← Back

Sun

sun

1,603 CVEs • 200 products

Products (200)

Click to collapse
Toggle
Sunos
sunos
561 CVEs
Solaris
solaris
450 CVEs
Jre
jre
423 CVEs
Jdk
jdk
392 CVEs
Sdk
sdk
126 CVEs
Opensolaris
opensolaris
113 CVEs
Java System Web Server
java_system_web_server
32 CVEs
Java System Application Server
java_system_application_server
22 CVEs
Java System Identity Manager
java_system_identity_manager
19 CVEs
Java System Directory Server
java_system_directory_server
18 CVEs
Openjdk
openjdk
16 CVEs
Ray Server Software
ray_server_software
15 CVEs
Java System Access Manager
java_system_access_manager
15 CVEs
Java
java
14 CVEs
Java Se
java_se
14 CVEs
Cobalt Raq 2
cobalt_raq_2
12 CVEs
Cobalt Raq 3i
cobalt_raq_3i
12 CVEs
One Application Server
one_application_server
12 CVEs
One Web Server
one_web_server
12 CVEs
Java System Web Proxy Server
java_system_web_proxy_server
11 CVEs
Staroffice
staroffice
10 CVEs
Cluster
cluster
8 CVEs
J2se
j2se
7 CVEs
Solaris Answerbook2
solaris_answerbook2
6 CVEs
One Directory Server
one_directory_server
6 CVEs
Java System Portal Server
java_system_portal_server
6 CVEs
Ehrd
ehrd
6 CVEs
Cobalt Raq 4
cobalt_raq_4
5 CVEs
Java Web Start
java_web_start
5 CVEs
Java Desktop System
java_desktop_system
5 CVEs
Iplanet Messaging Server
iplanet_messaging_server
5 CVEs
Java System Communications Express
java_system_communications_express
5 CVEs
Openoffice.org
openoffice.org
5 CVEs
Virtualbox
virtualbox
5 CVEs
Solstice Adminsuite
solstice_adminsuite
5 CVEs
Solstice Backup
solstice_backup
4 CVEs
Chilisoft
chilisoft
4 CVEs
Iplanet Directory Server
iplanet_directory_server
4 CVEs
Iplanet Web Server
iplanet_web_server
4 CVEs
Java Plug In
java_plug-in
4 CVEs
Java System Calendar Server
java_system_calendar_server
4 CVEs
Javamail
javamail
4 CVEs
One Messaging Server
one_messaging_server
4 CVEs
Grid Engine
grid_engine
4 CVEs
N1 Grid Engine
n1_grid_engine
4 CVEs
Java Web Console
java_web_console
4 CVEs
Java Asp Server
java_asp_server
4 CVEs
Nfs
nfs
4 CVEs
Cobalt Raq
cobalt_raq
3 CVEs
Management+center
management+center
3 CVEs
Sun Fire
sun_fire
3 CVEs
Jsse
jsse
3 CVEs
Crypto Accelerator 4000
crypto_accelerator_4000
3 CVEs
Java Enterprise System
java_enterprise_system
3 CVEs
Storedge 6130 Arrays
storedge_6130_arrays
3 CVEs
Storedge Enterprise Backup Software
storedge_enterprise_backup_software
3 CVEs
Secure Global Desktop
secure_global_desktop
3 CVEs
Java System Messaging Server
java_system_messaging_server
3 CVEs
One Calendar Server
one_calendar_server
3 CVEs
J2ee
j2ee
3 CVEs
Iplanet Certificate Management System
iplanet_certificate_management_system
2 CVEs
I Runbook
i-runbook
2 CVEs
Openwindows
openwindows
2 CVEs
Solaris Pc Netlink
solaris_pc_netlink
2 CVEs
Java System Content Delivery Server
java_system_content_delivery_server
2 CVEs
Net Connect Software
net_connect_software
2 CVEs
Embedded Lights Out Manager
embedded_lights_out_manager
2 CVEs
Java System Identity Server
java_system_identity_server
2 CVEs
Netra T5220 Server
netra_t5220_server
2 CVEs
Management Center
management_center
2 CVEs
Sparc Enterprise Server T5120
sparc_enterprise_server_t5120
2 CVEs
Sparc Enterprise Server T5140
sparc_enterprise_server_t5140
2 CVEs
Sparc Enterprise Server T5220
sparc_enterprise_server_t5220
2 CVEs
Sparc Enterprise Server T5240
sparc_enterprise_server_t5240
2 CVEs
Fire X2100 M2
fire_x2100_m2
2 CVEs
Fire X2200 M2
fire_x2200_m2
2 CVEs
Xvm Virtualbox
xvm_virtualbox
2 CVEs
Virtual Desktop Infrastructure
virtual_desktop_infrastructure
2 CVEs
Solaris Isp Server
solaris_isp_server
1 CVE
Workshop
workshop
1 CVE
Hotjava Browser
hotjava_browser
1 CVE
Sun Ftp
sun_ftp
1 CVE
Javaserver Web Dev Kit
javaserver_web_dev_kit
1 CVE
Sunvts
sunvts
1 CVE
Netdynamics
netdynamics
1 CVE
Sun Pci Ii Driver
sun_pci_ii_driver
1 CVE
Linux
linux
1 CVE
Cobalt Raq Xtr
cobalt_raq_xtr
1 CVE
Patchpro
patchpro
1 CVE
Enterprise Authentication Mechanism
enterprise_authentication_mechanism
1 CVE
Sunone Starter Kit
sunone_starter_kit
1 CVE
Patch Manager
patch_manager
1 CVE
Storedge 3310 Scsi Array
storedge_3310_scsi_array
1 CVE
Storedge 3510 Fc Array
storedge_3510_fc_array
1 CVE
Enterprise Storage Manager
enterprise_storage_manager
1 CVE
Seam
seam
1 CVE
Dtmail
dtmail
1 CVE
J2me
j2me
1 CVE
Netra 1280
netra_1280
1 CVE
Sunforum
sunforum
1 CVE

CVEs (1,603)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-43360
1Sun
1Ehrd
Nov 21, 2024
Dec 1, 2021
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbi...Show more
Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbitrary code and control the system or interrupt services.Show less
CVE-2021-43359
1Sun
1Ehrd
Nov 21, 2024
Dec 1, 2021
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary co...Show more
Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary code and control the system or interrupt services.Show less
CVE-2021-43358
1Sun
1Ehrd
Nov 21, 2024
Dec 1, 2021
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote attacker to perform path traversal attacks without authentication, access restricted paths and download system files.
CVE-2020-10510
1Sun
1Ehrd
Nov 21, 2024
Mar 27, 2020
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data.
CVE-2020-10509
1Sun
1Ehrd
Nov 21, 2024
Mar 27, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack.
CVE-2020-10508
1Sun
1Ehrd
Nov 21, 2024
Mar 27, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information.
CVE-2016-1291
2Cisco
Sun
3Evolved Programmable Network Manager
OpensolarisPrime Infrastructure
May 6, 2026
Apr 6, 2016
N/A· v4
9.8 CRITICAL· v3
9.3 HIGH· v2
Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID...Show more
Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192.Show less
CVE-2016-1290
2Cisco
Sun
3Evolved Programmable Network Manager
OpensolarisPrime Infrastructure
May 6, 2026
Apr 6, 2016
N/A· v4
8.1 HIGH· v3
5.5 MEDIUM· v2
The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to bypass intended RBAC restrictions and gain privileges via an H...Show more
The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to bypass intended RBAC restrictions and gain privileges via an HTTP request that is inconsistent with a pattern filter, aka Bug ID CSCuy10227.Show less
CVE-2015-6313
3Sun
ZyxelZzinc
3Gs1900 10hp Firmware
Keymouse FirmwareOpensolaris
May 6, 2026
Apr 6, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of servic...Show more
Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP requests that are not followed by an unspecified negotiation, aka Bug ID CSCuv47565.Show less
CVE-2016-1314
1Sun
1Opensolaris
May 6, 2026
Mar 28, 2016
N/A· v4
6.1 MEDIUM· v3
3.5 LOW· v2
Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (CDM) 8.1(1) allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux80760.
CVE-2016-1350
6Cisco
LenovoSamsung+3 more
6Gs1900 10hp Firmware
Ios XeKeymouse Firmware+3 more
May 6, 2026
Mar 26, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.
CVE-2016-1349
7Cisco
IntelNetgear+4 more
7Core I5 9400f Firmware
Gs1900 10hp FirmwareIos Xe+4 more
May 6, 2026
Mar 26, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Insta...Show more
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.Show less
CVE-2016-1348
6Cisco
NetgearSamsung+3 more
6Gs1900 10hp Firmware
Ios XeJr6150 Firmware+3 more
May 6, 2026
Mar 26, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.
CVE-2016-1344
7Cisco
LenovoNetgear+4 more
7Gs1900 10hp Firmware
Ios XeJr6150 Firmware+4 more
May 6, 2026
Mar 26, 2016
N/A· v4
5.9 MEDIUM· v3
7.1 HIGH· v2
The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.
CVE-2015-0718
6Cisco
NetgearSamsung+3 more
7Gs1900 10hp Firmware
Jr6150 FirmwareKeymouse Firmware+4 more
May 6, 2026
Mar 3, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted...Show more
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579.Show less
CVE-2016-1329
4Samsung
SunZyxel+1 more
4Gs1900 10hp Firmware
Keymouse FirmwareOpensolaris+1 more
May 6, 2026
Mar 3, 2016
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileg...Show more
Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.Show less
CVE-2016-1331
1Sun
1Opensolaris
May 6, 2026
Feb 15, 2016
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 11.5(0.99833.5) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy10766.
CVE-2016-1319
4Samsung
SunZyxel+1 more
4Gs1900 10hp Firmware
Keymouse FirmwareOpensolaris+1 more
May 6, 2026
Feb 9, 2016
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express...Show more
Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958.Show less
CVE-2016-1302
5Cisco
SamsungSun+2 more
5Gs1900 10hp Firmware
Keymouse FirmwareNx Os+2 more
May 6, 2026
Feb 7, 2016
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote a...Show more
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.Show less
CVE-2016-1310
1Sun
1Opensolaris
May 6, 2026
Feb 6, 2016
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033.