Filtered by vendor Sco
Subscriptions
Total
129 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0351 | 1 Sco | 1 Unixware | 2025-04-03 | N/A |
| Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages. | ||||
| CVE-2000-0842 | 1 Sco | 1 Unixware | 2025-04-03 | N/A |
| The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2000-1014 | 1 Sco | 1 Unixware | 2025-04-03 | N/A |
| Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter. | ||||
| CVE-2001-0575 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argument to lpshut. | ||||
| CVE-2001-0576 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| lpusers as included with SCO OpenServer 5.0 through 5.0.6 allows a local attacker to gain additional privileges via a buffer overflow attack in the '-u' command line parameter. | ||||
| CVE-2001-0577 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| recon in SCO OpenServer 5.0 through 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first command line argument. | ||||
| CVE-2001-0578 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a local attacker to gain additional privileges via a long first argument to the lpforms command. | ||||
| CVE-2001-0587 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command. | ||||
| CVE-2001-0588 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command. | ||||
| CVE-2001-0627 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2001-0896 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO. | ||||
| CVE-2001-1578 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors. | ||||
| CVE-2001-1579 | 1 Sco | 2 Open Unix, Unixware | 2025-04-03 | N/A |
| The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service. | ||||
| CVE-2002-1199 | 3 Caldera, Sco, Sun | 4 Openlinux, Openserver, Solaris and 1 more | 2025-04-03 | N/A |
| The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. | ||||
| CVE-2002-1998 | 1 Sco | 2 Open Unix, Unixware | 2025-04-03 | N/A |
| Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21). | ||||
| CVE-2003-0282 | 3 Info-zip, Redhat, Sco | 5 Unzip, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. | ||||
| CVE-2003-0742 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program. | ||||
| CVE-2003-0791 | 2 Mozilla, Sco | 2 Mozilla, Openserver | 2025-04-03 | 9.8 Critical |
| The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed. | ||||
| CVE-2003-1021 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline. | ||||
| CVE-1999-1138 | 1 Sco | 4 Open Desktop, Open Desktop Lite, Openserver and 1 more | 2025-04-03 | N/A |
| SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable. | ||||