CVE-2012-0217

Public exploit
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
Max CVSS
7.2
EPSS Score
0.06%
Published
2012-06-12
Updated
2020-09-28

CVE-2007-0882

Public exploit
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.
Max CVSS
10.0
EPSS Score
84.50%
Published
2007-02-12
Updated
2018-10-30

CVE-2005-4797

Public exploit
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.
Max CVSS
5.0
EPSS Score
96.19%
Published
2005-12-31
Updated
2018-10-30

CVE-2005-3398

Public exploit
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.
Max CVSS
4.3
EPSS Score
0.80%
Published
2005-11-01
Updated
2018-10-30

CVE-2003-0694

Public exploit
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
Max CVSS
10.0
EPSS Score
5.70%
Published
2003-10-06
Updated
2018-10-30

CVE-2003-0201

Public exploit
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
97.04%
Published
2003-05-05
Updated
2018-10-30

CVE-2003-0027

Public exploit
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.
Max CVSS
5.0
EPSS Score
52.35%
Published
2003-02-07
Updated
2018-10-30

CVE-2001-1583

Public exploit
lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.
Max CVSS
10.0
EPSS Score
19.96%
Published
2001-12-31
Updated
2022-09-13

CVE-2001-0797

Public exploit
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
Max CVSS
10.0
EPSS Score
97.24%
Published
2001-12-12
Updated
2018-10-30

CVE-1999-0517

Public exploit
An SNMP community name is the default (e.g. public), null, or missing.
Max CVSS
7.5
EPSS Score
45.45%
Published
1997-01-01
Updated
2022-08-17

CVE-1999-0502

Public exploit
A Unix account has a default, null, blank, or missing password.
Max CVSS
7.5
EPSS Score
1.30%
Published
1998-03-01
Updated
2022-08-17

CVE-1999-0209

Public exploit
The SunView (SunTools) selection_svc facility allows remote users to read files.
Max CVSS
5.0
EPSS Score
55.78%
Published
1990-08-14
Updated
2008-09-09
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility.
Max CVSS
1.9
EPSS Score
0.04%
Published
2015-01-21
Updated
2017-09-08
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility.
Max CVSS
3.3
EPSS Score
0.04%
Published
2015-01-21
Updated
2017-09-08
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control.
Max CVSS
4.9
EPSS Score
0.04%
Published
2015-01-21
Updated
2017-09-08
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600.
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-01-21
Updated
2017-09-08
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network.
Max CVSS
5.0
EPSS Score
0.24%
Published
2015-01-21
Updated
2017-09-08
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2015-0397.
Max CVSS
4.9
EPSS Score
0.04%
Published
2015-01-21
Updated
2016-12-07
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Network, a different vulnerability than CVE-2004-0230.
Max CVSS
5.0
EPSS Score
0.19%
Published
2015-01-21
Updated
2016-12-07
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6600 and CVE-2015-0397.
Max CVSS
4.9
EPSS Score
0.04%
Published
2015-01-21
Updated
2016-12-07
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hermon HCA PCIe driver.
Max CVSS
6.8
EPSS Score
0.63%
Published
2014-10-15
Updated
2014-11-19
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.
Max CVSS
7.2
EPSS Score
0.04%
Published
2015-01-21
Updated
2016-12-07
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via vectors related to CDE - Power Management Utility.
Max CVSS
7.2
EPSS Score
0.04%
Published
2015-01-21
Updated
2016-12-07
Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to Unix File System (UFS).
Max CVSS
6.6
EPSS Score
0.04%
Published
2015-01-21
Updated
2016-12-07
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Power Management Utility.
Max CVSS
7.2
EPSS Score
0.04%
Published
2015-01-21
Updated
2016-12-07
561 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!