← Back

Sun

sun

1,603 CVEs • 200 products

Products (200)

Click to collapse
Toggle
Sunos
sunos
561 CVEs
Solaris
solaris
450 CVEs
Jre
jre
423 CVEs
Jdk
jdk
392 CVEs
Sdk
sdk
126 CVEs
Opensolaris
opensolaris
113 CVEs
Java System Web Server
java_system_web_server
32 CVEs
Java System Application Server
java_system_application_server
22 CVEs
Java System Identity Manager
java_system_identity_manager
19 CVEs
Java System Directory Server
java_system_directory_server
18 CVEs
Openjdk
openjdk
16 CVEs
Ray Server Software
ray_server_software
15 CVEs
Java System Access Manager
java_system_access_manager
15 CVEs
Java
java
14 CVEs
Java Se
java_se
14 CVEs
Cobalt Raq 2
cobalt_raq_2
12 CVEs
Cobalt Raq 3i
cobalt_raq_3i
12 CVEs
One Application Server
one_application_server
12 CVEs
One Web Server
one_web_server
12 CVEs
Java System Web Proxy Server
java_system_web_proxy_server
11 CVEs
Staroffice
staroffice
10 CVEs
Cluster
cluster
8 CVEs
J2se
j2se
7 CVEs
Solaris Answerbook2
solaris_answerbook2
6 CVEs
One Directory Server
one_directory_server
6 CVEs
Java System Portal Server
java_system_portal_server
6 CVEs
Ehrd
ehrd
6 CVEs
Cobalt Raq 4
cobalt_raq_4
5 CVEs
Java Web Start
java_web_start
5 CVEs
Java Desktop System
java_desktop_system
5 CVEs
Iplanet Messaging Server
iplanet_messaging_server
5 CVEs
Java System Communications Express
java_system_communications_express
5 CVEs
Openoffice.org
openoffice.org
5 CVEs
Virtualbox
virtualbox
5 CVEs
Solstice Adminsuite
solstice_adminsuite
5 CVEs
Solstice Backup
solstice_backup
4 CVEs
Chilisoft
chilisoft
4 CVEs
Iplanet Directory Server
iplanet_directory_server
4 CVEs
Iplanet Web Server
iplanet_web_server
4 CVEs
Java Plug In
java_plug-in
4 CVEs
Java System Calendar Server
java_system_calendar_server
4 CVEs
Javamail
javamail
4 CVEs
One Messaging Server
one_messaging_server
4 CVEs
Grid Engine
grid_engine
4 CVEs
N1 Grid Engine
n1_grid_engine
4 CVEs
Java Web Console
java_web_console
4 CVEs
Java Asp Server
java_asp_server
4 CVEs
Nfs
nfs
4 CVEs
Cobalt Raq
cobalt_raq
3 CVEs
Management+center
management+center
3 CVEs
Sun Fire
sun_fire
3 CVEs
Jsse
jsse
3 CVEs
Crypto Accelerator 4000
crypto_accelerator_4000
3 CVEs
Java Enterprise System
java_enterprise_system
3 CVEs
Storedge 6130 Arrays
storedge_6130_arrays
3 CVEs
Storedge Enterprise Backup Software
storedge_enterprise_backup_software
3 CVEs
Secure Global Desktop
secure_global_desktop
3 CVEs
Java System Messaging Server
java_system_messaging_server
3 CVEs
One Calendar Server
one_calendar_server
3 CVEs
J2ee
j2ee
3 CVEs
Iplanet Certificate Management System
iplanet_certificate_management_system
2 CVEs
I Runbook
i-runbook
2 CVEs
Openwindows
openwindows
2 CVEs
Solaris Pc Netlink
solaris_pc_netlink
2 CVEs
Java System Content Delivery Server
java_system_content_delivery_server
2 CVEs
Net Connect Software
net_connect_software
2 CVEs
Embedded Lights Out Manager
embedded_lights_out_manager
2 CVEs
Java System Identity Server
java_system_identity_server
2 CVEs
Netra T5220 Server
netra_t5220_server
2 CVEs
Management Center
management_center
2 CVEs
Sparc Enterprise Server T5120
sparc_enterprise_server_t5120
2 CVEs
Sparc Enterprise Server T5140
sparc_enterprise_server_t5140
2 CVEs
Sparc Enterprise Server T5220
sparc_enterprise_server_t5220
2 CVEs
Sparc Enterprise Server T5240
sparc_enterprise_server_t5240
2 CVEs
Fire X2100 M2
fire_x2100_m2
2 CVEs
Fire X2200 M2
fire_x2200_m2
2 CVEs
Xvm Virtualbox
xvm_virtualbox
2 CVEs
Virtual Desktop Infrastructure
virtual_desktop_infrastructure
2 CVEs
Solaris Isp Server
solaris_isp_server
1 CVE
Workshop
workshop
1 CVE
Hotjava Browser
hotjava_browser
1 CVE
Sun Ftp
sun_ftp
1 CVE
Javaserver Web Dev Kit
javaserver_web_dev_kit
1 CVE
Sunvts
sunvts
1 CVE
Netdynamics
netdynamics
1 CVE
Sun Pci Ii Driver
sun_pci_ii_driver
1 CVE
Linux
linux
1 CVE
Cobalt Raq Xtr
cobalt_raq_xtr
1 CVE
Patchpro
patchpro
1 CVE
Enterprise Authentication Mechanism
enterprise_authentication_mechanism
1 CVE
Sunone Starter Kit
sunone_starter_kit
1 CVE
Patch Manager
patch_manager
1 CVE
Storedge 3310 Scsi Array
storedge_3310_scsi_array
1 CVE
Storedge 3510 Fc Array
storedge_3510_fc_array
1 CVE
Enterprise Storage Manager
enterprise_storage_manager
1 CVE
Seam
seam
1 CVE
Dtmail
dtmail
1 CVE
J2me
j2me
1 CVE
Netra 1280
netra_1280
1 CVE
Sunforum
sunforum
1 CVE

CVEs (1,603)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2005-3906
1Sun
2Jdk
Jre
Apr 16, 2026
Nov 30, 2005
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access arbitrary files or ex...Show more
Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors, a different set of vulnerabilities than CVE-2005-3905. NOTE: this is associated with the "second and third issues" identified in SUNALERT:102003.Show less
CVE-2005-3905
1Sun
2Jdk
Jre
Apr 16, 2026
Nov 30, 2005
N/A· v4
N/A· v3
7.5 HIGH· v2
Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrar...Show more
Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors, a different vulnerability than CVE-2005-3906. NOTE: this is associated with the "first issue" identified in SUNALERT:102003.Show less
CVE-2005-3904
1Sun
2Jdk
Jre
Apr 16, 2026
Nov 30, 2005
N/A· v4
N/A· v3
7.5 HIGH· v2
Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute ar...Show more
Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors.Show less
CVE-2005-3781
1Sun
2Solaris
Sunos
Apr 16, 2026
Nov 23, 2005
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that cause in.named to "make unnecessary queries."
CVE-2005-3674
1Sun
1Solaris
Apr 16, 2026
Nov 18, 2005
N/A· v4
N/A· v3
7.8 HIGH· v2
The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrat...Show more
The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.Show less
CVE-2005-3583
1Sun
2Jre
Sdk
Apr 16, 2026
Nov 16, 2005
N/A· v4
N/A· v3
7.8 HIGH· v2
(1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted...Show more
(1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss.Show less
CVE-2005-3472
1Sun
1Java System Communications Express
Apr 16, 2026
Nov 3, 2005
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files.
CVE-2005-3398
1Sun
2Solaris
Sunos
Apr 16, 2026
Nov 1, 2005
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cooki...Show more
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.Show less
CVE-2005-3269
1Sun
4Java System Directory Proxy Server
Java System Directory ServerOne Administration Server+1 more
Apr 16, 2026
Oct 20, 2005
N/A· v4
N/A· v3
7.5 HIGH· v2
Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1...Show more
Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.Show less
CVE-2005-3250
1Sun
1Solaris
Apr 16, 2026
Oct 17, 2005
N/A· v4
N/A· v3
2.1 LOW· v2
Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference.
CVE-2005-3099
1Sun
2Solaris
Sunos
Apr 16, 2026
Sep 28, 2005
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code.
CVE-2005-3071
1Sun
2Solaris
Sunos
Apr 16, 2026
Sep 27, 2005
N/A· v4
N/A· v3
2.1 LOW· v2
Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS.
CVE-2005-3001
1Sun
1Solaris
Apr 16, 2026
Sep 20, 2005
N/A· v4
N/A· v3
2.1 LOW· v2
Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.
CVE-2005-2870
1Sun
1Solaris
Apr 16, 2026
Sep 8, 2005
N/A· v4
N/A· v3
7.5 HIGH· v2
Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses.
CVE-2005-0359
2Emc
Sun
3Legato Networker
Solstice BackupStoredge Enterprise Backup Software
Apr 16, 2026
Aug 23, 2005
N/A· v4
N/A· v3
6.4 MEDIUM· v2
The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attacke...Show more
The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service.Show less
CVE-2005-0358
2Emc
Sun
3Legato Networker
Solstice BackupStoredge Enterprise Backup Software
Apr 16, 2026
Aug 23, 2005
N/A· v4
N/A· v3
7.5 HIGH· v2
EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authenticat...Show more
EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.Show less
CVE-2005-0357
2Emc
Sun
3Legato Networker
Solstice BackupStoredge Enterprise Backup Software
Apr 16, 2026
Aug 23, 2005
N/A· v4
N/A· v3
7.5 HIGH· v2
EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass aut...Show more
EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.Show less
CVE-2005-2094
1Sun
1One Web Server
Apr 16, 2026
Jul 5, 2005
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Sun SunONE web server 6.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a...Show more
Sun SunONE web server 6.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes SunONE to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."Show less
CVE-2005-2072
1Sun
2Solaris
Sunos
Apr 16, 2026
Jun 29, 2005
N/A· v4
N/A· v3
7.2 HIGH· v2
The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code...Show more
The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT.Show less
CVE-2005-2071
1Sun
1Solaris
Apr 16, 2026
Jun 29, 2005
N/A· v4
N/A· v3
4.6 MEDIUM· v2
traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot).