Filtered by vendor Sco
Subscriptions
Total
129 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0026 | 2 Sco, Windowmaker | 2 Unixware, Wmmon | 2025-04-03 | N/A |
| Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string. | ||||
| CVE-2000-0147 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration. | ||||
| CVE-2000-0173 | 1 Sco | 1 Unixware | 2025-04-03 | N/A |
| Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service. | ||||
| CVE-2003-0658 | 2 Caldera, Sco | 4 Openlinux Server, Openlinux Workstation, Openserver and 1 more | 2025-04-03 | N/A |
| Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules. | ||||
| CVE-2000-0215 | 1 Sco | 1 Unixware | 2025-04-03 | N/A |
| Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges. | ||||
| CVE-2003-0791 | 2 Mozilla, Sco | 2 Mozilla, Openserver | 2025-04-03 | 9.8 Critical |
| The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed. | ||||
| CVE-2000-0308 | 2 Netscape, Sco | 4 Enterprise Server, Fasttrack Server, Proxy Server and 1 more | 2025-04-03 | N/A |
| Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges. | ||||
| CVE-2000-0351 | 1 Sco | 1 Unixware | 2025-04-03 | N/A |
| Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages. | ||||
| CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2025-04-03 | 7.5 High |
| The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||||
| CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2025-04-03 | N/A |
| OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | ||||
| CVE-2002-1199 | 3 Caldera, Sco, Sun | 4 Openlinux, Openserver, Solaris and 1 more | 2025-04-03 | N/A |
| The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. | ||||
| CVE-2003-0834 | 1 Sco | 2 Open Unix, Unixware | 2025-04-03 | N/A |
| Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. | ||||
| CVE-2004-1039 | 1 Sco | 2 Openserver, Unixware | 2025-04-03 | N/A |
| The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request. | ||||
| CVE-2004-1082 | 8 Apache, Apple, Avaya and 5 more | 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more | 2025-04-03 | N/A |
| mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | ||||
| CVE-2004-1307 | 11 Apple, Avaya, Conectiva and 8 more | 20 Mac Os X, Mac Os X Server, Call Management System Server and 17 more | 2025-04-03 | N/A |
| Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. | ||||
| CVE-1999-0023 | 6 Bsdi, Freebsd, Ibm and 3 more | 10 Bsd Os, Freebsd, Aix and 7 more | 2025-04-03 | N/A |
| Local user gains root privileges via buffer overflow in rdist, via lookup() function. | ||||
| CVE-2005-0109 | 5 Freebsd, Redhat, Sco and 2 more | 9 Freebsd, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-03 | N/A |
| Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. | ||||
| CVE-2006-0072 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector. | ||||
| CVE-2005-2926 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable. | ||||
| CVE-2005-3625 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | N/A |
| Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." | ||||