Vendor CVEs
Sgi
All CVEs
263 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-0639 | 0.03 | — | 0.06 | Aug 6, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors… | |||
| CVE-2004-0424 | 0.03 | — | 0.01 | Jul 7, 2004 | Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | |||
| CVE-2002-0875 | 0.03 | — | 0.01 | Sep 5, 2002 | Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group. | |||
| CVE-2001-0823 | 0.03 | — | 0.01 | Dec 6, 2001 | The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR). | |||
| CVE-2000-1193 | 0.03 | — | 0.03 | Aug 31, 2001 | Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port. | |||
| CVE-2001-0485 | 0.03 | — | 0.01 | Jun 27, 2001 | Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option. | |||
| CVE-2000-0797 | 0.03 | — | 0.01 | Oct 20, 2000 | Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option. | |||
| CVE-2000-0796 | 0.03 | — | 0.01 | Oct 20, 2000 | Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option. | |||
| CVE-2000-0798 | 0.03 | — | 0.03 | Oct 20, 2000 | The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files. | |||
| CVE-2000-0794 | 0.03 | — | 0.01 | Oct 20, 2000 | Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview. | |||
| CVE-2000-0795 | 0.03 | — | 0.01 | Oct 20, 2000 | Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option. | |||
| CVE-2000-0799 | 0.03 | — | 0.01 | Oct 20, 2000 | inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file. | |||
| CVE-2000-0545 | 0.03 | — | 0.01 | Aug 8, 2000 | Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter. | |||
| CVE-2000-0013 | 0.03 | — | 0.01 | Dec 31, 1999 | IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program. | |||
| CVE-1999-0948 | 0.03 | — | 0.01 | Nov 2, 1999 | Buffer overflow in uum program for Canna input system allows local users to gain root privileges. | |||
| CVE-1999-0949 | 0.03 | — | 0.01 | Nov 2, 1999 | Buffer overflow in canuum program for Canna input system allows local users to gain root privileges. | |||
| CVE-1999-1485 | 0.03 | — | 0.04 | May 31, 1999 | nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system. | |||
| CVE-1999-0765 | 0.03 | — | 0.05 | May 19, 1999 | SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor. | |||
| CVE-1999-0215 | 0.03 | — | 0.06 | Oct 26, 1998 | Routed allows attackers to append data to files. | |||
| CVE-1999-1409 | 0.03 | — | 0.01 | Jul 3, 1998 | The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail. | |||
| CVE-1999-0314 | 0.03 | — | 0.01 | Jul 1, 1998 | ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames. | |||
| CVE-1999-0126 | 0.03 | — | 0.01 | May 3, 1998 | SGI IRIX buffer overflow in xterm and Xaw allows root access. | |||
| CVE-1999-0108 | 0.03 | — | 0.01 | May 1, 1998 | The printers program in IRIX has a buffer overflow that gives root access to local users. | |||
| CVE-1999-1114 | 0.03 | — | 0.01 | Apr 8, 1998 | Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges. | |||
| CVE-1999-0270 | 0.03 | — | 0.32 | Apr 3, 1998 | Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files. | |||
| CVE-1999-0960 | 0.03 | — | 0.01 | Mar 20, 1998 | IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option. | |||
| CVE-1999-0125 | 0.03 | — | 0.01 | Jan 25, 1998 | Buffer overflow in SGI IRIX mailx program. | |||
| CVE-1999-0328 | 0.03 | — | 0.01 | Nov 1, 1997 | SGI permissions program allows local users to gain root privileges. | |||
| CVE-1999-1399 | 0.03 | — | 0.01 | Aug 20, 1997 | spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed. | |||
| CVE-1999-0030 | 0.03 | — | 0.01 | Jul 16, 1997 | root privileges via buffer overflow in xlock command on SGI IRIX systems. | |||
| CVE-1999-0026 | 0.03 | — | 0.01 | Jul 16, 1997 | root privileges via buffer overflow in pset command on SGI IRIX systems. | |||
| CVE-1999-0027 | 0.03 | — | 0.01 | Jul 16, 1997 | root privileges via buffer overflow in eject command on SGI IRIX systems. | |||
| CVE-1999-0034 | 0.03 | — | 0.01 | May 29, 1997 | Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. | |||
| CVE-1999-1286 | 0.03 | — | 0.01 | May 9, 1997 | addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file. | |||
| CVE-1999-1410 | 0.03 | — | 0.01 | May 9, 1997 | addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file. | |||
| CVE-1999-1398 | 0.03 | — | 0.01 | May 7, 1997 | Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack. | |||
| CVE-1999-1461 | 0.03 | — | 0.01 | May 7, 1997 | inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program. | |||
| CVE-1999-0040 | 0.03 | — | 0.01 | May 1, 1997 | Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. | |||
| CVE-1999-0149 | 0.03 | — | 0.03 | Apr 19, 1997 | The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. | |||
| CVE-1999-0959 | 0.03 | — | 0.01 | Feb 1, 1997 | IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. | |||
| CVE-1999-0051 | 0.03 | — | 0.01 | Jan 6, 1997 | Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. | |||
| CVE-1999-1120 | 0.03 | — | 0.01 | Jan 4, 1997 | netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges. | |||
| CVE-1999-0044 | 0.03 | — | 0.01 | Dec 3, 1996 | fsdump command in IRIX allows local users to obtain root access by modifying sensitive files. | |||
| CVE-1999-1384 | 0.03 | — | 0.02 | Oct 30, 1996 | Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program. | |||
| CVE-1999-0032 | 0.03 | — | 0.01 | Oct 25, 1996 | Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. | |||
| CVE-1999-1243 | 0.03 | — | 0.01 | Mar 3, 1995 | SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges. | |||
| CVE-1999-1022 | 0.03 | — | 0.01 | Oct 2, 1994 | serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program. | |||
| CVE-1999-1219 | 0.03 | — | 0.01 | Aug 11, 1994 | Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command. | |||
| CVE-1999-1494 | 0.03 | — | 0.01 | Aug 9, 1994 | colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument. | |||
| CVE-2005-0469 | 0.01 | — | 0.09 | May 2, 2005 | Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. |
- CVE-2004-0639Aug 6, 2004risk 0.03cvss —epss 0.06
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors…
- CVE-2004-0424Jul 7, 2004risk 0.03cvss —epss 0.01
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
- CVE-2002-0875Sep 5, 2002risk 0.03cvss —epss 0.01
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
- CVE-2001-0823Dec 6, 2001risk 0.03cvss —epss 0.01
The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR).
- CVE-2000-1193Aug 31, 2001risk 0.03cvss —epss 0.03
Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.
- CVE-2001-0485Jun 27, 2001risk 0.03cvss —epss 0.01
Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option.
- CVE-2000-0797Oct 20, 2000risk 0.03cvss —epss 0.01
Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option.
- CVE-2000-0796Oct 20, 2000risk 0.03cvss —epss 0.01
Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option.
- CVE-2000-0798Oct 20, 2000risk 0.03cvss —epss 0.03
The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files.
- CVE-2000-0794Oct 20, 2000risk 0.03cvss —epss 0.01
Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview.
- CVE-2000-0795Oct 20, 2000risk 0.03cvss —epss 0.01
Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option.
- CVE-2000-0799Oct 20, 2000risk 0.03cvss —epss 0.01
inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.
- CVE-2000-0545Aug 8, 2000risk 0.03cvss —epss 0.01
Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter.
- CVE-2000-0013Dec 31, 1999risk 0.03cvss —epss 0.01
IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.
- CVE-1999-0948Nov 2, 1999risk 0.03cvss —epss 0.01
Buffer overflow in uum program for Canna input system allows local users to gain root privileges.
- CVE-1999-0949Nov 2, 1999risk 0.03cvss —epss 0.01
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
- CVE-1999-1485May 31, 1999risk 0.03cvss —epss 0.04
nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system.
- CVE-1999-0765May 19, 1999risk 0.03cvss —epss 0.05
SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor.
- CVE-1999-0215Oct 26, 1998risk 0.03cvss —epss 0.06
Routed allows attackers to append data to files.
- CVE-1999-1409Jul 3, 1998risk 0.03cvss —epss 0.01
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
- CVE-1999-0314Jul 1, 1998risk 0.03cvss —epss 0.01
ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.
- CVE-1999-0126May 3, 1998risk 0.03cvss —epss 0.01
SGI IRIX buffer overflow in xterm and Xaw allows root access.
- CVE-1999-0108May 1, 1998risk 0.03cvss —epss 0.01
The printers program in IRIX has a buffer overflow that gives root access to local users.
- CVE-1999-1114Apr 8, 1998risk 0.03cvss —epss 0.01
Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges.
- CVE-1999-0270Apr 3, 1998risk 0.03cvss —epss 0.32
Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files.
- CVE-1999-0960Mar 20, 1998risk 0.03cvss —epss 0.01
IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option.
- CVE-1999-0125Jan 25, 1998risk 0.03cvss —epss 0.01
Buffer overflow in SGI IRIX mailx program.
- CVE-1999-0328Nov 1, 1997risk 0.03cvss —epss 0.01
SGI permissions program allows local users to gain root privileges.
- CVE-1999-1399Aug 20, 1997risk 0.03cvss —epss 0.01
spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.
- CVE-1999-0030Jul 16, 1997risk 0.03cvss —epss 0.01
root privileges via buffer overflow in xlock command on SGI IRIX systems.
- CVE-1999-0026Jul 16, 1997risk 0.03cvss —epss 0.01
root privileges via buffer overflow in pset command on SGI IRIX systems.
- CVE-1999-0027Jul 16, 1997risk 0.03cvss —epss 0.01
root privileges via buffer overflow in eject command on SGI IRIX systems.
- CVE-1999-0034May 29, 1997risk 0.03cvss —epss 0.01
Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.
- CVE-1999-1286May 9, 1997risk 0.03cvss —epss 0.01
addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file.
- CVE-1999-1410May 9, 1997risk 0.03cvss —epss 0.01
addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file.
- CVE-1999-1398May 7, 1997risk 0.03cvss —epss 0.01
Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.
- CVE-1999-1461May 7, 1997risk 0.03cvss —epss 0.01
inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.
- CVE-1999-0040May 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
- CVE-1999-0149Apr 19, 1997risk 0.03cvss —epss 0.03
The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack.
- CVE-1999-0959Feb 1, 1997risk 0.03cvss —epss 0.01
IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.
- CVE-1999-0051Jan 6, 1997risk 0.03cvss —epss 0.01
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
- CVE-1999-1120Jan 4, 1997risk 0.03cvss —epss 0.01
netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges.
- CVE-1999-0044Dec 3, 1996risk 0.03cvss —epss 0.01
fsdump command in IRIX allows local users to obtain root access by modifying sensitive files.
- CVE-1999-1384Oct 30, 1996risk 0.03cvss —epss 0.02
Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.
- CVE-1999-0032Oct 25, 1996risk 0.03cvss —epss 0.01
Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.
- CVE-1999-1243Mar 3, 1995risk 0.03cvss —epss 0.01
SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.
- CVE-1999-1022Oct 2, 1994risk 0.03cvss —epss 0.01
serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.
- CVE-1999-1219Aug 11, 1994risk 0.03cvss —epss 0.01
Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command.
- CVE-1999-1494Aug 9, 1994risk 0.03cvss —epss 0.01
colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.
- CVE-2005-0469May 2, 2005risk 0.01cvss —epss 0.09
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
Page 2 of 6