Filtered by vendor Hp
Subscribe
Total
2513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1618 | 1 Hp | 2 Hp-ux, Jfs | 2025-04-03 | 7.2 HIGH | N/A |
|
JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.
|
|||||
| CVE-2002-1794 | 1 Hp | 2 Hp-ux, Ldap-ux Integration | 2025-04-03 | 10.0 HIGH | N/A |
|
Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users.
|
|||||
| CVE-2003-1097 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option.
|
|||||
| CVE-1999-0435 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM.
|
|||||
| CVE-2000-1065 | 1 Hp | 1 Jetdirect | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Vulnerability in IP implementation of HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service (printer crash) via a malformed packet.
|
|||||
| CVE-2001-1244 | 7 Freebsd, Hp, Linux and 4 more | 9 Freebsd, Hp-ux, Vvos and 6 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
|
|||||
| CVE-2006-1248 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended.
|
|||||
| CVE-2002-0991 | 1 Hp | 1 Cifs-9000 Server | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.
|
|||||
| CVE-1999-1136 | 1 Hp | 2 Hp-ux, Mpe Ix | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.
|
|||||
| CVE-2004-0525 | 1 Hp | 1 Integrated Lights-out Firmware | 2025-04-03 | 5.0 MEDIUM | N/A |
|
HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero.
|
|||||
| CVE-2006-1509 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.9 MEDIUM | N/A |
|
/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service.
|
|||||
| CVE-2003-0333 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.
|
|||||
| CVE-2002-2263 | 1 Hp | 2 Hp-ux, Visualize Conference Ftp | 2025-04-03 | 6.6 MEDIUM | N/A |
|
The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files.
|
|||||
| CVE-2002-1475 | 1 Hp | 1 Tru64 | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to "take over packets destined for another host" and cause a denial of service.
|
|||||
| CVE-2001-0266 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.
|
|||||
| CVE-2001-0772 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.
|
|||||
| CVE-1999-1408 | 2 Hp, Ibm | 2 Hp-ux, Aix | 2025-04-03 | 2.1 LOW | N/A |
|
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost.
|
|||||
| CVE-2002-1616 | 1 Hp | 1 Tru64 | 2025-04-03 | 7.2 HIGH | N/A |
|
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.
|
|||||
| CVE-2002-1406 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."
|
|||||
| CVE-1999-1146 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges.
|
|||||
| CVE-2004-1029 | 5 Conectiva, Gentoo, Hp and 2 more | 8 Linux, Linux, Hp-ux and 5 more | 2025-04-03 | 9.3 HIGH | N/A |
|
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
|
|||||
| CVE-1999-0307 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in HP-UX cstm program allows local users to gain root privileges.
|
|||||
| CVE-2003-0458 | 1 Hp | 1 Nonstop Seeview Server Gateway | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges.
|
|||||
| CVE-2003-0840 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.
|
|||||
| CVE-1999-1308 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges.
|
|||||
| CVE-2005-0719 | 1 Hp | 1 Tru64 | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd.
|
|||||
| CVE-2004-0952 | 1 Hp | 1 Hp-ux | 2025-04-03 | 6.4 MEDIUM | N/A |
|
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption.
|
|||||
| CVE-2001-1264 | 1 Hp | 2 Hp-ux, Vvos | 2025-04-03 | 10.0 HIGH | N/A |
|
Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges.
|
|||||
| CVE-1999-0097 | 3 Hp, Ibm, Sun | 4 Hp-ux, Aix, Solaris and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
|
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
|
|||||
| CVE-2002-1856 | 1 Hp | 1 Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
|
|||||
| CVE-1999-0423 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges.
|
|||||
| CVE-2002-1318 | 3 Hp, Samba, Sgi | 3 Cifs-9000 Server, Samba, Irix | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
|
|||||
| CVE-2002-1610 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.
|
|||||
| CVE-2002-0993 | 1 Hp | 1 Instant Support | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files.
|
|||||
| CVE-2001-0248 | 2 Hp, Sgi | 2 Hp-ux, Irix | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
|
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.
|
|||||
| CVE-2002-1608 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
|
|||||
| CVE-1999-0312 | 1 Hp | 1 Hp-ux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
HP ypbind allows attackers with root privileges to modify NIS data.
|
|||||
| CVE-2003-1362 | 1 Hp | 2 Bastille, Hp-ux | 2025-04-03 | 7.8 HIGH | N/A |
|
Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases.
|
|||||
| CVE-1999-0696 | 2 Hp, Sun | 3 Hp-ux, Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
|
|||||
| CVE-2001-0629 | 1 Hp | 1 Openview Network Node Manager | 2025-04-03 | 10.0 HIGH | N/A |
|
HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter.
|
|||||