VYPR

Vendor CVEs

Microfocus

All CVEs

2,284 total · sorted by risk
  • CVE-1999-0502Mar 1, 1998
    risk 0.07cvss epss 0.52

    A Unix account has a default, null, blank, or missing password.

  • CVE-1999-0046Feb 6, 1997
    risk 0.07cvss epss 0.53

    Buffer overflow of rlogin program using TERM environmental variable.

  • CVE-2014-7883Feb 15, 2015
    risk 0.06cvss epss 0.37

    HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.

  • CVE-2013-4826Oct 13, 2013
    risk 0.06cvss epss 0.32

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647.

  • CVE-2013-4823Oct 13, 2013
    risk 0.06cvss epss 0.38

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607.

  • CVE-2013-4800Jul 29, 2013
    risk 0.06cvss epss 0.39

    Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.

  • CVE-2012-3261Sep 25, 2012
    risk 0.06cvss epss 0.38

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.

  • CVE-2012-3260Sep 25, 2012
    risk 0.06cvss epss 0.38

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462.

  • CVE-2011-4786Jan 12, 2012
    risk 0.06cvss epss 0.41

    A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and…

  • CVE-2010-2709Aug 5, 2010
    risk 0.06cvss epss 0.42

    Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie.

  • CVE-2009-3693Oct 13, 2009
    risk 0.06cvss epss 0.42

    Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.

  • CVE-2007-6530Dec 27, 2007
    risk 0.06cvss epss 0.37

    Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder…

  • CVE-2007-1819Apr 2, 2007
    risk 0.06cvss epss 0.40

    Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property.

  • CVE-2003-0161Apr 2, 2003
    risk 0.06cvss epss 0.38

    The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control…

  • CVE-1999-0015Dec 16, 1997
    risk 0.06cvss epss 0.36

    Teardrop IP denial of service.

  • CVE-2013-4824Oct 13, 2013
    risk 0.05cvss epss 0.24

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-1644.

  • CVE-2013-2335Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733.

  • CVE-2013-2332Jun 6, 2013
    risk 0.05cvss epss 0.62

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1654.

  • CVE-2013-2331Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1652.

  • CVE-2013-2330Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1638.

  • CVE-2013-2329Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1637.

  • CVE-2013-2328Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1636.

  • CVE-2013-2327Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1635.

  • CVE-2013-2326Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1634.

  • CVE-2013-2325Jun 6, 2013
    risk 0.05cvss epss 0.61

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1633.

  • CVE-2012-5203Mar 9, 2013
    risk 0.05cvss epss 0.21

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka…

  • CVE-2012-5202Mar 9, 2013
    risk 0.05cvss epss 0.21

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka…

  • CVE-2012-3259Sep 25, 2012
    risk 0.05cvss epss 0.60

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461.

  • CVE-2011-1866Jul 1, 2011
    risk 0.05cvss epss 0.21

    Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXEC_CMD functionality.

  • CVE-2010-1039May 20, 2010
    risk 0.05cvss epss 0.20

    Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code…

  • CVE-2007-6331Dec 13, 2007
    risk 0.05cvss epss 0.30

    Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs…

  • CVE-2007-4916Sep 17, 2007
    risk 0.05cvss epss 0.20

    Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo…

  • CVE-2007-3872Aug 9, 2007
    risk 0.05cvss epss 0.30

    Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.

  • CVE-2005-3277Oct 21, 2005
    risk 0.05cvss epss 0.19

    The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different…

  • CVE-2005-1825May 3, 2005
    risk 0.05cvss epss 0.62

    Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameters to a RADEXECD process.

  • CVE-2004-1856Mar 24, 2004
    risk 0.05cvss epss 0.30

    devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory.

  • CVE-2003-0681Oct 6, 2003
    risk 0.05cvss epss 0.20

    A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

  • CVE-2002-1426Apr 11, 2003
    risk 0.05cvss epss 0.20

    HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.

  • CVE-2002-1317Dec 11, 2002
    risk 0.05cvss epss 0.24

    Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

  • CVE-2001-0552Sep 20, 2001
    risk 0.05cvss epss 0.26

    ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.

  • CVE-1999-0003Apr 1, 1998
    risk 0.05cvss epss 0.24

    Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

  • CVE-2015-4024Jun 9, 2015
    risk 0.04cvss epss 0.50

    Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an…

  • CVE-2015-2125Jun 7, 2015
    risk 0.04cvss epss 0.08

    Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors.

  • CVE-2014-7884Mar 14, 2015
    risk 0.04cvss epss 0.12

    Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors.

  • CVE-2014-2630Aug 12, 2014
    risk 0.04cvss epss 0.07

    Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors.

  • CVE-2014-2612Jun 28, 2014
    risk 0.04cvss epss 0.07

    Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information via unknown vectors.

  • CVE-2013-4784Jul 8, 2013
    risk 0.04cvss epss 0.50

    The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.

  • CVE-2013-2334Jun 6, 2013
    risk 0.04cvss epss 0.47

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1681.

  • CVE-2012-5204Mar 9, 2013
    risk 0.04cvss epss 0.18

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka…

  • CVE-2012-3282Feb 6, 2013
    risk 0.04cvss epss 0.17

    Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1468.

Page 20 of 46