ReportizFlow
Filtered by vendor Sun
Subscriptions
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4049 | 1 Sun | 1 Ray Server Software | 2025-04-03 | N/A |
| Unspecified vulnerability in the utxconfig utility in Sun Ray Server Software 3.x allows local users to create or overwrite arbitrary files via unknown attack vectors. | ||||
| CVE-2006-4353 | 1 Sun | 1 Java System Content Delivery Server | 2025-04-03 | N/A |
| Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local and remote attackers to read data from arbitrary files via unspecified vectors. | ||||
| CVE-2006-4655 | 2 Sco, Sun | 2 Unixware, Solaris | 2025-04-03 | N/A |
| Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value. | ||||
| CVE-2006-4959 | 1 Sun | 1 Secure Global Desktop | 2025-04-03 | N/A |
| Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available. | ||||
| CVE-2002-0391 | 5 Freebsd, Microsoft, Openbsd and 2 more | 9 Freebsd, Windows 2000, Windows Nt and 6 more | 2025-04-03 | 9.8 Critical |
| Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | ||||
| CVE-2021-43360 | 1 Sun | 1 Ehrd | 2024-11-21 | 8.8 High |
| Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbitrary code and control the system or interrupt services. | ||||
| CVE-2021-43359 | 1 Sun | 1 Ehrd | 2024-11-21 | 8.8 High |
| Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary code and control the system or interrupt services. | ||||
| CVE-2021-43358 | 1 Sun | 1 Ehrd | 2024-11-21 | 7.5 High |
| Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote attacker to perform path traversal attacks without authentication, access restricted paths and download system files. | ||||
| CVE-2020-10510 | 1 Sun | 1 Ehrd | 2024-11-21 | 8.1 High |
| Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data. | ||||
| CVE-2020-10509 | 1 Sun | 1 Ehrd | 2024-11-21 | 6.1 Medium |
| Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack. | ||||
| CVE-2020-10508 | 1 Sun | 1 Ehrd | 2024-11-21 | 7.5 High |
| Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information. | ||||