Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
caldera vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0369
The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote malicious users to cause a denial of service.
Caldera Openlinux 2.3
NA
CVE-2000-0192
The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote malicious users to determine what packages are installed on the system.
Caldera Openlinux 2.3
1 EDB exploit
NA
CVE-2001-1153
lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument.
Caldera Openunix 8.0
NA
CVE-2001-1164
Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to (1) uucp, (2) uux, (3) bnuconvert, (4) uucico, (5) uuxcmd, or (6) uuxqt.
Caldera Unixware 7.0
8.8
CVSSv3
CVE-2021-42560
An issue exists in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG" parameters when generating a PDF document. These SVG documents are parsed in an unsafe manner and can be leveraged for XXE attacks (e.g., File Exfiltration, Server Side Request Forgery, O...
Mitre Caldera 2.9.0
NA
CVE-1999-1570
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.
Caldera Openserver 5.0.5
NA
CVE-2001-1576
Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.
Caldera Unixware 7
4.8
CVSSv3
CVE-2021-24896
The Caldera Forms WordPress plugin prior to 1.9.5 does not sanitise and escape the Form Name before outputting it in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Calderaforms Caldera Forms
6.1
CVSSv3
CVE-2022-0879
The Caldera Forms WordPress plugin prior to 1.9.7 does not validate and escape the cf-api parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting
Calderaforms Caldera Forms
NA
CVE-2002-0105
CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable.
Caldera Unixware 7.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »