Search Results (129 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0942 1 Sco 1 Unixware 2026-04-16 N/A
UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.
CVE-2001-1578 1 Sco 1 Openserver 2026-04-16 N/A
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.
CVE-1999-1138 1 Sco 4 Open Desktop, Open Desktop Lite, Openserver and 1 more 2026-04-16 N/A
SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.
CVE-1999-1185 1 Sco 5 Cmw, Internet Faststart, Open Desktop and 2 more 2026-04-16 N/A
Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file.
CVE-1999-1252 1 Sco 1 Unixware 2026-04-16 N/A
Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges.
CVE-1999-1253 1 Sco 2 Internet Faststart, Openserver 2026-04-16 N/A
Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Internet FastStart 1.0, allows local users to gain root privileges.
CVE-1999-1302 1 Sco 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more 2026-04-16 N/A
Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access.
CVE-1999-1303 1 Sco 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more 2026-04-16 N/A
Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users to gain root access.
CVE-2011-1432 1 Sco 1 Scoofficeserver 2025-04-11 N/A
The STARTTLS implementation in SCO SCOoffice Server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.