Vendor CVEs
Digital Project
All CVEs
51 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-33618 | Hig | 0.49 | 7.5 | 0.00 | Apr 15, 2026 | Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface. | ||
| CVE-1999-0513 | 0.09 | — | 0.70 | Jan 5, 1998 | ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. | |||
| CVE-1999-0128 | 0.09 | — | 0.74 | Dec 18, 1996 | Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. | |||
| CVE-1999-0046 | 0.07 | — | 0.53 | Feb 6, 1997 | Buffer overflow of rlogin program using TERM environmental variable. | |||
| CVE-1999-0170 | 0.04 | — | 0.18 | Jan 1, 1997 | Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list. | |||
| CVE-2002-1129 | 0.03 | — | 0.01 | Oct 4, 2002 | Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument. | |||
| CVE-2001-1092 | 0.03 | — | 0.01 | Sep 10, 2001 | msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file. | |||
| CVE-2001-1093 | 0.03 | — | 0.01 | Sep 10, 2001 | Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument. | |||
| CVE-2001-0369 | 0.03 | — | 0.01 | Jun 27, 2001 | Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name). | |||
| CVE-1999-0691 | 0.03 | — | 0.01 | Sep 13, 1999 | Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | |||
| CVE-1999-1194 | 0.03 | — | 0.01 | May 1, 1991 | chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges. | |||
| CVE-2011-1918 | 0.01 | — | 0.06 | Nov 2, 2011 | Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message… | |||
| CVE-2025-59717 | 0.00 | — | 0.00 | Sep 19, 2025 | In the @digitalocean/do-markdownit package through 1.16.1 (in npm), the callout and fence_environment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string (instead of an array). | |||
| CVE-2023-28175 | 0.00 | — | 0.00 | Jun 15, 2023 | Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request. | |||
| CVE-2022-47610 | 0.00 | — | 0.00 | Mar 29, 2023 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mr Digital Simple Image Popup plugin <= 1.3.6 versions. | |||
| CVE-2022-38469 | 0.00 | — | 0.01 | Jan 17, 2023 | An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords. | |||
| CVE-2022-46331 | 0.00 | — | 0.01 | Jan 17, 2023 | An unauthorized user could possibly delete any file on the system. | |||
| CVE-2022-43494 | 0.00 | — | 0.01 | Jan 17, 2023 | An unauthorized user could be able to read any file on the system, potentially exposing sensitive information. | |||
| CVE-2022-46660 | 0.00 | — | 0.01 | Jan 17, 2023 | An unauthorized user could alter or write files with full control over the path and content of the file. | |||
| CVE-2022-46732 | 0.00 | — | 0.01 | Jan 17, 2023 | Even if the authentication fails for local service authentication, the requested command could still execute regardless of authentication status. | |||
| CVE-2021-20623 | 0.00 | — | 0.03 | Feb 5, 2021 | Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request. | |||
| CVE-2020-6959 | 0.00 | — | 0.02 | Jan 22, 2020 | The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6… | |||
| CVE-2019-5996 | 0.00 | — | 0.02 | Sep 12, 2019 | SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |||
| CVE-2019-11031 | 0.00 | — | 0.02 | Aug 22, 2019 | Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the auto-update feature of IDVRUpdateService2 in DVRServer.exe. An attacker can upload files with a Setup-Files action, and then execute these files with SYSTEM privileges. | |||
| CVE-2019-11030 | 0.00 | — | 0.02 | Aug 22, 2019 | Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Mirasys.Common.Utils.Security.DataCrypt method in Common.dll in AuditTrailService in SMServer.exe. This method triggers insecure deserialization within the .NET garbage collector, in which a gadget (contained in a… | |||
| CVE-2019-11029 | 0.00 | — | 0.02 | Aug 22, 2019 | Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download() method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous… | |||
| CVE-2002-1128 | 0.00 | — | 0.00 | Oct 4, 2002 | Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long MH environment variable. | |||
| CVE-2002-1127 | 0.00 | — | 0.00 | Oct 4, 2002 | Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long source (-s) command line parameter. | |||
| CVE-2001-0134 | 0.00 | — | 0.04 | Mar 12, 2001 | Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name. | |||
| CVE-2000-0314 | 0.00 | — | 0.02 | Mar 12, 2001 | traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||
| CVE-2000-0315 | 0.00 | — | 0.02 | Mar 12, 2001 | traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. | |||
| CVE-2000-0845 | 0.00 | — | 0.01 | Nov 14, 2000 | kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet. | |||
| CVE-1999-0687 | 0.00 | — | 0.02 | Sep 13, 1999 | The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. | |||
| CVE-1999-0713 | 0.00 | — | 0.00 | Jun 11, 1999 | The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges. | |||
| CVE-1999-0406 | 0.00 | — | 0.00 | Feb 19, 1999 | Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege. | |||
| CVE-1999-0714 | 0.00 | — | 0.00 | Feb 15, 1999 | Vulnerability in Compaq Tru64 UNIX edauth command. | |||
| CVE-1999-0358 | 0.00 | — | 0.00 | Feb 1, 1999 | Digital Unix 4.0 has a buffer overflow in the inc program of the mh package. | |||
| CVE-1999-1458 | 0.00 | — | 0.01 | Jan 25, 1999 | Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument. | |||
| CVE-1999-1558 | 0.00 | — | 0.01 | Jul 16, 1998 | Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled. | |||
| CVE-1999-0303 | 0.00 | — | 0.00 | May 21, 1998 | Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. | |||
| CVE-1999-1044 | 0.00 | — | 0.00 | May 7, 1998 | Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges. | |||
| CVE-1999-1210 | 0.00 | — | 0.00 | Nov 12, 1997 | xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access. | |||
| CVE-1999-1225 | 0.00 | — | 0.02 | Aug 24, 1997 | rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. | |||
| CVE-1999-1221 | 0.00 | — | 0.01 | Nov 17, 1996 | dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file. | |||
| CVE-1999-0131 | 0.00 | — | 0.01 | Sep 11, 1996 | Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | |||
| CVE-1999-0138 | 0.00 | — | 0.01 | Jun 26, 1996 | The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. | |||
| CVE-1999-1103 | 0.00 | — | 0.00 | Apr 3, 1996 | dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter. | |||
| CVE-1999-0073 | 0.00 | — | 0.03 | Oct 13, 1995 | Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access. | |||
| CVE-1999-1032 | 0.00 | — | 0.02 | Dec 31, 1991 | Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges. | |||
| CVE-1999-1415 | 0.00 | — | 0.00 | Aug 23, 1991 | Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges. |
- risk 0.49cvss 7.5epss 0.00
Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface.
- CVE-1999-0513Jan 5, 1998risk 0.09cvss —epss 0.70
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
- CVE-1999-0128Dec 18, 1996risk 0.09cvss —epss 0.74
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
- CVE-1999-0046Feb 6, 1997risk 0.07cvss —epss 0.53
Buffer overflow of rlogin program using TERM environmental variable.
- CVE-1999-0170Jan 1, 1997risk 0.04cvss —epss 0.18
Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list.
- CVE-2002-1129Oct 4, 2002risk 0.03cvss —epss 0.01
Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument.
- CVE-2001-1092Sep 10, 2001risk 0.03cvss —epss 0.01
msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file.
- CVE-2001-1093Sep 10, 2001risk 0.03cvss —epss 0.01
Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument.
- CVE-2001-0369Jun 27, 2001risk 0.03cvss —epss 0.01
Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name).
- CVE-1999-0691Sep 13, 1999risk 0.03cvss —epss 0.01
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
- CVE-1999-1194May 1, 1991risk 0.03cvss —epss 0.01
chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges.
- CVE-2011-1918Nov 2, 2011risk 0.01cvss —epss 0.06
Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message…
- CVE-2025-59717Sep 19, 2025risk 0.00cvss —epss 0.00
In the @digitalocean/do-markdownit package through 1.16.1 (in npm), the callout and fence_environment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string (instead of an array).
- CVE-2023-28175Jun 15, 2023risk 0.00cvss —epss 0.00
Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request.
- CVE-2022-47610Mar 29, 2023risk 0.00cvss —epss 0.00
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mr Digital Simple Image Popup plugin <= 1.3.6 versions.
- CVE-2022-38469Jan 17, 2023risk 0.00cvss —epss 0.01
An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords.
- CVE-2022-46331Jan 17, 2023risk 0.00cvss —epss 0.01
An unauthorized user could possibly delete any file on the system.
- CVE-2022-43494Jan 17, 2023risk 0.00cvss —epss 0.01
An unauthorized user could be able to read any file on the system, potentially exposing sensitive information.
- CVE-2022-46660Jan 17, 2023risk 0.00cvss —epss 0.01
An unauthorized user could alter or write files with full control over the path and content of the file.
- CVE-2022-46732Jan 17, 2023risk 0.00cvss —epss 0.01
Even if the authentication fails for local service authentication, the requested command could still execute regardless of authentication status.
- CVE-2021-20623Feb 5, 2021risk 0.00cvss —epss 0.03
Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request.
- CVE-2020-6959Jan 22, 2020risk 0.00cvss —epss 0.02
The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6…
- CVE-2019-5996Sep 12, 2019risk 0.00cvss —epss 0.02
SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
- CVE-2019-11031Aug 22, 2019risk 0.00cvss —epss 0.02
Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the auto-update feature of IDVRUpdateService2 in DVRServer.exe. An attacker can upload files with a Setup-Files action, and then execute these files with SYSTEM privileges.
- CVE-2019-11030Aug 22, 2019risk 0.00cvss —epss 0.02
Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Mirasys.Common.Utils.Security.DataCrypt method in Common.dll in AuditTrailService in SMServer.exe. This method triggers insecure deserialization within the .NET garbage collector, in which a gadget (contained in a…
- CVE-2019-11029Aug 22, 2019risk 0.00cvss —epss 0.02
Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download() method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous…
- CVE-2002-1128Oct 4, 2002risk 0.00cvss —epss 0.00
Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long MH environment variable.
- CVE-2002-1127Oct 4, 2002risk 0.00cvss —epss 0.00
Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long source (-s) command line parameter.
- CVE-2001-0134Mar 12, 2001risk 0.00cvss —epss 0.04
Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name.
- CVE-2000-0314Mar 12, 2001risk 0.00cvss —epss 0.02
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
- CVE-2000-0315Mar 12, 2001risk 0.00cvss —epss 0.02
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
- CVE-2000-0845Nov 14, 2000risk 0.00cvss —epss 0.01
kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet.
- CVE-1999-0687Sep 13, 1999risk 0.00cvss —epss 0.02
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
- CVE-1999-0713Jun 11, 1999risk 0.00cvss —epss 0.00
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
- CVE-1999-0406Feb 19, 1999risk 0.00cvss —epss 0.00
Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege.
- CVE-1999-0714Feb 15, 1999risk 0.00cvss —epss 0.00
Vulnerability in Compaq Tru64 UNIX edauth command.
- CVE-1999-0358Feb 1, 1999risk 0.00cvss —epss 0.00
Digital Unix 4.0 has a buffer overflow in the inc program of the mh package.
- CVE-1999-1458Jan 25, 1999risk 0.00cvss —epss 0.01
Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument.
- CVE-1999-1558Jul 16, 1998risk 0.00cvss —epss 0.01
Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled.
- CVE-1999-0303May 21, 1998risk 0.00cvss —epss 0.00
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
- CVE-1999-1044May 7, 1998risk 0.00cvss —epss 0.00
Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges.
- CVE-1999-1210Nov 12, 1997risk 0.00cvss —epss 0.00
xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.
- CVE-1999-1225Aug 24, 1997risk 0.00cvss —epss 0.02
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.
- CVE-1999-1221Nov 17, 1996risk 0.00cvss —epss 0.01
dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file.
- CVE-1999-0131Sep 11, 1996risk 0.00cvss —epss 0.01
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
- CVE-1999-0138Jun 26, 1996risk 0.00cvss —epss 0.01
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
- CVE-1999-1103Apr 3, 1996risk 0.00cvss —epss 0.00
dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter.
- CVE-1999-0073Oct 13, 1995risk 0.00cvss —epss 0.03
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.
- CVE-1999-1032Dec 31, 1991risk 0.00cvss —epss 0.02
Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges.
- CVE-1999-1415Aug 23, 1991risk 0.00cvss —epss 0.00
Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges.
Page 1 of 2