VYPR

Vendor CVEs

Microfocus

All CVEs

2,279 total · sorted by risk
  • CVE-2008-4419Feb 5, 2009
    risk 0.00cvss epss 0.04

    Directory traversal vulnerability in the HP JetDirect web administration interface in the HP-ChaiSOE 1.0 embedded web server on the LaserJet 9040mfp, LaserJet 9050mfp, and Color LaserJet 9500mfp before firmware 08.110.9; LaserJet 4345mfp and 9200C Digital Sender before firmware…

  • CVE-2009-0204Jan 30, 2009
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in HP Select Access 6.1 and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2009-0122Jan 15, 2009
    risk 0.00cvss epss 0.01

    hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of arbitrary files via unspecified manipulations in advance of an HPLIP installation or upgrade by an administrator, related to the product's attempt to…

  • CVE-2008-4418Dec 11, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.

  • CVE-2008-5417Dec 10, 2008
    risk 0.00cvss epss 0.00

    HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the (1) SYS$CRELNM and (2) SYS$DELLNM system…

  • CVE-2008-4416Dec 5, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.

  • CVE-2008-4415Nov 17, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 allows remote authenticated users to execute arbitrary code via unknown vectors.

  • CVE-2008-4414Nov 7, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors.

  • CVE-2008-4413Nov 4, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary…

  • CVE-2007-4349Oct 23, 2008
    risk 0.00cvss epss 0.03

    The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of…

  • CVE-2007-4350Oct 21, 2008
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 allows remote attackers to inject arbitrary web script or HTML via an SNMP trap message.

  • CVE-2008-4412Oct 17, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors.

  • CVE-2008-4411Oct 13, 2008
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663.

  • CVE-2008-3545Oct 13, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in ovtopmd in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3536, CVE-2008-3537, and CVE-2008-3544. NOTE: due to…

  • CVE-2008-3543Oct 7, 2008
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in NFS / ONCplus B.11.31_04 and earlier on HP-UX B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.

  • CVE-2008-3542Oct 2, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in HP Insight Diagnostics before 7.9.1.2402 allows remote attackers to read arbitrary files via unknown vectors.

  • CVE-2008-4052Sep 11, 2008
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in SMGSHR.EXE in OpenVMS for Integrity Servers 8.2-1, 8.3, and 8.3-1H1 and OpenVMS ALPHA 7.3-2, 8.2, and 8.3 allows local users to cause a denial of service (crash) or gain privileges via unspecified vectors.

  • CVE-2008-3539Sep 11, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in HPSI Active Directory Connector 2.30 and earlier, HPSI SunOne Connector 1.14 and earlier, HPSI eDirectory Connector 1.12 and earlier, HPSI eTrust Connector 1.02 and earlier, HPSI…

  • CVE-2008-3946Sep 5, 2008
    risk 0.00cvss epss 0.01

    The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file.

  • CVE-2008-3947Sep 5, 2008
    risk 0.00cvss epss 0.00

    DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line.

  • CVE-2008-3940Sep 5, 2008
    risk 0.00cvss epss 0.00

    Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file.

  • CVE-2008-3902Sep 3, 2008
    risk 0.00cvss epss 0.00

    HP firmware 68DTT F.0D stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer, aka SSRT080104.

  • CVE-2008-3536Sep 3, 2008
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3537.

  • CVE-2008-3537Sep 3, 2008
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3536.

  • CVE-2008-3538Sep 2, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in HP Enterprise Discovery 2.0 through 2.52 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the initial description of this CVE was inadvertently associated with libxml2, but it should be for HP…

  • CVE-2008-2941Aug 14, 2008
    risk 0.00cvss epss 0.01

    The hpssd message parser in hpssd.py in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to cause a denial of service (process stop) via a crafted packet, as demonstrated by sending "msg=0" to TCP port 2207.

  • CVE-2008-2940Aug 14, 2008
    risk 0.00cvss epss 0.00

    The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to gain privileges and send e-mail messages from the root account via vectors related to the setalerts message, and lack of validation of the device URI associated with an event…

  • CVE-2008-1668Aug 13, 2008
    risk 0.00cvss epss 0.04

    ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remote attackers to gain…

  • CVE-2008-1664Aug 8, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.

  • CVE-2008-1662Aug 1, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list."

  • CVE-2008-1667Jul 29, 2008
    risk 0.00cvss epss 0.03

    The Probe Builder Service (aka PBOVISServer.exe) in European Performance Systems (EPS) Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services (OVIS) on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified…

  • CVE-2008-3253Jul 22, 2008
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, Standard, and Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express and Enterprise) 4.1.0; and HP integrated Citrix XenServer (Select and Enterprise) 4.1.0 allows…

  • CVE-2008-1665Jul 17, 2008
    risk 0.00cvss epss 0.04

    Multiple unspecified vulnerabilities in HP Select Identity (HPSI) Active Directory Bidirectional LDAP Connector 2.20, 2.20.001, 2.20.002, and 2.30 allow remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2008-1666Jul 17, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Oracle for OpenView (OfO) 8.1.7, 9.1.01, 9.2, 9.2.0, 10g, and 10gR2 has unknown impact and attack vectors, possibly related to the July 2008 Oracle Critical Patch Update.

  • CVE-2008-1663Jul 9, 2008
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2007-5608Jun 4, 2008
    risk 0.00cvss epss 0.04

    The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination…

  • CVE-2008-1660May 21, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors.

  • CVE-2008-0713May 13, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23, and B.11.31 allows remote authenticated users to cause a denial of service (FTP server outage) via unknown attack vectors.

  • CVE-2008-1659May 8, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in HP LDAP-UX vB.04.10 through vB.04.15 allows local users to gain privileges via unknown vectors.

  • CVE-2008-0712Apr 25, 2008
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ActiveX control in hpediag.dll in HP Software Update 4.000.009.002 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors. NOTE: this might…

  • CVE-2008-1853Apr 16, 2008
    risk 0.00cvss epss 0.02

    The ovtopmd service in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allows remote attackers to cause a denial of service (exit) by sending a 0x36 packet (exit request).

  • CVE-2008-1852Apr 16, 2008
    risk 0.00cvss epss 0.05

    ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allows remote attackers to cause a denial of service (crash) via certain requests that specify a large number of sub-arguments, which triggers a NULL pointer dereference due to memory…

  • CVE-2008-1851Apr 16, 2008
    risk 0.00cvss epss 0.03

    ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allows remote attackers to cause a denial of service (hang) via certain requests that do not provide all required arguments.

  • CVE-2008-0711Apr 8, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the embedded management console in HP iLO-2 Management Processors (iLO-2 MP), as used in Integrity Servers rx2660, rx3600, and rx6600, and Integrity Blade Server model bl860c, allows remote attackers to cause a denial of service via unknown vectors.

  • CVE-2008-0709Apr 7, 2008
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to access other user accounts via unknown vectors, a different issue than CVE-2008-0214.

  • CVE-2008-0708Apr 6, 2008
    risk 0.00cvss epss 0.00

    HP USB 2.0 Floppy Drive Key product options (1) 442084-B21 and (2) 442085-B21 for certain HP ProLiant servers contain the (a) W32.Fakerecy and (b) W32.SillyFDC worms, which might be launched if the server does not have up-to-date detection.

  • CVE-2008-0706Mar 31, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password.

  • CVE-2008-0211Mar 31, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the BIOS F.04 through F.11 for the HP Compaq Business Notebook PC allows local users to cause a denial of service via unspecified vectors.

  • CVE-2008-0704Mar 28, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain unspecified access via unknown…

  • CVE-2008-0707Mar 20, 2008
    risk 0.00cvss epss 0.00

    HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B.11.11 and B.11.23 allows local users to gain privileges via unspecified vectors.

Page 39 of 46