VYPR

Next

by Next

Source repositories

CVEs (6)

  • CVE-2024-7561HigAug 8, 2024
    risk 0.57cvss 8.8epss 0.01

    The The Next theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the wpeden_post_meta post meta value. This makes it possible for authenticated attackers, with Contributor-level access…

  • CVE-1999-1468Oct 22, 1991
    risk 0.00cvss epss 0.00

    rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.

  • CVE-1999-1193May 14, 1991
    risk 0.00cvss epss 0.02

    The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root.

  • CVE-1999-1392Oct 3, 1990
    risk 0.00cvss epss 0.00

    Vulnerability in restore0.9 installation script in NeXT 1.0a and 1.0 allows local users to gain root privileges.

  • CVE-1999-1198Oct 3, 1990
    risk 0.00cvss epss 0.00

    BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges.

  • CVE-1999-1391Oct 3, 1990
    risk 0.00cvss epss 0.00

    Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions.