Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (129 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0476 1 Sco 1 Openserver 2026-04-16 N/A
A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.
CVE-1999-0033 5 Ibm, Ncr, Sco and 2 more 7 Aix, Mp-ras, Open Desktop and 4 more 2026-04-16 N/A
Command execution in Sun systems via buffer overflow in the at program.
CVE-1999-0023 6 Bsdi, Freebsd, Ibm and 3 more 10 Bsd Os, Freebsd, Aix and 7 more 2026-04-16 N/A
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
CVE-1999-0845 1 Sco 1 Unixware 2026-04-16 N/A
Buffer overflow in SCO su program allows local users to gain root access via a long username.
CVE-1999-0942 1 Sco 1 Unixware 2026-04-16 N/A
UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.
CVE-2002-0716 1 Sco 1 Openserver 2026-04-16 N/A
Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument.
CVE-2003-0872 1 Sco 1 Openserver 2026-04-16 N/A
Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.
CVE-1999-0011 8 Data General, Ibm, Isc and 5 more 11 Dg Ux, Aix, Bind and 8 more 2026-04-16 5.4 Medium
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
CVE-2011-1432 1 Sco 1 Scoofficeserver 2025-04-11 N/A
The STARTTLS implementation in SCO SCOoffice Server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.