Total
478 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1509 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.9 MEDIUM | N/A |
|
/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service.
|
|||||
| CVE-2003-0333 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.
|
|||||
| CVE-2002-2263 | 1 Hp | 2 Hp-ux, Visualize Conference Ftp | 2025-04-03 | 6.6 MEDIUM | N/A |
|
The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files.
|
|||||
| CVE-2001-0266 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.
|
|||||
| CVE-2001-0772 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.
|
|||||
| CVE-1999-1408 | 2 Hp, Ibm | 2 Hp-ux, Aix | 2025-04-03 | 2.1 LOW | N/A |
|
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost.
|
|||||
| CVE-2002-1406 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."
|
|||||
| CVE-1999-1146 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges.
|
|||||
| CVE-2004-1029 | 5 Conectiva, Gentoo, Hp and 2 more | 8 Linux, Linux, Hp-ux and 5 more | 2025-04-03 | 9.3 HIGH | N/A |
|
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
|
|||||
| CVE-1999-0307 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in HP-UX cstm program allows local users to gain root privileges.
|
|||||
| CVE-2003-0840 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.
|
|||||
| CVE-1999-1308 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges.
|
|||||
| CVE-2004-0952 | 1 Hp | 1 Hp-ux | 2025-04-03 | 6.4 MEDIUM | N/A |
|
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption.
|
|||||
| CVE-2001-1264 | 1 Hp | 2 Hp-ux, Vvos | 2025-04-03 | 10.0 HIGH | N/A |
|
Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges.
|
|||||
| CVE-1999-0097 | 3 Hp, Ibm, Sun | 4 Hp-ux, Aix, Solaris and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
|
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
|
|||||
| CVE-1999-0423 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges.
|
|||||
| CVE-2002-1610 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.
|
|||||
| CVE-2001-0248 | 2 Hp, Sgi | 2 Hp-ux, Irix | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
|
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.
|
|||||
| CVE-2002-1608 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
|
|||||
| CVE-1999-0312 | 1 Hp | 1 Hp-ux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
HP ypbind allows attackers with root privileges to modify NIS data.
|
|||||
| CVE-2003-1362 | 1 Hp | 2 Bastille, Hp-ux | 2025-04-03 | 7.8 HIGH | N/A |
|
Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases.
|
|||||
| CVE-1999-0696 | 2 Hp, Sun | 3 Hp-ux, Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
|
|||||
| CVE-2000-0005 | 1 Hp | 3 9000, Aserver, Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
HP-UX aserver program allows local users to gain privileges via a symlink attack.
|
|||||
| CVE-1999-1139 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.
|
|||||
| CVE-2001-0797 | 5 Hp, Ibm, Sco and 2 more | 6 Hp-ux, Aix, Openserver and 3 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
|
|||||
| CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2025-04-03 | 5.0 MEDIUM | 7.5 HIGH |
|
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
|
|||||
| CVE-2002-2363 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.
|
|||||
| CVE-1999-0308 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
HP-UX gwind program allows users to modify arbitrary files.
|
|||||
| CVE-2004-2665 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors.
|
|||||
| CVE-2002-1409 | 1 Hp | 1 Hp-ux | 2025-04-03 | 2.1 LOW | N/A |
|
ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."
|
|||||
| CVE-2002-1668 | 1 Hp | 3 Hp-ux, Hp-ux Series 700, Hp-ux Series 800 | 2025-04-03 | 2.1 LOW | N/A |
|
HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file.
|
|||||
| CVE-1999-1205 | 1 Hp | 1 Hp-ux | 2025-04-03 | 2.1 LOW | N/A |
|
nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information.
|
|||||
| CVE-2003-1087 | 1 Hp | 1 Hp-ux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic.
|
|||||
| CVE-2002-1337 | 7 Gentoo, Hp, Netbsd and 4 more | 9 Linux, Alphaserver Sc, Hp-ux and 6 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
|
|||||
| CVE-2006-2574 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors.
|
|||||
| CVE-2006-3097 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in Support Tools Manager (xstm, cstm, and stm) on HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
|
|||||
| CVE-2001-0311 | 1 Hp | 2 Hp-ux, Omniback Ii | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.
|
|||||
| CVE-2001-0379 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights.
|
|||||
| CVE-2000-0801 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.
|
|||||
| CVE-2006-4795 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors.
|
|||||