Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0388 | 1 Sun | 1 Java System Web Server | 2025-04-11 | 7.5 HIGH | N/A |
| Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaration in a PROPFIND request. | |||||
| CVE-2013-1480 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption. | |||||
| CVE-2010-0092 | 1 Sun | 2 Jdk, Jre | 2025-04-11 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2011-2459 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460. | |||||
| CVE-2010-0845 | 1 Sun | 2 Jdk, Jre | 2025-04-11 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2010-4415 | 1 Sun | 1 Sunos | 2025-04-11 | 4.1 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to libc. | |||||
| CVE-2010-3549 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-11 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the HttpURLConnection class. | |||||
| CVE-2011-3542 | 1 Sun | 1 Sunos | 2025-04-11 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Kernel/Performance Counter BackEnd Module (pcbe). | |||||
| CVE-2011-2140 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425. | |||||
| CVE-2010-3640 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652. | |||||
| CVE-2012-4294 | 2 Sun, Wireshark | 2 Sunos, Wireshark | 2025-04-11 | 5.8 MEDIUM | N/A |
| Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value. | |||||
| CVE-2010-0841 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and "stepX". | |||||
| CVE-2012-1681 | 1 Sun | 1 Sunos | 2025-04-11 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kernel/sockfs. | |||||
| CVE-2011-3548 | 1 Sun | 2 Jdk, Jre | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT. | |||||
| CVE-2010-0389 | 1 Sun | 1 Java System Web Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP request that lacks a method token. | |||||
| CVE-2013-1478 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption. | |||||
| CVE-2010-0837 | 1 Sun | 2 Jdk, Jre | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2013-1530 | 1 Sun | 1 Sunos | 2025-04-11 | 3.8 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via unknown vectors related to Kernel. | |||||
| CVE-2011-2287 | 1 Sun | 1 Sunos | 2025-04-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to fingerd. | |||||
| CVE-2010-0085 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-11 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0088. | |||||