OpenView Network Node Manager
by Microfocus
CVEs (110)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-6204 | 0.09 | — | 0.70 | Dec 13, 2007 | Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as… | |||
| CVE-2014-2624 | 0.08 | — | 0.65 | Sep 11, 2014 | Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264. | |||
| CVE-2011-3167 | 0.08 | — | 0.66 | Nov 2, 2011 | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210. | |||
| CVE-2010-1964 | 0.08 | — | 0.68 | Jun 17, 2010 | Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683. | |||
| CVE-2010-1555 | 0.08 | — | 0.64 | May 13, 2010 | Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter. | |||
| CVE-2010-1554 | 0.08 | — | 0.68 | May 13, 2010 | Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter. | |||
| CVE-2009-4179 | 0.08 | — | 0.67 | Dec 10, 2009 | Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action. | |||
| CVE-2008-0067 | 0.08 | — | 0.63 | Jan 8, 2009 | Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program,… | |||
| CVE-2010-2709 | 0.06 | — | 0.42 | Aug 5, 2010 | Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie. | |||
| CVE-2001-0552 | 0.05 | — | 0.26 | Sep 20, 2001 | ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message. | |||
| CVE-2009-3840 | 0.04 | — | 0.09 | Nov 19, 2009 | The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Error Code field in a packet. | |||
| CVE-2008-3544 | 0.04 | — | 0.18 | Oct 13, 2008 | Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61),… | |||
| CVE-2008-1842 | 0.04 | — | 0.12 | Apr 16, 2008 | Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative… | |||
| CVE-2000-1058 | 0.04 | — | 0.16 | Dec 11, 2000 | Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, in the SNMP service (snmp.exe), aka the "Java SNMP MIB Browser Object ID parsing… | |||
| CVE-2011-5184 | 0.03 | — | 0.03 | Sep 20, 2012 | Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3)… | |||
| CVE-2008-0068 | 0.03 | — | 0.05 | Apr 16, 2008 | Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter. | |||
| CVE-2009-3845 | 0.02 | — | 0.22 | Dec 10, 2009 | The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts. | |||
| CVE-2013-6218 | 0.01 | — | 0.09 | Apr 19, 2014 | Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors. | |||
| CVE-2012-3275 | 0.01 | — | 0.10 | Dec 6, 2012 | Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and 9.20 allows remote attackers to execute arbitrary code via unknown vectors. | |||
| CVE-2011-3166 | 0.01 | — | 0.12 | Nov 2, 2011 | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1209. |
- CVE-2007-6204Dec 13, 2007risk 0.09cvss —epss 0.70
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as…
- CVE-2014-2624Sep 11, 2014risk 0.08cvss —epss 0.65
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264.
- CVE-2011-3167Nov 2, 2011risk 0.08cvss —epss 0.66
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210.
- CVE-2010-1964Jun 17, 2010risk 0.08cvss —epss 0.68
Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.
- CVE-2010-1555May 13, 2010risk 0.08cvss —epss 0.64
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.
- CVE-2010-1554May 13, 2010risk 0.08cvss —epss 0.68
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
- CVE-2009-4179Dec 10, 2009risk 0.08cvss —epss 0.67
Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.
- CVE-2008-0067Jan 8, 2009risk 0.08cvss —epss 0.63
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program,…
- CVE-2010-2709Aug 5, 2010risk 0.06cvss —epss 0.42
Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie.
- CVE-2001-0552Sep 20, 2001risk 0.05cvss —epss 0.26
ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.
- CVE-2009-3840Nov 19, 2009risk 0.04cvss —epss 0.09
The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Error Code field in a packet.
- CVE-2008-3544Oct 13, 2008risk 0.04cvss —epss 0.18
Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61),…
- CVE-2008-1842Apr 16, 2008risk 0.04cvss —epss 0.12
Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative…
- CVE-2000-1058Dec 11, 2000risk 0.04cvss —epss 0.16
Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, in the SNMP service (snmp.exe), aka the "Java SNMP MIB Browser Object ID parsing…
- CVE-2011-5184Sep 20, 2012risk 0.03cvss —epss 0.03
Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3)…
- CVE-2008-0068Apr 16, 2008risk 0.03cvss —epss 0.05
Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter.
- CVE-2009-3845Dec 10, 2009risk 0.02cvss —epss 0.22
The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts.
- CVE-2013-6218Apr 19, 2014risk 0.01cvss —epss 0.09
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.
- CVE-2012-3275Dec 6, 2012risk 0.01cvss —epss 0.10
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and 9.20 allows remote attackers to execute arbitrary code via unknown vectors.
- CVE-2011-3166Nov 2, 2011risk 0.01cvss —epss 0.12
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1209.
Page 2 of 6