CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4443
https://notcve.org/view.php?id=CVE-2010-4443
19 Jan 2011 — Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/NFS. Vulnerabilidad no especificada en Oracle Solaris v10 y v11 Express permite a usuarios locales afectar a la disponibilidad, relacionado con Kernel/NFS. • http://osvdb.org/70578 •
CVSS: 10.0EPSS: 36%CPEs: 3EXPL: 2CVE-2010-4435 – Multiple Vendor Calendar Manager RPC Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4435
19 Jan 2011 — Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operating systems, such as HP-UX, or claims from a reliable third party that this is a buffer overflow in rpc.cmsd via long XDR-encoded ASCII strings in RPC call... • https://www.exploit-db.com/exploits/16137 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-4415
https://notcve.org/view.php?id=CVE-2010-4415
19 Jan 2011 — Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to libc. Vulnerabilidad no especificada en Oracle Solaris v8, v9 y v10 permite a usuarios locales afectar la una confidencialidad, integridad y disponibilidad a traves de vectores desconocidos relacionados con libc. • http://secunia.com/advisories/42984 •
CVSS: 7.8EPSS: 12%CPEs: 4EXPL: 1CVE-2010-2632 – libc/glob - Resource Exhaustion / Remote ftpd-anonymous (Denial of Service)
https://notcve.org/view.php?id=CVE-2010-2632
19 Jan 2011 — Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames. Vulnerabilidad no especifica... • https://www.exploit-db.com/exploits/15215 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2009-4191
https://notcve.org/view.php?id=CVE-2009-4191
03 Dec 2009 — Unspecified vulnerability in the kernel in Sun Solaris 10 and OpenSolaris 2009.06 on the x86-64 platform allows local users to gain privileges via unknown vectors, as demonstrated by the vd_sol_local module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad inespecífica en el kernel en Sun Solaris v10 y ... • http://www.intevydis.com/blog/?p=79 •
CVSS: 5.5EPSS: 0%CPEs: 78EXPL: 0CVE-2009-4080
https://notcve.org/view.php?id=CVE-2009-4080
27 Nov 2009 — Multiple unspecified vulnerabilities in ldap_cachemgr (aka the LDAP client configuration cache daemon) in Sun Solaris 9 and 10, and OpenSolaris before snv_78, allow local users to cause a denial of service (daemon crash) via vectors involving multiple serviceSearchDescriptor attributes and a call to the getldap_lookup function, and unspecified other vectors. Múltiples vulnerabilidades no especificadas en ldap_cachemgr (también conocido como demonio de la caché del configuración del cliente LDAP= en Sun Sola... • http://osvdb.org/60514 •
CVSS: 6.8EPSS: 1%CPEs: 182EXPL: 2CVE-2009-0873
https://notcve.org/view.php?id=CVE-2009-0873
11 Mar 2009 — The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other." El demonio NFS (también conocido como nfsd) en Sun Solaris 10 y OpenSolaris snv_106, cuando NFSv3 es usado, no implementa adecuadamente las... • http://osvdb.org/52560 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 40EXPL: 0CVE-2009-0838
https://notcve.org/view.php?id=CVE-2009-0838
06 Mar 2009 — The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function. El controlador crypto pseudo en Sun Solaris v10, y OpenSolaris snv_88 hasta snv_102, no libera memoria adecuadamente, lo cual permite a usuarios locales provocar una denegación de servicio (pánico) a través de vectores no especificados, relacionado con la funci... • http://secunia.com/advisories/34149 • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2008-5550
https://notcve.org/view.php?id=CVE-2008-5550
12 Dec 2008 — Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter. Vulnerabilidad involuntaria de redirección en console/faces/jsp/login/BeginLogin.jsp en Sun Java Web Console v3.0.2 a v3.0.5 y Solaris 10 permite a atacantes remotos redirigir a los usuarios a sitios web de su elección y realizar ataques de phising a través... • http://sunsolve.sun.com/search/document.do?assetkey=1-21-125950-18-1 •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2008-5009
https://notcve.org/view.php?id=CVE-2008-5009
10 Nov 2008 — Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service (panic) via vectors involving reading the /dev/xty file. Condición de carrera en el módulo del kernel s_xout en Sun Solstice X.25 9.2, cuando se ejecuta en una máquina con múltiples CPUs, permite a usuarios locales provocar una denegación de servicio (pánico) mediante vectores que involucran la lectura del archivo /dev/xty. • http://secunia.com/advisories/32667 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •