Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sco vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-25494
Xinuos (formerly SCO) Openserver v5 and v6 allows malicious users to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook.
Xinuos Openserver 5.0.7
Xinuos Openserver 6.0
9.8
CVSSv3
CVE-2018-14086
An issue exists in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overf...
Mytoken Project Mytoken -
9.8
CVSSv3
CVE-2003-0791
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and previous versions allows malicious users to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
Mozilla Mozilla
Sco Openserver 5.0.7
7.8
CVSSv3
CVE-2019-18614
On the Cypress CYW20735 evaluation board, any data that exceeds 384 bytes is copied and causes an overflow. This is because the maximum BLOC buffer size for sending and receiving data is set to 384 bytes, but everything else is still configured to the usual size of 1092 (which wa...
Cypress Cyw20735 Firmware -
1 Github repository
7.5
CVSSv3
CVE-2004-0079
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote malicious users to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Cisco Firewall Services Module
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1.2
Hp Aaa Server
Cisco Firewall Services Module 1.1 \\(3.005\\)
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 \\(0.208\\)
Avaya Sg203 4.4
Hp Hp-ux 11.11
Redhat Enterprise Linux Desktop 3.0
Hp Hp-ux 11.23
Cisco Ciscoworks Common Management Foundation 2.1
Freebsd Freebsd 5.1
Avaya Sg208 4.4
Redhat Enterprise Linux 3.0
Avaya Sg200 4.4
Avaya Sg5 4.4
Redhat Linux 7.2
Cisco Ciscoworks Common Services 2.2
Openbsd Openbsd 3.3
6.7
CVSSv3
CVE-2020-35499
A NULL pointer dereference flaw in Linux kernel versions before 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a spe...
Linux Linux Kernel
6.1
CVSSv3
CVE-2020-25495
A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote malicious users to inject arbitrary web script or HTML tag via the parameter 'section'.
Xinuos Openserver 5.0.7
Xinuos Openserver 6.0
5.6
CVSSv3
CVE-2005-0109
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as ...
Freebsd Freebsd 1.1.5.1
Freebsd Freebsd 2.0
Freebsd Freebsd 2.0.5
Freebsd Freebsd 3.0
Freebsd Freebsd 3.1
Freebsd Freebsd 3.2
Freebsd Freebsd 3.3
Freebsd Freebsd 4.1.1
Freebsd Freebsd 4.10
Freebsd Freebsd 4.4
Freebsd Freebsd 4.5
Freebsd Freebsd 4.7
Freebsd Freebsd 4.8
Freebsd Freebsd 5.1
Freebsd Freebsd 5.2
Freebsd Freebsd 5.2.1
Freebsd Freebsd 5.3
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux 4.0
Ubuntu Ubuntu Linux 4.1
Ubuntu Ubuntu Linux 5.04
Freebsd Freebsd 2.1.5
4
CVSSv3
CVE-2015-8575
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel prior to 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
Linux Linux Kernel
NA
CVE-2011-1432
The STARTTLS implementation in SCO SCOoffice Server does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "...
Sco Scoofficeserver
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »