Max CVSS 10.0 Min CVSS 1.2 Total Count194
IDCVSSSummaryLast (major) updatePublished
CVE-2008-1232 4.3
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to
15-03-2017 - 21:59 03-08-2008 - 21:41
CVE-2008-1447 5.0
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic vi
19-02-2017 - 00:21 08-07-2008 - 19:41
CVE-2007-1351 8.5
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflo
19-02-2017 - 00:17 05-04-2007 - 21:19
CVE-2007-4476 7.5
Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."
07-12-2016 - 22:00 04-09-2007 - 21:17
CVE-2010-0097 4.3
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a f
06-12-2016 - 21:59 22-01-2010 - 17:00
CVE-2009-4022 2.6
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS c
06-12-2016 - 21:59 25-11-2009 - 11:30
CVE-2013-5862 4.9
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers, a different vulnerability than CVE-2014-4215.
28-11-2016 - 14:09 16-10-2013 - 14:55
CVE-2006-0225 4.6
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
18-11-2016 - 21:59 25-01-2006 - 06:03
CVE-2013-0415 6.0
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Bind/Postinstall script for Bind package.
16-11-2016 - 14:05 16-01-2013 - 20:55
CVE-2013-0407 4.6
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/DTrace Framework.
16-11-2016 - 14:00 16-01-2013 - 20:55
CVE-2012-0570 2.1
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Libraries/Libc.
16-11-2016 - 13:59 17-04-2013 - 08:14
CVE-2013-3786 6.0
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.
16-11-2016 - 13:59 17-07-2013 - 09:41
CVE-2013-5864 4.9
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to USB hub driver.
16-11-2016 - 13:53 16-10-2013 - 14:55
CVE-2013-5839 4.3
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Oracle Java Web Console.
16-11-2016 - 13:50 16-10-2013 - 13:55
CVE-2012-0569 3.3
Unspecified vulnerability Oracle Sun Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Install/smpatch.
16-11-2016 - 13:47 16-01-2013 - 20:55
CVE-2013-3745 2.1
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Libraries/Libc.
16-11-2016 - 13:46 17-07-2013 - 09:41
CVE-2013-3787 4.3
Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Kernel.
16-11-2016 - 13:46 17-07-2013 - 09:41
CVE-2013-3757 6.4
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect integrity and availability via vectors related to SMF/File Locking Services.
16-11-2016 - 13:46 17-07-2013 - 09:41
CVE-2013-0413 4.4
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Remote Execution Service.
16-11-2016 - 13:45 17-04-2013 - 08:14
CVE-2013-3799 4.9
Unspecified vulnerability in Oracle Solaris 10 and 11, when running on AMD64, allows local users to affect availability via unknown vectors related to Kernel.
16-11-2016 - 13:43 17-07-2013 - 09:41
CVE-2012-0568 2.1
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality via unknown vectors related to Utility/fdformat.
16-11-2016 - 13:43 17-04-2013 - 08:14
CVE-2013-0412 3.6
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect integrity and availability via unknown vectors related to Utility/pax.
16-11-2016 - 13:43 17-04-2013 - 08:14
CVE-2013-0411 5.9
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via vectors related to RBAC Configuration.
16-11-2016 - 13:43 17-04-2013 - 08:14
CVE-2013-3813 5.8
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality and integrity via vectors related to Libraries/PAM-Unix.
16-11-2016 - 13:19 17-07-2013 - 09:41
CVE-2013-3837 4.3
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows remote attackers to affect availability via unknown vectors related to Cacao.
16-11-2016 - 12:55 16-10-2013 - 11:55
CVE-2013-3842 2.1
Unspecified vulnerability Oracle Solaris 10 allows local users to affect confidentiality via vectors related to Oracle Configuration Manager (OCM).
16-11-2016 - 12:55 16-10-2013 - 11:55
CVE-2013-0398 5.0
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors related to Utility/Remote Execution Server (in.rexecd).
10-11-2016 - 08:28 17-07-2013 - 09:41
CVE-2013-0406 4.3
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via unknown vectors via vectors related to Kernel/IPsec.
09-11-2016 - 16:40 17-04-2013 - 08:14
CVE-2013-0399 6.6
Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Umount.
09-11-2016 - 16:40 16-01-2013 - 20:55
CVE-2013-0400 6.6
Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Filesystem/cachefs.
09-11-2016 - 16:40 16-01-2013 - 20:55
CVE-2013-0403 1.9
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Utility.
09-11-2016 - 16:40 17-04-2013 - 08:14
CVE-2013-0408 5.0
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to CPU performance counters drivers.
09-11-2016 - 16:26 17-04-2013 - 08:14
CVE-2013-1507 4.9
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Filesystem.
09-11-2016 - 16:25 17-04-2013 - 08:14
CVE-2013-1496 4.9
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1498.
09-11-2016 - 16:25 17-04-2013 - 08:14
CVE-2013-0405 6.4
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality and integrity via vectors related to NFS client mounts and IPv6.
09-11-2016 - 16:24 17-04-2013 - 08:14
CVE-2013-1498 4.9
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1496.
09-11-2016 - 16:24 17-04-2013 - 08:14
CVE-2013-1530 3.8
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via unknown vectors related to Kernel.
09-11-2016 - 16:24 17-04-2013 - 08:19
CVE-2013-0404 3.7
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/Boot.
09-11-2016 - 16:24 17-04-2013 - 08:14
CVE-2006-4924 7.8
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack d
17-10-2016 - 23:41 26-09-2006 - 21:07
CVE-2009-3555 5.8
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Secu
22-08-2016 - 21:59 09-11-2009 - 12:30
CVE-2009-0922 4.0
PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified enco
22-08-2016 - 21:59 17-03-2009 - 13:30
CVE-2007-2926 4.3
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query i
16-03-2015 - 21:59 24-07-2007 - 13:30
CVE-2008-1483 6.9
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and
08-08-2014 - 16:41 24-03-2008 - 19:44
CVE-2008-2370 5.0
Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traver
15-03-2014 - 23:29 03-08-2008 - 21:41
CVE-2008-1947 4.3
Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
15-03-2014 - 23:29 04-06-2008 - 15:32
CVE-2009-3800 9.3
Multiple unspecified vulnerabilities in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allow attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
02-11-2013 - 22:53 10-12-2009 - 14:30
CVE-2009-3799 9.3
Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers me
02-11-2013 - 22:53 10-12-2009 - 14:30
CVE-2009-3798 9.3
Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
02-11-2013 - 22:53 10-12-2009 - 14:30
CVE-2009-3797 9.3
Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
02-11-2013 - 22:53 10-12-2009 - 14:30
CVE-2009-3796 9.3
Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."
02-11-2013 - 22:53 10-12-2009 - 14:30
CVE-2009-3794 9.3
Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.
02-11-2013 - 22:53 10-12-2009 - 14:30
CVE-2006-3738 10.0
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.
23-08-2013 - 01:21 28-09-2006 - 14:07
CVE-2009-0168 4.9
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporar
09-08-2013 - 02:09 16-01-2009 - 16:30
CVE-2009-0267 5.0
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-
02-08-2013 - 02:15 26-01-2009 - 10:30
CVE-2006-4343 4.3
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer derefer
29-07-2013 - 11:07 28-09-2006 - 14:07
CVE-2009-1570 9.3
Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow.
14-05-2013 - 22:56 13-11-2009 - 10:30
CVE-2010-0882 7.2
Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_134 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Trusted Extensions.
08-02-2013 - 00:00 13-04-2010 - 18:30
CVE-2010-0891 5.8
Unspecified vulnerability in the Sun Management Center component in Oracle Sun Product Suite 3.6.1 and 4.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Solaris Container Manager.
07-02-2013 - 00:00 13-04-2010 - 18:30
CVE-2010-0890 2.1
Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_01 through snv_98 allows local users to affect availability via unknown vectors related to the Kernel.
07-02-2013 - 00:00 13-04-2010 - 18:30
CVE-2007-1349 4.3
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted U
05-11-2012 - 22:34 29-03-2007 - 20:19
CVE-2008-1684 4.7
inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file.
30-10-2012 - 22:55 06-04-2008 - 19:44
CVE-2007-2949 6.8
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
30-10-2012 - 22:36 04-07-2007 - 11:30
CVE-2007-2798 7.4
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
30-10-2012 - 22:36 26-06-2007 - 18:30
CVE-2007-2754 6.8
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overf
30-10-2012 - 22:36 17-05-2007 - 18:30
CVE-2008-4309 5.0
Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK req
29-10-2012 - 23:17 31-10-2008 - 16:29
CVE-2010-0453 4.9
The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_V
22-10-2012 - 23:19 03-02-2010 - 13:30
CVE-2009-0688 7.5
Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/sasl
22-10-2012 - 23:03 15-05-2009 - 11:30
CVE-2009-3609 4.3
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via
18-01-2012 - 22:41 21-10-2009 - 13:30
CVE-2009-3606 9.3
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overf
18-01-2012 - 22:41 21-10-2009 - 13:30
CVE-2009-3605 6.8
Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (
18-01-2012 - 22:41 02-11-2009 - 10:30
CVE-2007-5225 4.9
Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.
11-10-2011 - 00:00 04-10-2007 - 20:17
CVE-2007-1667 9.3
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive inf
09-09-2011 - 00:00 24-03-2007 - 17:19
CVE-2009-4212 10.0
Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly
06-09-2011 - 23:03 13-01-2010 - 14:30
CVE-2007-5135 6.8
Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue wa
29-08-2011 - 00:00 27-09-2007 - 16:17
CVE-2006-6275 4.7
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals.
10-08-2011 - 00:00 04-12-2006 - 06:28
CVE-2007-5365 7.2
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemo
02-08-2011 - 00:00 11-10-2007 - 06:17
CVE-2007-2356 6.8
Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.
28-07-2011 - 00:00 30-04-2007 - 18:19
CVE-2006-4842 3.6
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrar
20-06-2011 - 00:00 11-10-2006 - 20:07
CVE-2007-0882 10.0
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to
13-06-2011 - 00:00 12-02-2007 - 15:28
CVE-2008-3666 7.1
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrat
07-04-2011 - 00:00 13-08-2008 - 13:41
CVE-2008-0965 9.3
Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.
07-04-2011 - 00:00 08-08-2008 - 14:41
CVE-2009-0480 4.9
The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by
07-03-2011 - 22:18 09-02-2009 - 11:30
CVE-2009-0361 4.6
Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pam_setcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files b
07-03-2011 - 22:18 13-02-2009 - 12:30
CVE-2009-0360 6.2
Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configurat
07-03-2011 - 22:18 13-02-2009 - 12:30
CVE-2009-0346 4.9
The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IP
07-03-2011 - 22:18 29-01-2009 - 14:30
CVE-2009-0319 6.9
Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr pr
07-03-2011 - 22:18 28-01-2009 - 13:30
CVE-2009-0167 4.7
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability."
07-03-2011 - 22:18 16-01-2009 - 16:30
CVE-2008-5689 7.2