Vendor CVEs
Microfocus
All CVEs
2,283 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-0211 | 0.00 | — | 0.00 | Mar 31, 2008 | Unspecified vulnerability in the BIOS F.04 through F.11 for the HP Compaq Business Notebook PC allows local users to cause a denial of service via unspecified vectors. | |||
| CVE-2008-0706 | 0.00 | — | 0.01 | Mar 31, 2008 | Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password. | |||
| CVE-2008-0704 | 0.00 | — | 0.04 | Mar 28, 2008 | Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain unspecified access via unknown… | |||
| CVE-2008-0707 | 0.00 | — | 0.00 | Mar 20, 2008 | HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B.11.11 and B.11.23 allows local users to gain privileges via unspecified vectors. | |||
| CVE-2008-0974 | 0.00 | — | 0.03 | Feb 25, 2008 | Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon termination) via (1) a large vector value, which raises a "vector too long" exception; or (2) a… | |||
| CVE-2008-0979 | 0.00 | — | 0.03 | Feb 25, 2008 | Stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon crash) via a certain packet that triggers the recursive calling of a… | |||
| CVE-2008-0973 | 0.00 | — | 0.02 | Feb 25, 2008 | Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) 4.5.0.1629, and other 4.5.0.x versions, allows remote attackers to have an unknown impact via a packet with a long string in the username field. | |||
| CVE-2008-0976 | 0.00 | — | 0.04 | Feb 25, 2008 | Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed packet, as demonstrated by a packet of type (1)… | |||
| CVE-2008-0215 | 0.00 | — | 0.04 | Feb 12, 2008 | Multiple unspecified vulnerabilities in HP Storage Essentials Storage Resource Management (SRM) before 6.0.0 allow remote attackers to obtain unspecified access to a managed device via unknown attack vectors. | |||
| CVE-2008-0214 | 0.00 | — | 0.02 | Feb 8, 2008 | Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to gain access via unknown vectors. | |||
| CVE-2008-0213 | 0.00 | — | 0.05 | Feb 7, 2008 | Unspecified vulnerability in a certain ActiveX control for HP Virtual Rooms (HPVR) 6 and earlier allows remote attackers to execute arbitrary code via unknown vectors. | |||
| CVE-2008-0212 | 0.00 | — | 0.04 | Feb 6, 2008 | ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access. | |||
| CVE-2007-6425 | 0.00 | — | 0.04 | Jan 23, 2008 | Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors. | |||
| CVE-2007-6419 | 0.00 | — | 0.03 | Dec 24, 2007 | Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | |||
| CVE-2007-6519 | 0.00 | — | 0.00 | Dec 24, 2007 | Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors. | |||
| CVE-2007-6343 | 0.00 | — | 0.02 | Dec 13, 2007 | Cross-site scripting (XSS) vulnerability in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2007-6194 | 0.00 | — | 0.04 | Dec 6, 2007 | Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 and 4.1x before 4.13.003 allows remote attackers to obtain unspecified access via unknown vectors. | |||
| CVE-2007-5946 | 0.00 | — | 0.00 | Nov 14, 2007 | Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access. | |||
| CVE-2007-5413 | 0.00 | — | 0.03 | Oct 29, 2007 | httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home… | |||
| CVE-2007-5536 | 0.00 | — | 0.01 | Oct 18, 2007 | Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. | |||
| CVE-2007-5391 | 0.00 | — | 0.04 | Oct 12, 2007 | Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 allows remote attackers to obtain unspecified access via unknown vectors. | |||
| CVE-2007-5302 | 0.00 | — | 0.03 | Oct 9, 2007 | Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2007-5242 | 0.00 | — | 0.02 | Oct 6, 2007 | Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after… | |||
| CVE-2007-5241 | 0.00 | — | 0.02 | Oct 6, 2007 | Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All" command, which overwrites a Non-Paged Pool Packet. | |||
| CVE-2007-5008 | 0.00 | — | 0.04 | Sep 20, 2007 | The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected. | |||
| CVE-2007-4931 | 0.00 | — | 0.00 | Sep 18, 2007 | HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous… | |||
| CVE-2007-4590 | 0.00 | — | 0.00 | Aug 29, 2007 | The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors. | |||
| CVE-2007-4526 | 0.00 | — | 0.00 | Aug 25, 2007 | The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file. | |||
| CVE-2007-4179 | 0.00 | — | 0.00 | Aug 8, 2007 | Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. NOTE: this is probably different from CVE-2007-0916, but this is not… | |||
| CVE-2007-4125 | 0.00 | — | 0.02 | Aug 1, 2007 | Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors. | |||
| CVE-2007-3908 | 0.00 | — | 0.01 | Jul 19, 2007 | Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat Enterprise Linux (RHEL) 2.1 SG A.11.14.04 through A.11.14.06; RHEL 3.0 SG A.11.16.04 through A.11.16.10; and ServiceGuard Cluster Object Manager B.03.01.02 allows local users to gain privileges via unspecified… | |||
| CVE-2007-3729 | 0.00 | — | 0.02 | Jul 12, 2007 | The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid POP usernames. | |||
| CVE-2007-3730 | 0.00 | — | 0.02 | Jul 12, 2007 | The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 does not log the source IP address or attempted username for login attempts, which might help remote attackers to avoid identification. | |||
| CVE-2007-3260 | 0.00 | — | 0.04 | Jun 19, 2007 | HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges. | |||
| CVE-2007-3180 | 0.00 | — | 0.03 | Jun 12, 2007 | Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors. | |||
| CVE-2007-3062 | 0.00 | — | 0.04 | Jun 6, 2007 | Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2007-2998 | 0.00 | — | 0.00 | Jun 4, 2007 | The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service (system crash) via certain… | |||
| CVE-2007-2719 | 0.00 | — | 0.04 | May 16, 2007 | Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie. | |||
| CVE-2007-2502 | 0.00 | — | 0.03 | May 4, 2007 | Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.01j allows remote attackers to cause a denial of service via unknown vectors, a different switch series than CVE-2006-4015. | |||
| CVE-2007-2468 | 0.00 | — | 0.01 | May 2, 2007 | Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 allows local users to cause a denial of service (crash) via "Program actions relating to exceptions." | |||
| CVE-2007-2351 | 0.00 | — | 0.01 | Apr 30, 2007 | Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX B.11.11 and B.11.23 allows local users to execute arbitrary code via unspecified vectors. | |||
| CVE-2007-2275 | 0.00 | — | 0.00 | Apr 25, 2007 | Unspecified vulnerability in HP StorageWorks Command View Advanced Edition for XP before 5.6.0-01, XP Replication Monitor before 5.6.0-01, and XP Tiered Storage Manager before 5.5.0-02 allows local users to access other accounts via unspecified vectors during registration or… | |||
| CVE-2007-2246 | 0.00 | — | 0.02 | Apr 25, 2007 | Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not… | |||
| CVE-2007-1994 | 0.00 | — | 0.00 | Apr 12, 2007 | Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.00 allows local users to cause a denial of service via unknown vectors. NOTE: due to lack of vendor details, it is not clear whether this is the same as… | |||
| CVE-2007-1727 | 0.00 | — | 0.02 | Mar 28, 2007 | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors. | |||
| CVE-2007-0916 | 0.00 | — | 0.00 | Feb 14, 2007 | Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | |||
| CVE-2007-0915 | 0.00 | — | 0.04 | Feb 14, 2007 | Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request. | |||
| CVE-2007-0866 | 0.00 | — | 0.00 | Feb 9, 2007 | Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors. | |||
| CVE-2007-0819 | 0.00 | — | 0.01 | Feb 8, 2007 | HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified… | |||
| CVE-2007-0441 | 0.00 | — | 0.02 | Jan 23, 2007 | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to execute arbitrary commands via unknown vectors. |
- CVE-2008-0211Mar 31, 2008risk 0.00cvss —epss 0.00
Unspecified vulnerability in the BIOS F.04 through F.11 for the HP Compaq Business Notebook PC allows local users to cause a denial of service via unspecified vectors.
- CVE-2008-0706Mar 31, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password.
- CVE-2008-0704Mar 28, 2008risk 0.00cvss —epss 0.04
Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain unspecified access via unknown…
- CVE-2008-0707Mar 20, 2008risk 0.00cvss —epss 0.00
HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B.11.11 and B.11.23 allows local users to gain privileges via unspecified vectors.
- CVE-2008-0974Feb 25, 2008risk 0.00cvss —epss 0.03
Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon termination) via (1) a large vector value, which raises a "vector too long" exception; or (2) a…
- CVE-2008-0979Feb 25, 2008risk 0.00cvss —epss 0.03
Stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon crash) via a certain packet that triggers the recursive calling of a…
- CVE-2008-0973Feb 25, 2008risk 0.00cvss —epss 0.02
Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) 4.5.0.1629, and other 4.5.0.x versions, allows remote attackers to have an unknown impact via a packet with a long string in the username field.
- CVE-2008-0976Feb 25, 2008risk 0.00cvss —epss 0.04
Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed packet, as demonstrated by a packet of type (1)…
- CVE-2008-0215Feb 12, 2008risk 0.00cvss —epss 0.04
Multiple unspecified vulnerabilities in HP Storage Essentials Storage Resource Management (SRM) before 6.0.0 allow remote attackers to obtain unspecified access to a managed device via unknown attack vectors.
- CVE-2008-0214Feb 8, 2008risk 0.00cvss —epss 0.02
Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to gain access via unknown vectors.
- CVE-2008-0213Feb 7, 2008risk 0.00cvss —epss 0.05
Unspecified vulnerability in a certain ActiveX control for HP Virtual Rooms (HPVR) 6 and earlier allows remote attackers to execute arbitrary code via unknown vectors.
- CVE-2008-0212Feb 6, 2008risk 0.00cvss —epss 0.04
ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access.
- CVE-2007-6425Jan 23, 2008risk 0.00cvss —epss 0.04
Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors.
- CVE-2007-6419Dec 24, 2007risk 0.00cvss —epss 0.03
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
- CVE-2007-6519Dec 24, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.
- CVE-2007-6343Dec 13, 2007risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2007-6194Dec 6, 2007risk 0.00cvss —epss 0.04
Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 and 4.1x before 4.13.003 allows remote attackers to obtain unspecified access via unknown vectors.
- CVE-2007-5946Nov 14, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.
- CVE-2007-5413Oct 29, 2007risk 0.00cvss —epss 0.03
httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home…
- CVE-2007-5536Oct 18, 2007risk 0.00cvss —epss 0.01
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.
- CVE-2007-5391Oct 12, 2007risk 0.00cvss —epss 0.04
Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 allows remote attackers to obtain unspecified access via unknown vectors.
- CVE-2007-5302Oct 9, 2007risk 0.00cvss —epss 0.03
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2007-5242Oct 6, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after…
- CVE-2007-5241Oct 6, 2007risk 0.00cvss —epss 0.02
Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All" command, which overwrites a Non-Paged Pool Packet.
- CVE-2007-5008Sep 20, 2007risk 0.00cvss —epss 0.04
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.
- CVE-2007-4931Sep 18, 2007risk 0.00cvss —epss 0.00
HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous…
- CVE-2007-4590Aug 29, 2007risk 0.00cvss —epss 0.00
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
- CVE-2007-4526Aug 25, 2007risk 0.00cvss —epss 0.00
The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file.
- CVE-2007-4179Aug 8, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. NOTE: this is probably different from CVE-2007-0916, but this is not…
- CVE-2007-4125Aug 1, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors.
- CVE-2007-3908Jul 19, 2007risk 0.00cvss —epss 0.01
Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat Enterprise Linux (RHEL) 2.1 SG A.11.14.04 through A.11.14.06; RHEL 3.0 SG A.11.16.04 through A.11.16.10; and ServiceGuard Cluster Object Manager B.03.01.02 allows local users to gain privileges via unspecified…
- CVE-2007-3729Jul 12, 2007risk 0.00cvss —epss 0.02
The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid POP usernames.
- CVE-2007-3730Jul 12, 2007risk 0.00cvss —epss 0.02
The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 does not log the source IP address or attempted username for login attempts, which might help remote attackers to avoid identification.
- CVE-2007-3260Jun 19, 2007risk 0.00cvss —epss 0.04
HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.
- CVE-2007-3180Jun 12, 2007risk 0.00cvss —epss 0.03
Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors.
- CVE-2007-3062Jun 6, 2007risk 0.00cvss —epss 0.04
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2007-2998Jun 4, 2007risk 0.00cvss —epss 0.00
The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service (system crash) via certain…
- CVE-2007-2719May 16, 2007risk 0.00cvss —epss 0.04
Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.
- CVE-2007-2502May 4, 2007risk 0.00cvss —epss 0.03
Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.01j allows remote attackers to cause a denial of service via unknown vectors, a different switch series than CVE-2006-4015.
- CVE-2007-2468May 2, 2007risk 0.00cvss —epss 0.01
Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 allows local users to cause a denial of service (crash) via "Program actions relating to exceptions."
- CVE-2007-2351Apr 30, 2007risk 0.00cvss —epss 0.01
Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX B.11.11 and B.11.23 allows local users to execute arbitrary code via unspecified vectors.
- CVE-2007-2275Apr 25, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in HP StorageWorks Command View Advanced Edition for XP before 5.6.0-01, XP Replication Monitor before 5.6.0-01, and XP Tiered Storage Manager before 5.5.0-02 allows local users to access other accounts via unspecified vectors during registration or…
- CVE-2007-2246Apr 25, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not…
- CVE-2007-1994Apr 12, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.00 allows local users to cause a denial of service via unknown vectors. NOTE: due to lack of vendor details, it is not clear whether this is the same as…
- CVE-2007-1727Mar 28, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors.
- CVE-2007-0916Feb 14, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
- CVE-2007-0915Feb 14, 2007risk 0.00cvss —epss 0.04
Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request.
- CVE-2007-0866Feb 9, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors.
- CVE-2007-0819Feb 8, 2007risk 0.00cvss —epss 0.01
HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified…
- CVE-2007-0441Jan 23, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to execute arbitrary commands via unknown vectors.
Page 40 of 46