Every CVE whose affected-product data names Sun Sunos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2000-0032 — CVSS 10.0 (critical): Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.
CVE-2001-0797 — CVSS 10.0 (critical): Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large…
CVE-2010-4435 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability…
CVE-2001-0779 — CVSS 10.0 (critical): Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username.
CVE-2008-4619 — CVSS 10.0 (critical): The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8…
CVE-2001-0554 — CVSS 10.0 (critical): Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a…
CVE-2001-0353 — CVSS 10.0 (critical): Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via…
CVE-2001-0269 — CVSS 10.0 (critical): pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password.
CVE-2002-0436 — CVSS 10.0 (critical): sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in…
CVE-1999-0974 — CVSS 10.0 (critical): Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
CVE-2003-1081 — CVSS 10.0 (critical): Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file.
CVE-2002-0033 — CVSS 10.0 (critical): Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with…
CVE-2001-1583 — CVSS 10.0 (critical): lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control…
CVE-2001-0236 — CVSS 10.0 (critical): Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long…
CVE-2000-0844 — CVSS 10.0 (critical): Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local…
CVE-1999-0973 — CVSS 10.0 (critical): Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in…
CVE-2004-0523 — CVSS 10.0 (critical): Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute…
CVE-1999-1584 — CVSS 10.0 (critical): Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through…
CVE-1999-1467 — CVSS 10.0 (critical): Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to…
CVE-2008-1369 — CVSS 10.0 (critical): A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files…
CVE-2003-0694 — CVSS 10.0 (critical): The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated…
CVE-2004-1351 — CVSS 10.0 (critical): Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code.
CVE-1999-0977 — CVSS 10.0 (critical): Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.
CVE-2003-0201 — CVSS 10.0 (critical): Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG…
CVE-2003-0196 — CVSS 10.0 (critical): Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as…
CVE-2003-0161 — CVSS 10.0 (critical): The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char…
CVE-1999-0097 — CVSS 10.0 (critical): The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
CVE-2007-3093 — CVSS 10.0 (critical): Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows…
CVE-2002-1584 — CVSS 10.0 (critical): Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other…
CVE-2008-2144 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of…
CVE-2002-1337 — CVSS 10.0 (critical): Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related…
CVE-2002-0797 — CVSS 10.0 (critical): Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
CVE-2007-0882 — CVSS 10.0 (critical): Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client…
CVE-2002-0796 — CVSS 10.0 (critical): Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
CVE-2002-0679 — CVSS 10.0 (critical): Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute…
CVE-2002-0391 — CVSS 9.8 (critical): Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including…
CVE-2008-0964 — CVSS 9.3 (critical): Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted…
CVE-2008-0965 — CVSS 9.3 (critical): Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted…
CVE-2011-3508 — CVSS 9.3 (critical): Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect confidentiality, integrity, and…
CVE-2007-3094 — CVSS 9.0 (critical): Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605…
CVE-2008-7300 — CVSS 8.5 (high): The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled…
CVE-2012-4297 — CVSS 8.3 (high): Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in…
CVE-2008-2946 — CVSS 7.8 (high): The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to…
CVE-2013-3748 — CVSS 7.8 (high): Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via vectors related to Driver/IDM (iSCSI Data…
CVE-2013-3753 — CVSS 7.8 (high): Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via vectors related to Kernel/STREAMS…
CVE-2008-2121 — CVSS 7.8 (high): The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of service (CPU consumption and new connection…
CVE-2014-6508 — CVSS 7.8 (high): Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via vectors related to iSCSI Data…
CVE-2011-0841 — CVSS 7.8 (high): Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to TCP/IP.
CVE-2011-2287 — CVSS 7.8 (high): Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors…
CVE-2010-2632 — CVSS 7.8 (high): Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability…
CVE-2011-3543 — CVSS 7.8 (high): Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to iSCSI DataMover (IDM).
CVE-2006-5073 — CVSS 7.8 (high): Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets…
CVE-2007-3223 — CVSS 7.8 (high): Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system…
CVE-2012-0094 — CVSS 7.8 (high): Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect availability, related to TCP/IP.
CVE-2006-7028 — CVSS 7.8 (high): Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a…
CVE-2007-0165 — CVSS 7.8 (high): Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC…
CVE-1999-0212 — CVSS 7.8 (high): Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server.
CVE-2012-3120 — CVSS 7.8 (high): Unspecified vulnerability in Oracle Sun Solaris 8 allows remote attackers to affect availability, related to TCP/IP.
CVE-2010-4457 — CVSS 7.8 (high): Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to SMB and CIFS.
CVE-2012-3189 — CVSS 7.8 (high): Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability, related to COMSTAR.
CVE-2012-3210 — CVSS 7.8 (high): Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via unknown vectors related to Kernel.
CVE-2007-4395 — CVSS 7.6 (high): Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know…
CVE-1999-0017 — CVSS 7.5 (high): FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVE-2005-0248 — CVSS 7.5 (high): The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates…
CVE-1999-0168 — CVSS 7.5 (high): The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host…
CVE-1999-0185 — CVSS 7.5 (high): In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server…
CVE-1999-0189 — CVSS 7.5 (high): Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.
CVE-1999-0298 — CVSS 7.5 (high): ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a…
CVE-1999-0302 — CVSS 7.5 (high): SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.
CVE-2014-4276 — CVSS 7.5 (high): Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability via…
CVE-1999-0493 — CVSS 7.5 (high): rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn…
CVE-1999-0687 — CVSS 7.5 (high): The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
CVE-1999-0795 — CVSS 7.5 (high): The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable…
CVE-1999-0875 — CVSS 7.5 (high): DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.
CVE-1999-1432 — CVSS 7.5 (high): Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed…
CVE-1999-1506 — CVSS 7.5 (high): Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.
CVE-2001-1328 — CVSS 7.5 (high): Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.
CVE-2001-1414 — CVSS 7.5 (high): The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide…
CVE-2002-0573 — CVSS 7.5 (high): Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code…
CVE-2002-0677 — CVSS 7.5 (high): CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain…
CVE-2002-0884 — CVSS 7.5 (high): Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating…
CVE-2002-0885 — CVSS 7.5 (high): Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open…
CVE-2002-1317 — CVSS 7.5 (high): Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of…
CVE-1999-0065 — CVSS 7.5 (high): Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.
CVE-2003-0028 — CVSS 7.5 (high): Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived…
CVE-2003-0064 — CVSS 7.5 (high): The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to…
CVE-2003-1063 — CVSS 7.5 (high): The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file…
CVE-2003-1078 — CVSS 7.5 (high): The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login.
CVE-2004-1082 — CVSS 7.5 (high): mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows…
CVE-2004-1307 — CVSS 7.5 (high): Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code…
CVE-2000-0317 — CVSS 7.2 (high): Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option.
CVE-2002-1980 — CVSS 7.2 (high): Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown…
CVE-2002-2197 — CVSS 7.2 (high): Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll…
CVE-2009-4191 — CVSS 7.2 (high): Unspecified vulnerability in the kernel in Sun Solaris 10 and OpenSolaris 2009.06 on the x86-64 platform allows local users to gain…
CVE-2003-0091 — CVSS 7.2 (high): Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.
CVE-2003-0092 — CVSS 7.2 (high): Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME…
CVE-2006-4319 — CVSS 7.2 (high): Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System…
CVE-2006-4307 — CVSS 7.2 (high): Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via…
CVE-2003-0609 — CVSS 7.2 (high): Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long…
CVE-2006-4306 — CVSS 7.2 (high): Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors…
CVE-2003-0999 — CVSS 7.2 (high): Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute…
CVE-2003-1024 — CVSS 7.2 (high): Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and…
CVE-2003-1055 — CVSS 7.2 (high): Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an…
CVE-2003-1056 — CVSS 7.2 (high): The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary…
CVE-2003-1057 — CVSS 7.2 (high): Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code.
CVE-2003-1059 — CVSS 7.2 (high): Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access.
CVE-2006-0901 — CVSS 7.2 (high): Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic)…
CVE-2011-2285 — CVSS 7.2 (high): Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown…
CVE-2003-1067 — CVSS 7.2 (high): Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9…
CVE-2003-1068 — CVSS 7.2 (high): Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a…
CVE-1999-0120 — CVSS 7.2 (high): Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root.
CVE-2005-4795 — CVSS 7.2 (high): Unspecified vulnerability in the multi-language environment library (libmle) in Solaris 7 and 8, as shipped with the Japanese locale…
CVE-2014-6524 — CVSS 7.2 (high): Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown…
CVE-2003-1076 — CVSS 7.2 (high): Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly…
CVE-1999-0136 — CVSS 7.2 (high): Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access.
CVE-2008-2710 — CVSS 7.2 (high): Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun…
CVE-2005-2072 — CVSS 7.2 (high): The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows…
CVE-2003-1082 — CVSS 7.2 (high): Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a…
CVE-2004-0360 — CVSS 7.2 (high): Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.
CVE-2004-0496 — CVSS 7.2 (high): Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of…
CVE-2008-3450 — CVSS 7.2 (high): Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 through 10 allows local users to gain privileges or cause a denial…
CVE-1999-0767 — CVSS 7.2 (high): Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.
CVE-2013-3750 — CVSS 7.2 (high): Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown…
CVE-1999-0691 — CVSS 7.2 (high): Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
CVE-2004-0780 — CVSS 7.2 (high): Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument.
CVE-1999-0040 — CVSS 7.2 (high): Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
CVE-1999-0948 — CVSS 7.2 (high): Buffer overflow in uum program for Canna input system allows local users to gain root privileges.
CVE-1999-0949 — CVSS 7.2 (high): Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
CVE-1999-0952 — CVSS 7.2 (high): Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.
CVE-1999-0966 — CVSS 7.2 (high): Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0].
CVE-1999-0689 — CVSS 7.2 (high): The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
CVE-1999-1021 — CVSS 7.2 (high): NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower…
CVE-1999-1080 — CVSS 7.2 (high): rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of…
CVE-1999-1123 — CVSS 7.2 (high): The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2)…
CVE-1999-1142 — CVSS 7.2 (high): SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or…
CVE-1999-1158 — CVSS 7.2 (high): Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows…
CVE-1999-1191 — CVSS 7.2 (high): Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
CVE-1999-1192 — CVSS 7.2 (high): Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
CVE-1999-1197 — CVSS 7.2 (high): TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a user who tries to redirect console output and input, which could allow…
CVE-1999-1211 — CVSS 7.2 (high): Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges.
CVE-1999-1212 — CVSS 7.2 (high): Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges.
CVE-1999-1318 — CVSS 7.2 (high): /usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to…
CVE-1999-1371 — CVSS 7.2 (high): Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name…
CVE-1999-1396 — CVSS 7.2 (high): Vulnerability in integer multiplication emulation code on SPARC architectures for SunOS 4.1 through 4.1.2 allows local users to gain root…
CVE-1999-1419 — CVSS 7.2 (high): Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.
CVE-2014-6521 — CVSS 7.2 (high): Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via vectors…
CVE-1999-1438 — CVSS 7.2 (high): Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments.
CVE-2012-3204 — CVSS 7.2 (high): Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown…
CVE-1999-1507 — CVSS 7.2 (high): Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash.
CVE-1999-1580 — CVSS 7.2 (high): SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by…
CVE-1999-0410 — CVSS 7.2 (high): The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.
CVE-1999-1585 — CVSS 7.2 (high): The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails…
CVE-1999-1586 — CVSS 7.2 (high): loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a…
CVE-2012-3199 — CVSS 7.2 (high): Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availability via…
CVE-1999-0051 — CVSS 7.2 (high): Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
CVE-1999-0369 — CVSS 7.2 (high): The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.
CVE-2000-0055 — CVSS 7.2 (high): Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.
CVE-2000-0118 — CVSS 7.2 (high): The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local…
CVE-2000-0316 — CVSS 7.2 (high): Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option.
CVE-1999-0674 — CVSS 7.2 (high): The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
CVE-2000-0337 — CVSS 7.2 (high): Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter.
CVE-2000-0407 — CVSS 7.2 (high): Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.
CVE-2000-0471 — CVSS 7.2 (high): Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.
CVE-1999-0032 — CVSS 7.2 (high): Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C…
CVE-2000-0949 — CVSS 7.2 (high): Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option.
CVE-1999-0339 — CVSS 7.2 (high): Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.
CVE-2001-0115 — CVSS 7.2 (high): Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.
CVE-2001-0124 — CVSS 7.2 (high): Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.
CVE-2001-0165 — CVSS 7.2 (high): Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name)…