| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP OpenView allows a local user to execute arbitrary code, possibly via a buffer overflow in a long hostname or object ID. |
| The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files. |
| The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. |
| HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file. |
| Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server. |
| HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). |
| HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). |
| Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users to gain privileges. |
| Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a denial of service via unknown attack vectors. |
| devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory. |
| Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges. |
| Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges. |
| Unknown vulnerability in HP Process Resource Manager (PRM) C.02.01[.01] and earlier, as used by HP-UX Workload Manager (WLM), allows local users to corrupt data files. |
| HP ypbind allows attackers with root privileges to modify NIS data. |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. |
| Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. |
| The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization. |
| Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). |
| Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. |
| HP CDE program includes the current directory in root's PATH variable. |
