaris Rv Series Router Firmware May 6, 2026 Jan 27, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574.
CVE-2008-7300 1Sun 2Opensolaris Sunos Apr 29, 2026 Oct 5, 2011 N/A· v4 N/A· v3 8.5 HIGH· v2 The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Ma...Show more The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone.Show less
CVE-2009-4774 1Sun 2Opensolaris Solaris Apr 29, 2026 Apr 21, 2010 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of s...Show more Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225.Show less
CVE-2010-0559 1Sun 1Opensolaris Apr 29, 2026 Feb 5, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 The default configuration of Oracle OpenSolaris snv_91 through snv_131 allows attackers to have an unspecified impact via vectors related to using kclient to join a Windows Active Directory domain.
CVE-2010-0558 1Sun 1Opensolaris Apr 29, 2026 Feb 5, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 The default configuration of Oracle OpenSolaris snv_77 through snv_131 allows attackers to have an unspecified impact via vectors related to using smbadm to join a Windows Active Directory domain.

12 3 4 5 6 Next