Sun System Firmware
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-2584 | Cri | 0.60 | — | 0.00 | Mar 2, 2026 | A critical SQL Injection (SQLi) vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker (AV:N/PR:N) can exploit this flaw by sending specially crafted SQL queries through the login interface. Due to low attack complexity… | ||
| CVE-2018-12179 | Hig | 0.51 | 7.8 | 0.00 | Mar 27, 2019 | Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | ||
| CVE-2017-10099 | Med | 0.29 | 4.4 | 0.00 | Oct 19, 2017 | Vulnerability in the SPARC M7, T7, S7 based Servers component of Oracle Sun Systems Products Suite (subcomponent: Firmware). The supported version that is affected is Prior to 9.7.6.b. Easily exploitable vulnerability allows high privileged attacker with logon to the… | ||
| CVE-2013-5781 | 0.00 | — | 0.00 | Oct 16, 2013 | Unspecified vulnerability in Oracle PARC Enterprise T4 Servers running Sun System Firmware before 8.3.0.b allows local users to affect confidentiality, integrity, and availability via vectors related to Sun System Firmware/Integrated Lights Out Manager (ILOM). | |||
| CVE-2013-3838 | 0.00 | — | 0.00 | Oct 16, 2013 | Unspecified vulnerability in Oracle SPARC Enterprise T & M Series Servers running Sun System Firmware before 6.7.13 for SPARC T1, 7.4.6.c for SPARC T2, 8.3.0.b for SPARC T3 & T4, 9.0.0.d for SPARC T5 and 9.0.1.e for SPARC M5 allows local users to affect availability via unknown… |
- risk 0.60cvss —epss 0.00
A critical SQL Injection (SQLi) vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker (AV:N/PR:N) can exploit this flaw by sending specially crafted SQL queries through the login interface. Due to low attack complexity…
- risk 0.51cvss 7.8epss 0.00
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
- risk 0.29cvss 4.4epss 0.00
Vulnerability in the SPARC M7, T7, S7 based Servers component of Oracle Sun Systems Products Suite (subcomponent: Firmware). The supported version that is affected is Prior to 9.7.6.b. Easily exploitable vulnerability allows high privileged attacker with logon to the…
- CVE-2013-5781Oct 16, 2013risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle PARC Enterprise T4 Servers running Sun System Firmware before 8.3.0.b allows local users to affect confidentiality, integrity, and availability via vectors related to Sun System Firmware/Integrated Lights Out Manager (ILOM).
- CVE-2013-3838Oct 16, 2013risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle SPARC Enterprise T & M Series Servers running Sun System Firmware before 6.7.13 for SPARC T1, 7.4.6.c for SPARC T2, 8.3.0.b for SPARC T3 & T4, 9.0.0.d for SPARC T5 and 9.0.1.e for SPARC M5 allows local users to affect availability via unknown…