Filtered by vendor Sco Subscriptions
Total 129 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-0988 1 Sco 1 Unixware 2026-04-16 N/A
UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.
CVE-1999-1185 1 Sco 5 Cmw, Internet Faststart, Open Desktop and 2 more 2026-04-16 N/A
Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file.
CVE-1999-1302 1 Sco 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more 2026-04-16 N/A
Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access.
CVE-1999-1305 1 Sco 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more 2026-04-16 N/A
Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local users to gain root access.
CVE-1999-1450 1 Sco 2 Openserver, Unixware 2026-04-16 N/A
Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
CVE-2000-0224 1 Sco 1 Unixware 2026-04-16 N/A
ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.
CVE-2000-0307 1 Sco 3 Open Desktop, Openserver, Unixware 2026-04-16 N/A
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.
CVE-2000-0308 2 Netscape, Sco 4 Enterprise Server, Fasttrack Server, Proxy Server and 1 more 2026-04-16 N/A
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
CVE-2000-0351 1 Sco 1 Unixware 2026-04-16 N/A
Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages.
CVE-2006-0072 1 Sco 1 Openserver 2026-04-16 N/A
Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector.
CVE-2000-1014 1 Sco 1 Unixware 2026-04-16 N/A
Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.
CVE-2003-0282 3 Info-zip, Redhat, Sco 5 Unzip, Enterprise Linux, Linux and 2 more 2026-04-16 N/A
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
CVE-2003-0742 1 Sco 1 Openserver 2026-04-16 N/A
SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.
CVE-2003-0791 2 Mozilla, Sco 2 Mozilla, Openserver 2026-04-16 9.8 Critical
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
CVE-2003-0937 1 Sco 2 Open Unix, Unixware 2026-04-16 N/A
SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.
CVE-2005-2926 1 Sco 1 Openserver 2026-04-16 N/A
Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.
CVE-2005-2934 1 Sco 1 Unixware 2026-04-16 N/A
Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.
CVE-2004-0079 23 4d, Apple, Avaya and 20 more 67 Webstar, Mac Os X, Mac Os X Server and 64 more 2026-04-16 7.5 High
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVE-2004-0081 23 4d, Apple, Avaya and 20 more 67 Webstar, Mac Os X, Mac Os X Server and 64 more 2026-04-16 N/A
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVE-2004-0511 1 Sco 1 Openserver 2026-04-16 N/A
Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference.