CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SUN : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-6497 2014-10-15 2014-10-28
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Kernel.
2 CVE-2014-4284 2014-10-15 2014-10-16
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than CVE-2014-4280.
3 CVE-2014-4283 2014-10-15 2014-10-16
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4277.
4 CVE-2014-4280 2014-10-15 2014-10-16
4.6
None Local Low Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than CVE-2014-4284.
5 CVE-2014-4275 2014-10-15 2014-10-16
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to SMB server kernel module.
6 CVE-2014-4239 2014-07-17 2014-08-01
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Common Agent Container (Cacao).
7 CVE-2014-4224 2014-07-17 2014-08-01
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows local users to affect availability via unknown vectors related to sockfs.
8 CVE-2014-4215 2014-07-17 2014-08-01
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers.
9 CVE-2014-3575 264 2014-08-26 2014-08-27
4.3
None Remote Medium Not required Partial None None
The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.
10 CVE-2014-0447 2014-04-15 2014-04-16
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via unknown vectors related to Kernel.
11 CVE-2014-0442 2014-04-15 2014-04-16
4.6
None Local Low Not required Partial Partial Partial
Unspecified vulnerability in Oracle Solaris 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Print Filter Utility.
12 CVE-2014-0421 2014-04-15 2014-04-16
4.6
None Local Low Not required Partial Partial Partial
Unspecified vulnerability in Oracle Solaris 10, when running on the SPARC64-X Platform, allows local users to affect confidentiality, integrity, and availability via unknown vectors.
13 CVE-2014-0390 2014-01-15 2014-02-06
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Java Web Console.
14 CVE-2013-5876 2014-01-15 2014-02-06
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via unknown vectors related to Kernel.
15 CVE-2013-5864 2013-10-16 2013-12-05
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to USB hub driver.
16 CVE-2013-5862 2013-10-16 2013-12-05
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers.
17 CVE-2013-5849 2013-10-16 2014-10-04
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.
18 CVE-2013-5839 2013-10-16 2013-12-05
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Oracle Java Web Console.
19 CVE-2013-5833 2014-01-15 2014-02-06
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 8 and 9 allows local users to affect availability via unknown vectors related to Filesystem.
20 CVE-2013-5821 2014-01-15 2014-02-06
4.6
None Local Low Not required Partial Partial Partial
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availability via vectors related to RPC.
21 CVE-2013-5790 2013-10-16 2014-10-04
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS.
22 CVE-2013-5784 2013-10-16 2014-10-04
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING.
23 CVE-2013-5780 2013-10-16 2014-10-04
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
24 CVE-2013-3837 2013-10-16 2013-12-05
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows remote attackers to affect availability via unknown vectors related to Cacao.
25 CVE-2013-3799 2013-07-17 2013-12-05
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11, when running on AMD64, allows local users to affect availability via unknown vectors related to Kernel.
26 CVE-2013-3797 2013-07-17 2013-08-22
4.7
None Local Medium Not required None None Complete
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Filesystem/DevFS.
27 CVE-2013-3787 2013-07-17 2013-12-05
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Kernel.
28 CVE-2013-3765 2013-07-17 2013-08-22
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Kernel/VM.
29 CVE-2013-3752 2013-07-17 2013-08-22
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect integrity via vectors related to Service Management Facility (SMF).
30 CVE-2013-2433 2013-04-17 2014-01-07
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.
31 CVE-2013-2418 2013-04-17 2013-12-05
4.6
None Local Low Not required Partial Partial Partial
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
32 CVE-2013-1571 2013-06-18 2014-10-04
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc.
33 CVE-2013-1540 2013-04-17 2013-12-05
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2433.
34 CVE-2013-1507 2013-04-17 2013-12-05
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Filesystem.
35 CVE-2013-1498 2013-04-17 2013-12-05
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1496.
36 CVE-2013-1496 2013-04-17 2013-12-05
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1498.
37 CVE-2013-1494 2013-04-17 2013-12-05
4.7
None Local Medium Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10, when running on SPARC T4 servers, allows local users to affect availability via unknown vectors related to Kernel.
38 CVE-2013-0443 2013-02-01 2014-10-04
4.0
None Remote High Not required Partial Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key.
39 CVE-2013-0438 2013-02-01 2013-12-05
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
40 CVE-2013-0413 2013-04-17 2013-12-05
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Remote Execution Service.
41 CVE-2013-0407 2013-01-16 2013-12-05
4.6
None Local Low Single system None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/DTrace Framework.
42 CVE-2013-0406 2013-04-17 2013-12-05
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via unknown vectors via vectors related to Kernel/IPsec.
43 CVE-2012-5095 2012-10-17 2013-10-10
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to inetd.
44 CVE-2012-4233 DoS 2012-11-19 2013-01-03
4.3
None Remote Medium Not required None None Partial
LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll.
45 CVE-2012-3212 2012-10-16 2013-10-10
4.7
None Local Medium Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC T4 servers, allows local users to affect availability via unknown vectors related to Kernel.
46 CVE-2012-3211 2012-10-16 2013-10-10
4.6
None Local Low Single system None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/System Call.
47 CVE-2012-3208 2012-10-16 2013-10-10
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability, related to Kernel/RCTL.
48 CVE-2012-3207 2012-10-16 2013-10-10
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kernel.
49 CVE-2012-3131 2012-07-17 2013-10-10
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows remote attackers to affect confidentiality, related to Network/NFS.
50 CVE-2012-3130 2012-07-17 2013-10-10
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect integrity via unknown vectors related to pkg.depotd.
Total number of vulnerabilities : 304   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.