CVSS: 7.9EPSS: 88%CPEs: 20EXPL: 4CVE-2012-0217 – FreeBSD - Intel SYSRET Privilege Escalation
https://notcve.org/view.php?id=CVE-2012-0217
12 Jun 2012 — The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a c... • https://packetstorm.news/files/id/152001 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 55%CPEs: 1EXPL: 5CVE-2001-1583 – Solaris 10 LPD - Arbitrary File Delete
https://notcve.org/view.php?id=CVE-2001-1583
31 Dec 2001 — lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. • https://www.exploit-db.com/exploits/1167 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2001-0652 – Solaris 2.6/7/8 (SPARC) - xlock Heap Overflow
https://notcve.org/view.php?id=CVE-2001-0652
30 Oct 2001 — Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. • https://www.exploit-db.com/exploits/21058 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 3CVE-2001-0565 – Solaris 2.5/2.6/7.0/8 - 'mailx -F' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0565
14 Aug 2001 — Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option. • https://www.exploit-db.com/exploits/20772 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2001-0401 – Solaris 2.5/2.6/7.0/8 tip - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0401
24 May 2001 — Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable. • https://www.exploit-db.com/exploits/20684 •
CVSS: 6.4EPSS: 2%CPEs: 2EXPL: 2CVE-2001-0421 – Solaris 2.6 - FTP Core Dump Shadow Password Recovery
https://notcve.org/view.php?id=CVE-2001-0421
24 May 2001 — FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition. • https://www.exploit-db.com/exploits/20764 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2001-0190
https://notcve.org/view.php?id=CVE-2001-0190
26 Mar 2001 — Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). • http://marc.info/?l=bugtraq&m=97983943716311&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-1999-1102
https://notcve.org/view.php?id=CVE-1999-1102
31 Dec 1999 — lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. • http://ciac.llnl.gov/ciac/bulletins/e-25.shtml •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-1999-1192
https://notcve.org/view.php?id=CVE-1999-1192
24 Jun 1997 — Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/143 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 3CVE-1999-1191 – Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer
https://notcve.org/view.php?id=CVE-1999-1191
19 May 1997 — Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. • https://www.exploit-db.com/exploits/332 •