Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sco vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-35967
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_sock_setsockopt() is copying data without checking user input length. BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset includ...
NA
CVE-2024-27398
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection is...
7.2
CVSSv2
CVE-2020-35499
A NULL pointer dereference flaw in Linux kernel versions before 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection, when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a spe...
Linux Linux Kernel
4.3
CVSSv2
CVE-2020-25495
A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote malicious users to inject arbitrary web script or HTML tag via the parameter 'section'.
Xinuos Openserver 5.0.7
Xinuos Openserver 6.0
7.5
CVSSv2
CVE-2020-25494
Xinuos (formerly SCO) Openserver v5 and v6 allows malicious users to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook.
Xinuos Openserver 5.0.7
Xinuos Openserver 6.0
4.6
CVSSv2
CVE-2019-18614
On the Cypress CYW20735 evaluation board, any data that exceeds 384 bytes is copied and causes an overflow. This is because the maximum BLOC buffer size for sending and receiving data is set to 384 bytes, but everything else is still configured to the usual size of 1092 (which wa...
Cypress Cyw20735 Firmware -
1 Github repository
7.5
CVSSv2
CVE-2018-14086
An issue exists in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overf...
Mytoken Project Mytoken -
2.1
CVSSv2
CVE-2015-8575
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel prior to 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
Linux Linux Kernel
6.8
CVSSv2
CVE-2011-1432
The STARTTLS implementation in SCO SCOoffice Server does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "...
Sco Scoofficeserver
7.8
CVSSv2
CVE-2009-1552
Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows malicious users to cause a denial of service (system panic) via unspecified vectors.
Sco Unixware 7.1.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »