Filtered by vendor Sco
Subscribe
Total
129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2025-03-17 | 2.1 LOW | N/A |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | |||||
| CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2025-01-16 | 5.0 MEDIUM | 7.5 HIGH |
| The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | |||||
| CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2024-02-15 | 5.0 MEDIUM | N/A |
| The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | |||||
| CVE-2003-0937 | 1 Sco | 2 Open Unix, Unixware | 2024-02-14 | 4.6 MEDIUM | N/A |
| SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user. | |||||
| CVE-2004-0510 | 1 Sco | 1 Openserver | 2024-02-14 | 7.2 HIGH | N/A |
| Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program. | |||||
| CVE-2003-0791 | 2 Mozilla, Sco | 2 Mozilla, Openserver | 2024-01-25 | 7.5 HIGH | 9.8 CRITICAL |
| The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed. | |||||
| CVE-2000-0224 | 1 Sco | 1 Unixware | 2023-11-07 | 1.2 LOW | N/A |
| ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack. | |||||
| CVE-2000-0154 | 1 Sco | 1 Unixware | 2023-11-07 | 1.2 LOW | N/A |
| The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack. | |||||
| CVE-1999-0864 | 1 Sco | 1 Unixware | 2023-11-07 | 7.2 HIGH | N/A |
| UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file. | |||||
| CVE-2000-0306 | 1 Sco | 1 Openserver | 2023-11-07 | 10.0 HIGH | N/A |
| Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message. | |||||
| CVE-1999-0836 | 1 Sco | 1 Unixware | 2023-11-07 | 10.0 HIGH | N/A |
| UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-2000-0158 | 1 Sco | 1 Openserver | 2023-11-07 | 7.5 HIGH | N/A |
| Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. | |||||
| CVE-2003-0658 | 2 Caldera, Sco | 4 Openlinux Server, Openlinux Workstation, Openserver and 1 more | 2022-08-17 | 5.0 MEDIUM | N/A |
| Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules. | |||||
| CVE-1999-0893 | 1 Sco | 1 Openserver | 2022-08-17 | 2.1 LOW | N/A |
| userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack. | |||||
| CVE-1999-0942 | 1 Sco | 1 Unixware | 2022-08-17 | 7.2 HIGH | N/A |
| UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes. | |||||
| CVE-1999-0988 | 1 Sco | 1 Unixware | 2022-08-17 | 7.2 HIGH | N/A |
| UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack. | |||||
| CVE-2003-0742 | 1 Sco | 1 Openserver | 2022-08-17 | 7.2 HIGH | N/A |
| SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program. | |||||
| CVE-1999-0830 | 1 Sco | 1 Unixware | 2022-08-17 | 7.2 HIGH | N/A |
| Buffer overflow in SCO UnixWare Xsco command via a long argument. | |||||
| CVE-1999-0476 | 1 Sco | 1 Openserver | 2022-08-17 | 7.2 HIGH | N/A |
| A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user. | |||||
| CVE-1999-0411 | 1 Sco | 1 Openserver | 2022-08-17 | 7.2 HIGH | N/A |
| Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access. | |||||