VYPR

Vendor CVEs

Microfocus

All CVEs

2,226 total · sorted by risk
  • CVE-2008-0960Jun 10, 2008
    risk 0.09cvss epss 0.69

    SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2;…

  • CVE-2008-1661Jun 4, 2008
    risk 0.09cvss epss 0.69

    Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring (SWSM) before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request.

  • CVE-2008-1697Apr 8, 2008
    risk 0.09cvss epss 0.74

    Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView…

  • CVE-2007-6204Dec 13, 2007
    risk 0.09cvss epss 0.70

    Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as…

  • CVE-2002-1337Mar 7, 2003
    risk 0.09cvss epss 0.72

    Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

  • CVE-1999-0513Jan 5, 1998
    risk 0.09cvss epss 0.70

    ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

  • CVE-2014-2624Sep 11, 2014
    risk 0.08cvss epss 0.65

    Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264.

  • CVE-2013-6194Jan 4, 2014
    risk 0.08cvss epss 0.66

    Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1905.

  • CVE-2013-2347Jan 4, 2014
    risk 0.08cvss epss 0.66

    The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.

  • CVE-2013-4837Nov 4, 2013
    risk 0.08cvss epss 0.63

    Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.

  • CVE-2013-4822Oct 13, 2013
    risk 0.08cvss epss 0.63

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1606.

  • CVE-2013-4798Jul 29, 2013
    risk 0.08cvss epss 0.68

    Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.

  • CVE-2013-2370Jul 29, 2013
    risk 0.08cvss epss 0.63

    Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1671.

  • CVE-2013-2343Jul 2, 2013
    risk 0.08cvss epss 0.62

    Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1510.

  • CVE-2013-3576Jun 14, 2013
    risk 0.08cvss epss 0.67

    ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en.

  • CVE-2012-5201Mar 9, 2013
    risk 0.08cvss epss 0.64

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1611.

  • CVE-2012-0432Dec 25, 2012
    risk 0.08cvss epss 0.59

    Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.

  • CVE-2012-5932Dec 24, 2012
    risk 0.08cvss epss 0.63

    Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request.

  • CVE-2012-3274Dec 6, 2012
    risk 0.08cvss epss 0.62

    Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (IMC) before 5.1 E0101P01 allows remote attackers to execute arbitrary code via vectors related to log data.

  • CVE-2012-2020Jul 11, 2012
    risk 0.08cvss epss 0.65

    Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326.

  • CVE-2012-2019Jul 11, 2012
    risk 0.08cvss epss 0.65

    Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325.

  • CVE-2012-0124Mar 14, 2012
    risk 0.08cvss epss 0.63

    Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.

  • CVE-2011-4789Jan 13, 2012
    risk 0.08cvss epss 0.65

    Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it was originally reported that the affected product is HP Diagnostics Server, but…

  • CVE-2011-4166Dec 27, 2011
    risk 0.08cvss epss 0.63

    Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.

  • CVE-2011-3167Nov 2, 2011
    risk 0.08cvss epss 0.66

    Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210.

  • CVE-2011-0922Feb 9, 2011
    risk 0.08cvss epss 0.64

    The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.

  • CVE-2010-1964Jun 17, 2010
    risk 0.08cvss epss 0.68

    Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.

  • CVE-2010-1555May 13, 2010
    risk 0.08cvss epss 0.64

    Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.

  • CVE-2010-1554May 13, 2010
    risk 0.08cvss epss 0.68

    Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.

  • CVE-2007-2280Dec 18, 2009
    risk 0.08cvss epss 0.60

    Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSG_PROTOCOL command with long arguments,…

  • CVE-2009-4179Dec 10, 2009
    risk 0.08cvss epss 0.67

    Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.

  • CVE-2008-0067Jan 8, 2009
    risk 0.08cvss epss 0.63

    Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program,…

  • CVE-2008-0437Jan 23, 2008
    risk 0.08cvss epss 0.58

    Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or…

  • CVE-2007-5208Oct 13, 2007
    risk 0.08cvss epss 0.67

    hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.

  • CVE-2003-0694Oct 6, 2003
    risk 0.08cvss epss 0.60

    The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

  • CVE-2013-4812Sep 16, 2013
    risk 0.07cvss epss 0.52

    UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp files and consequently…

  • CVE-2012-4361Aug 20, 2012
    risk 0.07cvss epss 0.48

    lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter.

  • CVE-2011-0514Jan 20, 2011
    risk 0.07cvss epss 0.49

    The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denial of service (crash) via a packet with a large data size to TCP port 1530.

  • CVE-2009-0714May 14, 2009
    risk 0.07cvss epss 0.52

    Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application…

  • CVE-2004-0594Jul 27, 2004
    risk 0.07cvss epss 0.55

    The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function…

  • CVE-2002-1318Dec 11, 2002
    risk 0.07cvss epss 0.52

    Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode…

  • CVE-1999-0502Mar 1, 1998
    risk 0.07cvss epss 0.52

    A Unix account has a default, null, blank, or missing password.

  • CVE-1999-0046Feb 6, 1997
    risk 0.07cvss epss 0.53

    Buffer overflow of rlogin program using TERM environmental variable.

  • CVE-2014-7883Feb 15, 2015
    risk 0.06cvss epss 0.37

    HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.

  • CVE-2013-4826Oct 13, 2013
    risk 0.06cvss epss 0.32

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647.

  • CVE-2013-4823Oct 13, 2013
    risk 0.06cvss epss 0.38

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607.

  • CVE-2013-4800Jul 29, 2013
    risk 0.06cvss epss 0.39

    Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.

  • CVE-2012-3261Sep 25, 2012
    risk 0.06cvss epss 0.38

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.

  • CVE-2012-3260Sep 25, 2012
    risk 0.06cvss epss 0.38

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462.

  • CVE-2011-4786Jan 12, 2012
    risk 0.06cvss epss 0.41

    A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and…

Page 18 of 45