VYPR

Sun System Firmware

by Oracle Corporation

CVEs (5)

  • CVE-2026-2584CriMar 2, 2026
    risk 0.60cvss epss 0.00

    A critical SQL Injection (SQLi) vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker (AV:N/PR:N) can exploit this flaw by sending specially crafted SQL queries through the login interface. Due to low attack complexity…

  • CVE-2018-12179HigMar 27, 2019
    risk 0.51cvss 7.8epss 0.00

    Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

  • CVE-2017-10099MedOct 19, 2017
    risk 0.29cvss 4.4epss 0.00

    Vulnerability in the SPARC M7, T7, S7 based Servers component of Oracle Sun Systems Products Suite (subcomponent: Firmware). The supported version that is affected is Prior to 9.7.6.b. Easily exploitable vulnerability allows high privileged attacker with logon to the…

  • CVE-2013-5781Oct 16, 2013
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Oracle PARC Enterprise T4 Servers running Sun System Firmware before 8.3.0.b allows local users to affect confidentiality, integrity, and availability via vectors related to Sun System Firmware/Integrated Lights Out Manager (ILOM).

  • CVE-2013-3838Oct 16, 2013
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Oracle SPARC Enterprise T & M Series Servers running Sun System Firmware before 6.7.13 for SPARC T1, 7.4.6.c for SPARC T2, 8.3.0.b for SPARC T3 & T4, 9.0.0.d for SPARC T5 and 9.0.1.e for SPARC M5 allows local users to affect availability via unknown…