Search
Total
428 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-0371 | 6 Apple, Hp, Ibm and 3 more | 7 Mac Os X, Hp-ux, Aix and 4 more | 2017-02-15 | 1.9 LOW | 4.7 MEDIUM |
| The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled. | |||||
| CVE-2016-8963 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2017-02-13 | 2.1 LOW | 5.5 MEDIUM |
| IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user. | |||||
| CVE-2016-8961 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2017-02-13 | 5.8 MEDIUM | 6.1 MEDIUM |
| IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. | |||||
| CVE-2016-8981 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2017-02-13 | 2.1 LOW | 5.5 MEDIUM |
| IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system. | |||||
| CVE-2016-8966 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2017-02-13 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. | |||||
| CVE-2016-8980 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2017-02-13 | 7.5 HIGH | 8.1 HIGH |
| IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. | |||||
| CVE-2016-8977 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2017-02-13 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system. | |||||
| CVE-2016-8967 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2017-02-09 | 2.1 LOW | 5.5 MEDIUM |
| IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user. | |||||
| CVE-2015-2126 | 1 Hp | 1 Hp-ux | 2016-12-28 | 7.2 HIGH | N/A |
| Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions. | |||||
| CVE-2016-2016 | 1 Hp | 4 Base-vxfs-50, Base-vxfs-501, Base-vxfs-51 and 1 more | 2016-12-01 | 2.1 LOW | 5.5 MEDIUM |
| Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and default:user: entries, which allows local users to bypass intended access restrictions by leveraging the configuration of a parent directory. | |||||
| CVE-2005-1771 | 1 Hp | 1 Hp-ux | 2016-10-18 | 7.5 HIGH | N/A |
| Unknown vulnerability in HP-UX trusted systems B.11.00 through B.11.23 allows remote attackers to gain unauthorized access, possibly involving remshd and/or telnet -t. | |||||
| CVE-2003-0840 | 1 Hp | 1 Hp-ux | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable. | |||||
| CVE-1999-1408 | 2 Hp, Ibm | 2 Hp-ux, Aix | 2016-10-18 | 2.1 LOW | N/A |
| Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost. | |||||
| CVE-1999-1161 | 1 Hp | 1 Hp-ux | 2016-10-18 | 7.2 HIGH | N/A |
| Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump. | |||||
| CVE-1999-1139 | 1 Hp | 1 Hp-ux | 2016-10-18 | 7.2 HIGH | N/A |
| Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. | |||||
| CVE-1999-1160 | 1 Hp | 1 Hp-ux | 2016-10-18 | 10.0 HIGH | N/A |
| Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges. | |||||
| CVE-1999-0961 | 1 Hp | 1 Hp-ux | 2016-10-18 | 6.2 MEDIUM | N/A |
| HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation. | |||||
| CVE-1999-0353 | 1 Hp | 1 Hp-ux | 2013-09-03 | 9.3 HIGH | N/A |
| rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory. | |||||
| CVE-1999-0309 | 1 Hp | 1 Hp-ux | 2013-07-21 | 7.2 HIGH | N/A |
| HP-UX vgdisplay program gives root access to local users. | |||||
| CVE-2012-2291 | 3 Apple, Emc, Hp | 4 Mac Os X, Avamar, Avamar Plugin and 1 more | 2013-01-22 | 7.2 HIGH | N/A |
| EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack. | |||||
| CVE-2011-4160 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Operations Agent, Performance Agent and 3 more | 2012-02-17 | 3.2 LOW | N/A |
| Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors. | |||||
| CVE-2011-3337 | 4 Eeye, Hp, Sgi and 1 more | 5 Digital Security Audits, Retina Network Security Scanner, Hp-ux and 2 more | 2012-01-04 | 6.9 MEDIUM | N/A |
| eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/. | |||||
| CVE-2011-0891 | 1 Hp | 1 Hp-ux | 2011-04-21 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2008-4418 | 1 Hp | 1 Hp-ux | 2011-03-08 | 7.8 HIGH | N/A |
| Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2007-3794 | 6 Hitachi, Hp, Ibm and 3 more | 16 Cosminexus Application Server, Cosminexus Client, Cosminexus Developer and 13 more | 2011-03-08 | 10.0 HIGH | N/A |
| Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application. | |||||
| CVE-1999-1311 | 1 Hp | 1 Hp-ux | 2011-03-08 | 4.6 MEDIUM | N/A |
| Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows local users to bypass authentication and gain privileges. | |||||
| CVE-1999-1308 | 1 Hp | 1 Hp-ux | 2011-03-08 | 4.6 MEDIUM | N/A |
| Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges. | |||||
| CVE-2010-1556 | 3 Hp, Linux, Microsoft | 4 Hp-ux, Systems Insight Manager, Linux and 1 more | 2010-05-20 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 Update 1, and 6.0 allows remote attackers to obtain sensitive information and modify data via unknown vectors. | |||||
| CVE-2004-0716 | 1 Hp | 1 Hp-ux | 2008-10-24 | 10.0 HIGH | N/A |
| Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data. | |||||
| CVE-2000-0468 | 1 Hp | 1 Hp-ux | 2008-09-10 | 4.6 MEDIUM | N/A |
| man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. | |||||
| CVE-2000-0414 | 1 Hp | 2 Hp-ux, Vvos | 2008-09-10 | 4.6 MEDIUM | N/A |
| Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables. | |||||
| CVE-2000-0251 | 1 Hp | 2 Hp-ux, Vvos | 2008-09-10 | 5.0 MEDIUM | N/A |
| HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses. | |||||
| CVE-2000-0159 | 1 Hp | 1 Hp-ux | 2008-09-10 | 7.5 HIGH | N/A |
| HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. | |||||
| CVE-2000-0095 | 1 Hp | 1 Hp-ux | 2008-09-10 | 5.0 MEDIUM | N/A |
| The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier. | |||||
| CVE-2000-0083 | 1 Hp | 1 Hp-ux | 2008-09-10 | 4.6 MEDIUM | N/A |
| HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. | |||||
| CVE-1999-1134 | 1 Hp | 1 Hp-ux | 2008-09-10 | 7.2 HIGH | N/A |
| Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. | |||||
| CVE-1999-0962 | 1 Hp | 1 Hp-ux | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option. | |||||
| CVE-1999-0779 | 1 Hp | 1 Hp-ux | 2008-09-09 | 5.0 MEDIUM | N/A |
| Denial of service in HP-UX SharedX recserv program. | |||||
| CVE-1999-0686 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2008-09-09 | 5.0 MEDIUM | N/A |
| Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL. | |||||
| CVE-1999-0688 | 1 Hp | 1 Hp-ux | 2008-09-09 | 4.6 MEDIUM | N/A |
| Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x. | |||||
| CVE-1999-0690 | 2 Cde, Hp | 2 Cde, Hp-ux | 2008-09-09 | 7.2 HIGH | N/A |
| HP CDE program includes the current directory in root's PATH variable. | |||||
| CVE-1999-0707 | 1 Hp | 2 Hp-ux, Visualize Conference Ftp | 2008-09-09 | 7.5 HIGH | N/A |
| The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization. | |||||
| CVE-1999-0246 | 1 Hp | 1 Hp-ux | 2008-09-09 | 10.0 HIGH | N/A |
| HP Remote Watch allows a remote user to gain root access. | |||||
| CVE-1999-0216 | 3 Gnu, Hp, Linux | 3 Inet, Hp-ux, Linux Kernel | 2008-09-09 | 5.0 MEDIUM | N/A |
| Denial of service of inetd on Linux through SYN and RST packets. | |||||
| CVE-1999-0479 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2008-09-09 | 5.0 MEDIUM | N/A |
| Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. | |||||
| CVE-1999-0435 | 1 Hp | 1 Hp-ux | 2008-09-09 | 7.2 HIGH | N/A |
| MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM. | |||||
| CVE-1999-0432 | 1 Hp | 1 Hp-ux | 2008-09-09 | 4.6 MEDIUM | N/A |
| ftp on HP-UX 11.00 allows local users to gain privileges. | |||||
| CVE-1999-0436 | 1 Hp | 2 Desms, Hp-ux | 2008-09-09 | 4.6 MEDIUM | N/A |
| Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges. | |||||
| CVE-1999-0423 | 1 Hp | 1 Hp-ux | 2008-09-09 | 4.6 MEDIUM | N/A |
| Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges. | |||||
| CVE-1999-0336 | 1 Hp | 1 Hp-ux | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow in mstm in HP-UX allows local users to gain root access. | |||||