CdeCVEs & Vulnerabilities
7 CVEs affecting Cde products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
Most Affected Products
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
HP CDE program includes the current directory in root's PATH variable.
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
Unauthorized privileged access or denial of service via dtappgather program in CDE.
Buffer overflow in AIX dtterm program for the CDE.