← Back

Sun

sun

1,603 CVEs • 200 products

Products (200)

Click to collapse
Toggle
Sunos
sunos
561 CVEs
Solaris
solaris
450 CVEs
Jre
jre
423 CVEs
Jdk
jdk
392 CVEs
Sdk
sdk
126 CVEs
Opensolaris
opensolaris
113 CVEs
Java System Web Server
java_system_web_server
32 CVEs
Java System Application Server
java_system_application_server
22 CVEs
Java System Identity Manager
java_system_identity_manager
19 CVEs
Java System Directory Server
java_system_directory_server
18 CVEs
Openjdk
openjdk
16 CVEs
Ray Server Software
ray_server_software
15 CVEs
Java System Access Manager
java_system_access_manager
15 CVEs
Java
java
14 CVEs
Java Se
java_se
14 CVEs
Cobalt Raq 2
cobalt_raq_2
12 CVEs
Cobalt Raq 3i
cobalt_raq_3i
12 CVEs
One Application Server
one_application_server
12 CVEs
One Web Server
one_web_server
12 CVEs
Java System Web Proxy Server
java_system_web_proxy_server
11 CVEs
Staroffice
staroffice
10 CVEs
Cluster
cluster
8 CVEs
J2se
j2se
7 CVEs
Solaris Answerbook2
solaris_answerbook2
6 CVEs
One Directory Server
one_directory_server
6 CVEs
Java System Portal Server
java_system_portal_server
6 CVEs
Ehrd
ehrd
6 CVEs
Cobalt Raq 4
cobalt_raq_4
5 CVEs
Java Web Start
java_web_start
5 CVEs
Java Desktop System
java_desktop_system
5 CVEs
Iplanet Messaging Server
iplanet_messaging_server
5 CVEs
Java System Communications Express
java_system_communications_express
5 CVEs
Openoffice.org
openoffice.org
5 CVEs
Virtualbox
virtualbox
5 CVEs
Solstice Adminsuite
solstice_adminsuite
5 CVEs
Solstice Backup
solstice_backup
4 CVEs
Chilisoft
chilisoft
4 CVEs
Iplanet Directory Server
iplanet_directory_server
4 CVEs
Iplanet Web Server
iplanet_web_server
4 CVEs
Java Plug In
java_plug-in
4 CVEs
Java System Calendar Server
java_system_calendar_server
4 CVEs
Javamail
javamail
4 CVEs
One Messaging Server
one_messaging_server
4 CVEs
Grid Engine
grid_engine
4 CVEs
N1 Grid Engine
n1_grid_engine
4 CVEs
Java Web Console
java_web_console
4 CVEs
Java Asp Server
java_asp_server
4 CVEs
Nfs
nfs
4 CVEs
Cobalt Raq
cobalt_raq
3 CVEs
Management+center
management+center
3 CVEs
Sun Fire
sun_fire
3 CVEs
Jsse
jsse
3 CVEs
Crypto Accelerator 4000
crypto_accelerator_4000
3 CVEs
Java Enterprise System
java_enterprise_system
3 CVEs
Storedge 6130 Arrays
storedge_6130_arrays
3 CVEs
Storedge Enterprise Backup Software
storedge_enterprise_backup_software
3 CVEs
Secure Global Desktop
secure_global_desktop
3 CVEs
Java System Messaging Server
java_system_messaging_server
3 CVEs
One Calendar Server
one_calendar_server
3 CVEs
J2ee
j2ee
3 CVEs
Iplanet Certificate Management System
iplanet_certificate_management_system
2 CVEs
I Runbook
i-runbook
2 CVEs
Openwindows
openwindows
2 CVEs
Solaris Pc Netlink
solaris_pc_netlink
2 CVEs
Java System Content Delivery Server
java_system_content_delivery_server
2 CVEs
Net Connect Software
net_connect_software
2 CVEs
Embedded Lights Out Manager
embedded_lights_out_manager
2 CVEs
Java System Identity Server
java_system_identity_server
2 CVEs
Netra T5220 Server
netra_t5220_server
2 CVEs
Management Center
management_center
2 CVEs
Sparc Enterprise Server T5120
sparc_enterprise_server_t5120
2 CVEs
Sparc Enterprise Server T5140
sparc_enterprise_server_t5140
2 CVEs
Sparc Enterprise Server T5220
sparc_enterprise_server_t5220
2 CVEs
Sparc Enterprise Server T5240
sparc_enterprise_server_t5240
2 CVEs
Fire X2100 M2
fire_x2100_m2
2 CVEs
Fire X2200 M2
fire_x2200_m2
2 CVEs
Xvm Virtualbox
xvm_virtualbox
2 CVEs
Virtual Desktop Infrastructure
virtual_desktop_infrastructure
2 CVEs
Solaris Isp Server
solaris_isp_server
1 CVE
Workshop
workshop
1 CVE
Hotjava Browser
hotjava_browser
1 CVE
Sun Ftp
sun_ftp
1 CVE
Javaserver Web Dev Kit
javaserver_web_dev_kit
1 CVE
Sunvts
sunvts
1 CVE
Netdynamics
netdynamics
1 CVE
Sun Pci Ii Driver
sun_pci_ii_driver
1 CVE
Linux
linux
1 CVE
Cobalt Raq Xtr
cobalt_raq_xtr
1 CVE
Patchpro
patchpro
1 CVE
Enterprise Authentication Mechanism
enterprise_authentication_mechanism
1 CVE
Sunone Starter Kit
sunone_starter_kit
1 CVE
Patch Manager
patch_manager
1 CVE
Storedge 3310 Scsi Array
storedge_3310_scsi_array
1 CVE
Storedge 3510 Fc Array
storedge_3510_fc_array
1 CVE
Enterprise Storage Manager
enterprise_storage_manager
1 CVE
Seam
seam
1 CVE
Dtmail
dtmail
1 CVE
J2me
j2me
1 CVE
Netra 1280
netra_1280
1 CVE
Sunforum
sunforum
1 CVE

CVEs (1,603)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-5118
1Sun
1Java System Identity Manager
Apr 23, 2026
Nov 18, 2008
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "frame injection."
CVE-2008-5117
1Sun
1Java System Identity Manager
Apr 23, 2026
Nov 18, 2008
N/A· v4
N/A· v3
6.4 MEDIUM· v2
Open redirect vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2008-5116
1Sun
1Java System Identity Manager
Apr 23, 2026
Nov 18, 2008
N/A· v4
N/A· v3
7.8 HIGH· v2
Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem of the IDM server v...Show more
Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem of the IDM server via directory traversal sequences in the ext parameter.Show less
CVE-2008-5115
1Sun
1Java System Identity Manager
Apr 23, 2026
Nov 18, 2008
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to hijack the authentication of administrators for requests that update the pa...Show more
Cross-site request forgery (CSRF) vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to hijack the authentication of administrators for requests that update the password via idm/admin/changeself.jsp.Show less
CVE-2008-5114
1Sun
1Java System Identity Manager
Apr 23, 2026
Nov 18, 2008
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-5111
1Sun
2Opensolaris
Solaris
Apr 23, 2026
Nov 17, 2008
N/A· v4
N/A· v3
4.7 MEDIUM· v2
Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vec...Show more
Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function.Show less
CVE-2008-5099
1Sun
1Logical Domain Manager
Apr 23, 2026
Nov 17, 2008
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Sun Logical Domain Manager (aka LDoms Manager or ldm) 1.0 through 1.0.3 displays the value of the OpenBoot PROM (OBP) security-password variable in cleartext, which allows local users to bypass the SPARC firmware's passw...Show more
Sun Logical Domain Manager (aka LDoms Manager or ldm) 1.0 through 1.0.3 displays the value of the OpenBoot PROM (OBP) security-password variable in cleartext, which allows local users to bypass the SPARC firmware's password protection, and gain privileges or obtain data access, via the "ldm ls -l" command, a different vulnerability than CVE-2008-4992.Show less
CVE-2008-5098
1Sun
1Java System Messaging Server
Apr 23, 2026
Nov 17, 2008
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-290...Show more
Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-2904.Show less
CVE-2008-5010
1Sun
2Opensolaris
Solaris
Apr 23, 2026
Nov 10, 2008
N/A· v4
N/A· v3
10.0 HIGH· v2
in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related...Show more
in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805.Show less
CVE-2008-5009
1Sun
1Solstice X.25
Apr 23, 2026
Nov 10, 2008
N/A· v4
N/A· v3
4.0 MEDIUM· v2
Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service (panic) via vectors involving reading the /dev/xty file.
CVE-2008-4992
1Sun
13Blade T6300 Server
Blade T6320 ServerFire Enterprise Server T1000+10 more
Apr 23, 2026
Nov 7, 2008
N/A· v4
N/A· v3
4.6 MEDIUM· v2
The SPARC hypervisor in Sun System Firmware 6.6.3 through 6.6.5 and 7.1.3 through 7.1.3.e on UltraSPARC T1, T2, and T2+ processors allows logical domain users to access memory in other logical domains via unknown vectors...Show more
The SPARC hypervisor in Sun System Firmware 6.6.3 through 6.6.5 and 7.1.3 through 7.1.3.e on UltraSPARC T1, T2, and T2+ processors allows logical domain users to access memory in other logical domains via unknown vectors.Show less
CVE-2008-4910
1Sun
1Java Web Start
Apr 23, 2026
Nov 4, 2008
N/A· v4
N/A· v3
10.0 HIGH· v2
The BasicService in Sun Java Web Start allows remote attackers to execute arbitrary programs on a client machine via a file:// URL argument to the showDocument method.
CVE-2008-4747
1Sun
1Java Access Manager
Apr 23, 2026
Oct 27, 2008
N/A· v4
N/A· v3
2.1 LOW· v2
Unspecified vulnerability in the search feature in Sun Java System LDAP JDK before 4.20 allows context-dependent attackers to obtain sensitive information via unknown attack vectors related to the LDAP JDK library.
CVE-2008-4722
1Sun
37Blade 6000 Modular System With Chassis
Blade 6048 Modular System With ChassisBlade 8000 Modular System+34 more
Apr 23, 2026
Oct 23, 2008
N/A· v4
N/A· v3
9.0 HIGH· v2
Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) 2.0.1.5 through 2.0.4.26 allows remote authenticated users to (1) access the service processor (SP) and cause a denial of service (shutdown or reboot)...Show more
Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) 2.0.1.5 through 2.0.4.26 allows remote authenticated users to (1) access the service processor (SP) and cause a denial of service (shutdown or reboot), or (2) access the host operating system and have an unspecified impact, via unknown vectors.Show less
CVE-2008-4619
1Sun
1Sunos
Apr 23, 2026
Oct 21, 2008
N/A· v4
N/A· v3
10.0 HIGH· v2
The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2u...Show more
The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. NOTE: this might be a duplicate of CVE-2007-0165.Show less
CVE-2008-4556
1Sun
1Solaris
Apr 23, 2026
Oct 14, 2008
N/A· v4
N/A· v3
10.0 HIGH· v2
Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request.
CVE-2008-4541
1Sun
1Java System Web Proxy Server
Apr 23, 2026
Oct 13, 2008
N/A· v4
N/A· v3
10.0 HIGH· v2
Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.
CVE-2008-4160
1Sun
2Opensolaris
Solaris
Apr 23, 2026
Sep 22, 2008
N/A· v4
N/A· v3
4.7 MEDIUM· v2
Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solar...Show more
Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solaris Access Control List (ACL) implementation.Show less
CVE-2008-4131
1Sun
1Solaris
Apr 23, 2026
Sep 19, 2008
N/A· v4
N/A· v3
7.2 HIGH· v2
Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow local users to gain privileges via vectors related to handling of tags with (1) the -t option and (2) the :tag command in the (a) vi, (b) ex, (c) ved...Show more
Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow local users to gain privileges via vectors related to handling of tags with (1) the -t option and (2) the :tag command in the (a) vi, (b) ex, (c) vedit, (d) view, and (e) edit programs.Show less
CVE-2008-4117
1Sun
1Management Center
Apr 23, 2026
Sep 18, 2008
N/A· v4
N/A· v3
7.8 HIGH· v2
Unspecified vulnerability in a web page in the PRM module in Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.