111.5K CVEs classified as high severity
AIX infod allows local users to gain root access through an X display.
AIX passwd allows local users to gain root access.
AIX bugfiler program allows local users to gain root access.
Some implementations of rlogin allow root access if given a -froot parameter.
Buffer overflow in AIX dtterm program for the CDE.
Buffer overflow in ffbconfig in Solaris 2.5.1.
The printers program in IRIX has a buffer overflow that gives root access to local users.
Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line.
Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.
Remote access in AIX innd 1.5.1, using control messages.
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.
Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
AIX nslookup command allows local users to obtain root access by not dropping privileges correctly.
Various vulnerabilities in the AIX portmir command allows local users to obtain root access.
Buffer overflow in AIX writesrv command allows local users to obtain root access.
Buffer overflow in AIX rcp command allows local users to obtain root access.
Buffer overflow in AIX libDtSvc library can allow local users to gain root access.
IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.
CWD ~root command in ftpd allows root access.
Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "...
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.