Solaris

solaris

Vendor: Sun • 450 CVEs

CVEs (450)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2009-4774 1Sun 2Opensolaris Solaris Apr 29, 2026 Apr 21, 2010 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of s...Show more Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225.Show less
CVE-2010-1183 1Sun 1Solaris Apr 29, 2026 Mar 29, 2010 N/A· v4 N/A· v3 3.3 LOW· v2 Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager.
CVE-2010-0453 1Sun 2Opensolaris Solaris Apr 29, 2026 Feb 3, 2010 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0...Show more The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.Show less
CVE-2010-0310 1Sun 1Solaris Apr 23, 2026 Jan 14, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to omission of unspecified libraries from software updates.
CVE-2009-4075 1Sun 2Opensolaris Solaris Apr 23, 2026 Nov 25, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unspecified vulnerability in the timeout mechanism in sshd in Sun Solaris 10, and OpenSolaris snv_99 through snv_123, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors that trigger...Show more Unspecified vulnerability in the timeout mechanism in sshd in Sun Solaris 10, and OpenSolaris snv_99 through snv_123, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors that trigger a "dangling sshd authentication thread."Show less
CVE-2009-3899 1Sun 2Opensolaris Solaris Apr 23, 2026 Nov 6, 2009 N/A· v4 N/A· v3 7.8 HIGH· v2 Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2009-3851 1Sun 1Solaris Apr 23, 2026 Nov 3, 2009 N/A· v4 N/A· v3 7.2 HIGH· v2 Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended works...Show more Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the "restart daemon."Show less
CVE-2009-3839 1Sun 2Opensolaris Solaris Apr 23, 2026 Nov 2, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to t...Show more Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server.Show less
CVE-2009-3746 1Sun 1Solaris Apr 23, 2026 Oct 22, 2009 N/A· v4 N/A· v3 1.9 LOW· v2 XScreenSaver in Sun Solaris 10, when the accessibility feature is enabled, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locke...Show more XScreenSaver in Sun Solaris 10, when the accessibility feature is enabled, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276 and CVE-2009-2711.Show less
CVE-2009-3706 1Sun 2Opensolaris Solaris Apr 23, 2026 Oct 16, 2009 N/A· v4 N/A· v3 4.4 MEDIUM· v2 Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown...Show more Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call.Show less
CVE-2009-3468 1Sun 1Solaris Apr 23, 2026 Sep 29, 2009 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Multiple unspecified vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory Access Control (MAC)...Show more Multiple unspecified vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory Access Control (MAC) policy via unknown vectors, related to a menu typo and the Style Manager.Show less
CVE-2009-3432 1Sun 2Opensolaris Solaris Apr 23, 2026 Sep 28, 2009 N/A· v4 N/A· v3 1.9 LOW· v2 Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vect...Show more Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vectors related to XRandR resize events.Show less
CVE-2009-3183 1Sun 2Opensolaris Solaris Apr 23, 2026 Sep 14, 2009 N/A· v4 N/A· v3 7.2 HIGH· v2 Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors.
CVE-2009-3164 1Sun 2Opensolaris Solaris Apr 23, 2026 Sep 10, 2009 N/A· v4 N/A· v3 7.1 HIGH· v2 Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows re...Show more Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames. NOTE: this issue exists because of an incomplete fix for CVE-2009-2136.Show less
CVE-2009-3100 2Sun X.org 3Opensolaris SolarisX11 Apr 23, 2026 Sep 8, 2009 N/A· v4 N/A· v3 4.0 MEDIUM· v2 xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of...Show more xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches.Show less
CVE-2009-3000 1Sun 2Opensolaris Solaris Apr 23, 2026 Aug 28, 2009 N/A· v4 N/A· v3 7.1 HIGH· v2 The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecif...Show more The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7c_http_log function, related to "improper http response handling."Show less
CVE-2009-2972 1Sun 1Solaris Apr 23, 2026 Aug 27, 2009 N/A· v4 N/A· v3 7.8 HIGH· v2 in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb."
CVE-2009-2952 1Sun 2Opensolaris Solaris Apr 23, 2026 Aug 24, 2009 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Unspecified vulnerability in the pollwakeup function in Sun Solaris 10, and OpenSolaris before snv_51, allows local users to cause a denial of service (panic) via unknown vectors.
CVE-2009-2912 1Sun 2Opensolaris Solaris Apr 23, 2026 Aug 21, 2009 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls.
CVE-2009-2711 2Sun X.org 3Opensolaris SolarisX11 Apr 23, 2026 Aug 7, 2009 N/A· v4 N/A· v3 4.9 MEDIUM· v2 XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup...Show more XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276.Show less

12 3 4 5...23 Next