National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:sun:sunos:5.10:-:~~~~amd64~
There are 212 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2012-0100

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kerberos.

Published: January 18, 2012; 05:55:05 PM -05:00
    V2: 6.8 MEDIUM
CVE-2012-0099

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to sshd.

Published: January 18, 2012; 05:55:05 PM -05:00
    V2: 2.6 LOW
CVE-2012-0098

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2011-0813.

Published: January 18, 2012; 05:55:05 PM -05:00
    V2: 1.9 LOW
CVE-2012-0096

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Network.

Published: January 18, 2012; 05:55:05 PM -05:00
    V2: 5.0 MEDIUM
CVE-2012-0094

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect availability, related to TCP/IP.

Published: January 18, 2012; 05:55:05 PM -05:00
    V2: 7.8 HIGH
CVE-2011-3337

eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/.

Published: January 03, 2012; 10:55:09 PM -05:00
    V2: 6.9 MEDIUM
CVE-2011-4834

The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt.

Published: December 14, 2011; 10:57:35 PM -05:00
    V2: 4.6 MEDIUM
CVE-2011-4160

Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors.

Published: November 23, 2011; 11:01:06 PM -05:00
    V2: 3.2 LOW
CVE-2011-3542

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Kernel/Performance Counter BackEnd Module (pcbe).

Published: October 18, 2011; 06:55:04 PM -04:00
    V2: 4.9 MEDIUM
CVE-2011-3515

Unspecified vulnerability in the Oracle Solaris 10 and 11 Express allows local users to affect integrity and availability via unknown vectors related to Process File System (procfs).

Published: October 18, 2011; 06:55:03 PM -04:00
    V2: 5.6 MEDIUM
CVE-2011-3508

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect confidentiality, integrity, and availability, related to LDAP library.

Published: October 18, 2011; 06:55:03 PM -04:00
    V2: 9.3 HIGH
CVE-2011-2313

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to ZFS, a different vulnerability than CVE-2011-2311.

Published: October 18, 2011; 06:55:02 PM -04:00
    V2: 4.3 MEDIUM
CVE-2008-7300

The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone.

Published: October 04, 2011; 10:56:24 PM -04:00
    V2: 8.5 HIGH
CVE-2011-2444

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011.

Published: September 21, 2011; 11:38:38 PM -04:00
    V2: 4.3 MEDIUM
CVE-2011-2430

Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a "logic error vulnerability."

Published: September 21, 2011; 11:38:38 PM -04:00
    V2: 9.3 HIGH
CVE-2011-2429

Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a "security control bypass."

Published: September 21, 2011; 11:38:38 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-2428

Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service (browser crash) via unspecified vectors, related to a "logic error issue."

Published: September 21, 2011; 11:38:38 PM -04:00
    V2: 9.3 HIGH
CVE-2011-2427

Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors.

Published: September 21, 2011; 11:38:38 PM -04:00
    V2: 9.3 HIGH
CVE-2011-2426

Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via unspecified vectors.

Published: September 21, 2011; 11:38:38 PM -04:00
    V2: 9.3 HIGH
CVE-2011-2424

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures."

Published: August 15, 2011; 05:55:01 PM -04:00
    V2: 9.3 HIGH