Vendor CVEs
Microfocus
All CVEs
2,284 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0502 | 0.07 | — | 0.52 | Mar 1, 1998 | A Unix account has a default, null, blank, or missing password. | |||
| CVE-1999-0046 | 0.07 | — | 0.53 | Feb 6, 1997 | Buffer overflow of rlogin program using TERM environmental variable. | |||
| CVE-2014-7883 | 0.06 | — | 0.37 | Feb 15, 2015 | HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response. | |||
| CVE-2013-4826 | 0.06 | — | 0.32 | Oct 13, 2013 | Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647. | |||
| CVE-2013-4823 | 0.06 | — | 0.38 | Oct 13, 2013 | Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607. | |||
| CVE-2013-4800 | 0.06 | — | 0.39 | Jul 29, 2013 | Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735. | |||
| CVE-2012-3261 | 0.06 | — | 0.38 | Sep 25, 2012 | Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463. | |||
| CVE-2012-3260 | 0.06 | — | 0.38 | Sep 25, 2012 | Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462. | |||
| CVE-2011-4786 | 0.06 | — | 0.41 | Jan 12, 2012 | A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and… | |||
| CVE-2010-2709 | 0.06 | — | 0.42 | Aug 5, 2010 | Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie. | |||
| CVE-2009-3693 | 0.06 | — | 0.42 | Oct 13, 2009 | Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method. | |||
| CVE-2007-6530 | 0.06 | — | 0.37 | Dec 27, 2007 | Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder… | |||
| CVE-2007-1819 | 0.06 | — | 0.40 | Apr 2, 2007 | Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property. | |||
| CVE-2003-0161 | 0.06 | — | 0.38 | Apr 2, 2003 | The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control… | |||
| CVE-1999-0015 | 0.06 | — | 0.36 | Dec 16, 1997 | Teardrop IP denial of service. | |||
| CVE-2013-4824 | 0.05 | — | 0.24 | Oct 13, 2013 | Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-1644. | |||
| CVE-2013-2335 | 0.05 | — | 0.61 | Jun 6, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733. | |||
| CVE-2013-2332 | 0.05 | — | 0.62 | Jun 6, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1654. | |||
| CVE-2013-2331 | 0.05 | — | 0.61 | Jun 6, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1652. | |||
| CVE-2013-2330 | 0.05 | — | 0.61 | Jun 6, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1638. | |||
| CVE-2013-2329 | 0.05 | — | 0.61 | Jun 6, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1637. | |||
| CVE-2013-2328 | 0.05 | — | 0.61 | Jun 6, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1636. | |||
| CVE-2013-2327 | 0.05 | — | 0.61 | Jun 6, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1635. | |||
| CVE-2013-2326 | 0.05 | — | 0.61 | Jun 6, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1634. | |||
| CVE-2013-2325 | 0.05 | — | 0.61 | Jun 6, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1633. | |||
| CVE-2012-5203 | 0.05 | — | 0.21 | Mar 9, 2013 | Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka… | |||
| CVE-2012-5202 | 0.05 | — | 0.21 | Mar 9, 2013 | Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka… | |||
| CVE-2012-3259 | 0.05 | — | 0.60 | Sep 25, 2012 | Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461. | |||
| CVE-2011-1866 | 0.05 | — | 0.21 | Jul 1, 2011 | Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXEC_CMD functionality. | |||
| CVE-2010-1039 | 0.05 | — | 0.20 | May 20, 2010 | Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code… | |||
| CVE-2007-6331 | 0.05 | — | 0.30 | Dec 13, 2007 | Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs… | |||
| CVE-2007-4916 | 0.05 | — | 0.20 | Sep 17, 2007 | Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo… | |||
| CVE-2007-3872 | 0.05 | — | 0.30 | Aug 9, 2007 | Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests. | |||
| CVE-2005-3277 | 0.05 | — | 0.19 | Oct 21, 2005 | The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different… | |||
| CVE-2005-1825 | 0.05 | — | 0.62 | May 3, 2005 | Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameters to a RADEXECD process. | |||
| CVE-2004-1856 | 0.05 | — | 0.30 | Mar 24, 2004 | devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory. | |||
| CVE-2003-0681 | 0.05 | — | 0.20 | Oct 6, 2003 | A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | |||
| CVE-2002-1426 | 0.05 | — | 0.20 | Apr 11, 2003 | HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow. | |||
| CVE-2002-1317 | 0.05 | — | 0.24 | Dec 11, 2002 | Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | |||
| CVE-2001-0552 | 0.05 | — | 0.26 | Sep 20, 2001 | ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message. | |||
| CVE-1999-0003 | 0.05 | — | 0.24 | Apr 1, 1998 | Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). | |||
| CVE-2015-4024 | 0.04 | — | 0.50 | Jun 9, 2015 | Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an… | |||
| CVE-2015-2125 | 0.04 | — | 0.08 | Jun 7, 2015 | Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors. | |||
| CVE-2014-7884 | 0.04 | — | 0.12 | Mar 14, 2015 | Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors. | |||
| CVE-2014-2630 | 0.04 | — | 0.07 | Aug 12, 2014 | Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors. | |||
| CVE-2014-2612 | 0.04 | — | 0.07 | Jun 28, 2014 | Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information via unknown vectors. | |||
| CVE-2013-4784 | 0.04 | — | 0.50 | Jul 8, 2013 | The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. | |||
| CVE-2013-2334 | 0.04 | — | 0.47 | Jun 6, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1681. | |||
| CVE-2012-5204 | 0.04 | — | 0.18 | Mar 9, 2013 | Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka… | |||
| CVE-2012-3282 | 0.04 | — | 0.17 | Feb 6, 2013 | Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1468. |
- CVE-1999-0502Mar 1, 1998risk 0.07cvss —epss 0.52
A Unix account has a default, null, blank, or missing password.
- CVE-1999-0046Feb 6, 1997risk 0.07cvss —epss 0.53
Buffer overflow of rlogin program using TERM environmental variable.
- CVE-2014-7883Feb 15, 2015risk 0.06cvss —epss 0.37
HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.
- CVE-2013-4826Oct 13, 2013risk 0.06cvss —epss 0.32
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647.
- CVE-2013-4823Oct 13, 2013risk 0.06cvss —epss 0.38
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607.
- CVE-2013-4800Jul 29, 2013risk 0.06cvss —epss 0.39
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.
- CVE-2012-3261Sep 25, 2012risk 0.06cvss —epss 0.38
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.
- CVE-2012-3260Sep 25, 2012risk 0.06cvss —epss 0.38
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462.
- CVE-2011-4786Jan 12, 2012risk 0.06cvss —epss 0.41
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and…
- CVE-2010-2709Aug 5, 2010risk 0.06cvss —epss 0.42
Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie.
- CVE-2009-3693Oct 13, 2009risk 0.06cvss —epss 0.42
Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.
- CVE-2007-6530Dec 27, 2007risk 0.06cvss —epss 0.37
Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder…
- CVE-2007-1819Apr 2, 2007risk 0.06cvss —epss 0.40
Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property.
- CVE-2003-0161Apr 2, 2003risk 0.06cvss —epss 0.38
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control…
- CVE-1999-0015Dec 16, 1997risk 0.06cvss —epss 0.36
Teardrop IP denial of service.
- CVE-2013-4824Oct 13, 2013risk 0.05cvss —epss 0.24
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-1644.
- CVE-2013-2335Jun 6, 2013risk 0.05cvss —epss 0.61
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733.
- CVE-2013-2332Jun 6, 2013risk 0.05cvss —epss 0.62
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1654.
- CVE-2013-2331Jun 6, 2013risk 0.05cvss —epss 0.61
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1652.
- CVE-2013-2330Jun 6, 2013risk 0.05cvss —epss 0.61
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1638.
- CVE-2013-2329Jun 6, 2013risk 0.05cvss —epss 0.61
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1637.
- CVE-2013-2328Jun 6, 2013risk 0.05cvss —epss 0.61
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1636.
- CVE-2013-2327Jun 6, 2013risk 0.05cvss —epss 0.61
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1635.
- CVE-2013-2326Jun 6, 2013risk 0.05cvss —epss 0.61
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1634.
- CVE-2013-2325Jun 6, 2013risk 0.05cvss —epss 0.61
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1633.
- CVE-2012-5203Mar 9, 2013risk 0.05cvss —epss 0.21
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka…
- CVE-2012-5202Mar 9, 2013risk 0.05cvss —epss 0.21
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka…
- CVE-2012-3259Sep 25, 2012risk 0.05cvss —epss 0.60
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461.
- CVE-2011-1866Jul 1, 2011risk 0.05cvss —epss 0.21
Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXEC_CMD functionality.
- CVE-2010-1039May 20, 2010risk 0.05cvss —epss 0.20
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code…
- CVE-2007-6331Dec 13, 2007risk 0.05cvss —epss 0.30
Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs…
- CVE-2007-4916Sep 17, 2007risk 0.05cvss —epss 0.20
Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo…
- CVE-2007-3872Aug 9, 2007risk 0.05cvss —epss 0.30
Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.
- CVE-2005-3277Oct 21, 2005risk 0.05cvss —epss 0.19
The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different…
- CVE-2005-1825May 3, 2005risk 0.05cvss —epss 0.62
Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameters to a RADEXECD process.
- CVE-2004-1856Mar 24, 2004risk 0.05cvss —epss 0.30
devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory.
- CVE-2003-0681Oct 6, 2003risk 0.05cvss —epss 0.20
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
- CVE-2002-1426Apr 11, 2003risk 0.05cvss —epss 0.20
HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.
- CVE-2002-1317Dec 11, 2002risk 0.05cvss —epss 0.24
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
- CVE-2001-0552Sep 20, 2001risk 0.05cvss —epss 0.26
ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.
- CVE-1999-0003Apr 1, 1998risk 0.05cvss —epss 0.24
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
- CVE-2015-4024Jun 9, 2015risk 0.04cvss —epss 0.50
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an…
- CVE-2015-2125Jun 7, 2015risk 0.04cvss —epss 0.08
Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors.
- CVE-2014-7884Mar 14, 2015risk 0.04cvss —epss 0.12
Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors.
- CVE-2014-2630Aug 12, 2014risk 0.04cvss —epss 0.07
Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors.
- CVE-2014-2612Jun 28, 2014risk 0.04cvss —epss 0.07
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information via unknown vectors.
- CVE-2013-4784Jul 8, 2013risk 0.04cvss —epss 0.50
The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.
- CVE-2013-2334Jun 6, 2013risk 0.04cvss —epss 0.47
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1681.
- CVE-2012-5204Mar 9, 2013risk 0.04cvss —epss 0.18
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka…
- CVE-2012-3282Feb 6, 2013risk 0.04cvss —epss 0.17
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1468.
Page 20 of 46