VYPR

Vendor CVEs

Microfocus

All CVEs

2,283 total · sorted by risk
  • CVE-2008-0211Mar 31, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the BIOS F.04 through F.11 for the HP Compaq Business Notebook PC allows local users to cause a denial of service via unspecified vectors.

  • CVE-2008-0706Mar 31, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password.

  • CVE-2008-0704Mar 28, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain unspecified access via unknown…

  • CVE-2008-0707Mar 20, 2008
    risk 0.00cvss epss 0.00

    HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B.11.11 and B.11.23 allows local users to gain privileges via unspecified vectors.

  • CVE-2008-0974Feb 25, 2008
    risk 0.00cvss epss 0.03

    Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon termination) via (1) a large vector value, which raises a "vector too long" exception; or (2) a…

  • CVE-2008-0979Feb 25, 2008
    risk 0.00cvss epss 0.03

    Stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon crash) via a certain packet that triggers the recursive calling of a…

  • CVE-2008-0973Feb 25, 2008
    risk 0.00cvss epss 0.02

    Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) 4.5.0.1629, and other 4.5.0.x versions, allows remote attackers to have an unknown impact via a packet with a long string in the username field.

  • CVE-2008-0976Feb 25, 2008
    risk 0.00cvss epss 0.04

    Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed packet, as demonstrated by a packet of type (1)…

  • CVE-2008-0215Feb 12, 2008
    risk 0.00cvss epss 0.04

    Multiple unspecified vulnerabilities in HP Storage Essentials Storage Resource Management (SRM) before 6.0.0 allow remote attackers to obtain unspecified access to a managed device via unknown attack vectors.

  • CVE-2008-0214Feb 8, 2008
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to gain access via unknown vectors.

  • CVE-2008-0213Feb 7, 2008
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in a certain ActiveX control for HP Virtual Rooms (HPVR) 6 and earlier allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2008-0212Feb 6, 2008
    risk 0.00cvss epss 0.04

    ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access.

  • CVE-2007-6425Jan 23, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors.

  • CVE-2007-6419Dec 24, 2007
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.

  • CVE-2007-6519Dec 24, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.

  • CVE-2007-6343Dec 13, 2007
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2007-6194Dec 6, 2007
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 and 4.1x before 4.13.003 allows remote attackers to obtain unspecified access via unknown vectors.

  • CVE-2007-5946Nov 14, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.

  • CVE-2007-5413Oct 29, 2007
    risk 0.00cvss epss 0.03

    httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home…

  • CVE-2007-5536Oct 18, 2007
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.

  • CVE-2007-5391Oct 12, 2007
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 allows remote attackers to obtain unspecified access via unknown vectors.

  • CVE-2007-5302Oct 9, 2007
    risk 0.00cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2007-5242Oct 6, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after…

  • CVE-2007-5241Oct 6, 2007
    risk 0.00cvss epss 0.02

    Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All" command, which overwrites a Non-Paged Pool Packet.

  • CVE-2007-5008Sep 20, 2007
    risk 0.00cvss epss 0.04

    The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.

  • CVE-2007-4931Sep 18, 2007
    risk 0.00cvss epss 0.00

    HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous…

  • CVE-2007-4590Aug 29, 2007
    risk 0.00cvss epss 0.00

    The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.

  • CVE-2007-4526Aug 25, 2007
    risk 0.00cvss epss 0.00

    The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file.

  • CVE-2007-4179Aug 8, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. NOTE: this is probably different from CVE-2007-0916, but this is not…

  • CVE-2007-4125Aug 1, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors.

  • CVE-2007-3908Jul 19, 2007
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat Enterprise Linux (RHEL) 2.1 SG A.11.14.04 through A.11.14.06; RHEL 3.0 SG A.11.16.04 through A.11.16.10; and ServiceGuard Cluster Object Manager B.03.01.02 allows local users to gain privileges via unspecified…

  • CVE-2007-3729Jul 12, 2007
    risk 0.00cvss epss 0.02

    The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid POP usernames.

  • CVE-2007-3730Jul 12, 2007
    risk 0.00cvss epss 0.02

    The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 does not log the source IP address or attempted username for login attempts, which might help remote attackers to avoid identification.

  • CVE-2007-3260Jun 19, 2007
    risk 0.00cvss epss 0.04

    HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.

  • CVE-2007-3180Jun 12, 2007
    risk 0.00cvss epss 0.03

    Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors.

  • CVE-2007-3062Jun 6, 2007
    risk 0.00cvss epss 0.04

    Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2007-2998Jun 4, 2007
    risk 0.00cvss epss 0.00

    The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service (system crash) via certain…

  • CVE-2007-2719May 16, 2007
    risk 0.00cvss epss 0.04

    Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.

  • CVE-2007-2502May 4, 2007
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.01j allows remote attackers to cause a denial of service via unknown vectors, a different switch series than CVE-2006-4015.

  • CVE-2007-2468May 2, 2007
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 allows local users to cause a denial of service (crash) via "Program actions relating to exceptions."

  • CVE-2007-2351Apr 30, 2007
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX B.11.11 and B.11.23 allows local users to execute arbitrary code via unspecified vectors.

  • CVE-2007-2275Apr 25, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP StorageWorks Command View Advanced Edition for XP before 5.6.0-01, XP Replication Monitor before 5.6.0-01, and XP Tiered Storage Manager before 5.5.0-02 allows local users to access other accounts via unspecified vectors during registration or…

  • CVE-2007-2246Apr 25, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not…

  • CVE-2007-1994Apr 12, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.00 allows local users to cause a denial of service via unknown vectors. NOTE: due to lack of vendor details, it is not clear whether this is the same as…

  • CVE-2007-1727Mar 28, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors.

  • CVE-2007-0916Feb 14, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.

  • CVE-2007-0915Feb 14, 2007
    risk 0.00cvss epss 0.04

    Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request.

  • CVE-2007-0866Feb 9, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors.

  • CVE-2007-0819Feb 8, 2007
    risk 0.00cvss epss 0.01

    HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified…

  • CVE-2007-0441Jan 23, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to execute arbitrary commands via unknown vectors.

Page 40 of 46