SCO : Security Vulnerabilities, CVEs, CVSS score between 5 and 5.99
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
Max CVSS
5.0
EPSS Score
0.92%
Published
1997-12-16
Updated
2018-10-12
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
Max CVSS
5.0
EPSS Score
0.29%
Published
1998-04-08
Updated
2018-10-30
Delete or create a file via rpc.statd, due to invalid information.
Max CVSS
5.0
EPSS Score
0.75%
Published
1996-04-24
Updated
2008-09-09
DNS cache poisoning via BIND, by predictable query IDs.
Max CVSS
5.0
EPSS Score
0.75%
Published
1997-08-13
Updated
2022-08-17
Sendmail decode alias can be used to overwrite sensitive files.
Max CVSS
5.0
EPSS Score
1.17%
Published
1996-12-10
Updated
2008-09-09
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
Max CVSS
5.0
EPSS Score
1.15%
Published
1996-12-18
Updated
2022-08-17
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.
Max CVSS
5.0
EPSS Score
0.30%
Published
1997-07-01
Updated
2008-09-09
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
Max CVSS
5.0
EPSS Score
0.85%
Published
1997-01-01
Updated
2022-08-17
Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.21%
Published
2000-03-10
Updated
2008-09-10
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.
Max CVSS
5.0
EPSS Score
0.22%
Published
2001-03-12
Updated
2008-09-05
Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.22%
Published
2001-03-12
Updated
2008-09-05
The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Max CVSS
5.0
EPSS Score
0.38%
Published
2000-11-14
Updated
2008-09-05
Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.
Max CVSS
5.0
EPSS Score
1.26%
Published
2001-11-30
Updated
2017-10-10
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.16%
Published
2001-12-31
Updated
2008-09-05
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
Max CVSS
5.0
EPSS Score
0.43%
Published
2002-10-28
Updated
2018-10-30
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
Max CVSS
5.0
EPSS Score
0.34%
Published
2003-10-20
Updated
2022-08-17
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Max CVSS
5.0
EPSS Score
0.26%
Published
2004-11-23
Updated
2021-11-08
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
Max CVSS
5.0
EPSS Score
0.25%
Published
2004-11-23
Updated
2024-02-15
The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.
Max CVSS
5.0
EPSS Score
0.84%
Published
2005-01-11
Updated
2008-09-05
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
Max CVSS
5.6
EPSS Score
0.08%
Published
2005-03-05
Updated
2018-10-16
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
Max CVSS
5.0
EPSS Score
1.28%
Published
2005-12-31
Updated
2018-10-19
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Max CVSS
5.0
EPSS Score
0.52%
Published
2005-12-31
Updated
2018-10-19
22 vulnerabilities found