CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SUN : Security Vulnerabilities

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-43360 502 Exec Code 2021-12-01 2021-12-02
9.0
 None Remote Low ??? Complete Complete Complete
Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbitrary code and control the system or interrupt services.
2 CVE-2021-43359 Exec Code 2021-12-01 2022-07-25
9.0
 None Remote Low ??? Complete Complete Complete
Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary code and control the system or interrupt services.
3 CVE-2021-43358 22 Dir. Trav. 2021-12-01 2021-12-02
7.8
 None Remote Low Not required Complete None None
Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote attacker to perform path traversal attacks without authentication, access restricted paths and download system files.
4 CVE-2020-10510 20 2020-03-27 2021-07-21
4.0
 None Remote Low ??? Partial None None
Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data.
5 CVE-2020-10509 79 XSS 2020-03-27 2020-03-30
4.3
 None Remote Medium Not required None Partial None
Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack.
6 CVE-2020-10508 200 +Info 2020-03-27 2021-07-21
5.0
 None Remote Low Not required Partial None None
Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information.
7 CVE-2015-0430 2015-01-21 2017-09-08
1.9
 None Local Medium Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility.
8 CVE-2015-0429 2015-01-21 2017-09-08
3.3
 None Local Medium Not required None Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility.
9 CVE-2015-0428 2015-01-21 2017-09-08
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control.
10 CVE-2015-0397 2015-01-21 2017-09-08
2.1
 None Local Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600.
11 CVE-2015-0375 2015-01-21 2017-09-08
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network.
12 CVE-2014-6600 2015-01-21 2016-12-07
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2015-0397.
13 CVE-2014-6575 2015-01-21 2016-12-07
5.0
 None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Network, a different vulnerability than CVE-2004-0230.
14 CVE-2014-6570 2015-01-21 2016-12-07
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6600 and CVE-2015-0397.
15 CVE-2014-6529 2014-10-15 2014-11-19
6.8
 None Local Network High Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hermon HCA PCIe driver.
16 CVE-2014-6524 2015-01-21 2016-12-07
7.2
 None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.
17 CVE-2014-6521 2015-01-21 2016-12-07
7.2
 None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, integrity, and availability via vectors related to CDE - Power Management Utility.
18 CVE-2014-6518 2015-01-21 2016-12-07
6.6
 None Local Low Not required None Complete Complete
Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to Unix File System (UFS).
19 CVE-2014-6510 2015-01-21 2016-12-07
7.2
 None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Power Management Utility.
20 CVE-2014-6509 2015-01-21 2016-12-07
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability via unknown vectors related to Kernel.
21 CVE-2014-6508 2014-10-15 2014-11-19
7.8
 None Remote Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via vectors related to iSCSI Data Mover (IDM).
22 CVE-2014-6501 2014-10-15 2015-11-06
2.1
 None Local Low Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via vectors related to SSH.
23 CVE-2014-6497 2014-10-15 2015-11-06
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Kernel.
24 CVE-2014-6490 2014-10-15 2015-11-06
5.0
 None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via vectors related to SMB server user component.
25 CVE-2014-6481 2015-01-21 2016-12-07
4.3
 None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect confidentiality via vectors related to KSSL.
26 CVE-2014-6473 2014-10-15 2015-11-06
7.2
 None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Zone Framework.
27 CVE-2014-6470 2014-10-15 2015-11-06
6.8
 None Local Low ??? Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Archive Utility.
28 CVE-2014-4284 2014-10-15 2015-11-06
4.4
 None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than CVE-2014-4280.
29 CVE-2014-4283 2014-10-15 2015-11-06
4.3
 None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4277.
30 CVE-2014-4282 2014-10-15 2015-11-06
7.2
 None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86.
31 CVE-2014-4280 2014-10-15 2015-11-06
4.6
 None Local Low Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than CVE-2014-4284.
32 CVE-2014-4277 2014-10-15 2015-11-06
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4283.
33 CVE-2014-4276 2014-10-15 2015-11-06
7.5
 None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Common Internet File System (CIFS).
34 CVE-2014-4275 2014-10-15 2015-11-06
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to SMB server kernel module.
35 CVE-2014-4239 2014-07-17 2018-10-09
4.0
 None Remote Low ??? Partial None None
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Common Agent Container (Cacao).
36 CVE-2014-4225 2014-07-17 2018-10-09
6.9
 None Local Medium Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Patch installation scripts.
37 CVE-2014-4224 2014-07-17 2018-10-09
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows local users to affect availability via unknown vectors related to sockfs.
38 CVE-2014-4215 2014-07-17 2018-10-09
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers, a different vulnerability than CVE-2013-5862.
39 CVE-2014-0447 2014-04-16 2016-11-22
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2013-5876.
40 CVE-2014-0442 2014-04-16 2014-04-16
4.6
 None Local Low Not required Partial Partial Partial
Unspecified vulnerability in Oracle Solaris 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Print Filter Utility.
41 CVE-2014-0421 2014-04-16 2014-04-16
4.6
 None Local Low Not required Partial Partial Partial
Unspecified vulnerability in Oracle Solaris 10, when running on the SPARC64-X Platform, allows local users to affect confidentiality, integrity, and availability via unknown vectors.
42 CVE-2014-0390 2014-01-15 2017-08-29
4.3
 None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Java Web Console.
43 CVE-2013-5883 2014-01-15 2017-08-29
3.2
 None Local Low ??? None Partial Partial
Unspecified vulnerability in Oracle Solaris 8 allows local users to affect integrity and availability via unknown vectors related to Kernel.
44 CVE-2013-5876 2014-01-15 2017-08-29
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2014-0447.
45 CVE-2013-5872 2014-01-15 2017-08-29
2.1
 None Local Low Not required None None Partial
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to Name Service Cache Daemon (NSCD).
46 CVE-2013-5864 2013-10-16 2017-09-19
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to USB hub driver.
47 CVE-2013-5862 2013-10-16 2017-09-19
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers, a different vulnerability than CVE-2014-4215.
48 CVE-2013-5852 2013-10-16 2022-05-13
7.6
 None Remote High Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5824, and CVE-2013-5832.
49 CVE-2013-5850 2013-10-16 2022-05-13
9.3
 None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5842.
50 CVE-2013-5849 2013-10-16 2022-05-13
4.3
 None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.
Total number of vulnerabilities : 1530   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.