SCO : Security Vulnerabilities, CVEs, CVSS score >= 8
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
Max CVSS
10.0
EPSS Score
0.61%
Published
2005-12-31
Updated
2018-10-19
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
Max CVSS
9.8
EPSS Score
1.17%
Published
2003-10-07
Updated
2024-01-25
CVE-2001-0797
Public exploit
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
Max CVSS
10.0
EPSS Score
97.24%
Published
2001-12-12
Updated
2018-10-30
A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.
Max CVSS
10.0
EPSS Score
0.55%
Published
2001-03-12
Updated
2008-09-05
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
Max CVSS
10.0
EPSS Score
0.19%
Published
2001-03-12
Updated
2008-09-05
Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.
Max CVSS
10.0
EPSS Score
2.45%
Published
2001-03-12
Updated
2008-09-05
Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
Max CVSS
10.0
EPSS Score
4.14%
Published
1999-12-21
Updated
2016-10-18
Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.
Max CVSS
10.0
EPSS Score
0.08%
Published
1999-12-30
Updated
2016-10-18
SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.
Max CVSS
10.0
EPSS Score
3.84%
Published
1993-09-17
Updated
2017-10-10
UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.
Max CVSS
10.0
EPSS Score
0.16%
Published
1998-12-02
Updated
2008-09-09
Denial of service in BIND named via malformed SIG records.
Max CVSS
10.0
EPSS Score
1.92%
Published
1999-11-10
Updated
2018-10-30
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
Max CVSS
10.0
EPSS Score
0.37%
Published
1998-12-04
Updated
2016-10-18
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
Max CVSS
10.0
EPSS Score
8.59%
Published
1999-02-09
Updated
2022-08-17
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
Max CVSS
10.0
EPSS Score
1.15%
Published
1998-04-08
Updated
2018-10-30
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
Max CVSS
10.0
EPSS Score
9.01%
Published
1998-04-08
Updated
2018-10-30
15 vulnerabilities found