VYPR

Vendor CVEs

Microfocus

All CVEs

2,280 total · sorted by risk
  • CVE-2005-2988Sep 20, 2005
    risk 0.00cvss epss 0.02

    HP LaserJet 2430, and possibly other printers that use Jetdirect controls, stores information about recently printed documents without proper protection, which could allow remote attackers to obtain sensitive information via SNMP.

  • CVE-2005-2552Aug 12, 2005
    risk 0.00cvss epss 0.02

    Unknown vulnerability in HP ProLiant DL585 servers running Integrated Lights Out (ILO) firmware before 1.81 allows attackers to access server controls when the server is "powered down."

  • CVE-2005-2076Jun 29, 2005
    risk 0.00cvss epss 0.01

    HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen.

  • CVE-2005-1771May 31, 2005
    risk 0.00cvss epss 0.02

    Unknown vulnerability in HP-UX trusted systems B.11.00 through B.11.23 allows remote attackers to gain unauthorized access, possibly involving remshd and/or telnet -t.

  • CVE-2005-1434May 3, 2005
    risk 0.00cvss epss 0.04

    Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code.

  • CVE-2005-1433May 3, 2005
    risk 0.00cvss epss 0.01

    Multiple unknown vulnjerabilities HP OpenView Event Correlation Services (OV ECS) 3.32 and 3.33 allow attackers to cause a denial of service or execute arbitrary code.

  • CVE-2005-1192May 2, 2005
    risk 0.00cvss epss 0.03

    Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.

  • CVE-2005-1056May 2, 2005
    risk 0.00cvss epss 0.03

    Unknown vulnerability in HP OpenView Network Node Manager (NMM) 6.2 through 6.4, and 7.01 through 7.50, allows remote attackers to cause a denial of service.

  • CVE-2005-0652May 2, 2005
    risk 0.00cvss epss 0.00

    Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files.

  • CVE-2005-1244Apr 20, 2005
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. NOTE: the vendor has disputed this…

  • CVE-2005-0719Mar 9, 2005
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and…

  • CVE-2005-0547Feb 24, 2005
    risk 0.00cvss epss 0.01

    Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files."

  • CVE-2005-0364Feb 10, 2005
    risk 0.00cvss epss 0.03

    Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.

  • CVE-2004-0965Feb 9, 2005
    risk 0.00cvss epss 0.01

    stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs.

  • CVE-2005-0224Jan 31, 2005
    risk 0.00cvss epss 0.02

    Unknown vulnerability in HP-UX B.11.04 running Virtualvault 4.5 through 4.7, when running the TGA daemon, allows remote attackers to cause a denial of service via certain network traffic.

  • CVE-2004-0952Dec 31, 2004
    risk 0.00cvss epss 0.05

    HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption.

  • CVE-2004-1486Dec 31, 2004
    risk 0.00cvss epss 0.04

    Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and Cluster Object Manager A.01.03 and B.01.04 through B.03.00.01 on HP-UX, Serviceguard A.11.14.04 and A.11.15.04 and Cluster Object Manager B.02.01.02 and B.02.02.02 on HP Linux, allow remote attackers to gain…

  • CVE-2004-2693Dec 31, 2004
    risk 0.00cvss epss 0.00

    HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.

  • CVE-2004-2439Dec 31, 2004
    risk 0.00cvss epss 0.02

    The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote attackers to upgrade firmware.

  • CVE-2004-1480Dec 31, 2004
    risk 0.00cvss epss 0.03

    Unknown vulnerability in the management station in HP StorageWorks Command View XP 1.8B and earlier allows remote attackers to bypass access restrictions.

  • CVE-2004-1328Dec 31, 2004
    risk 0.00cvss epss 0.01

    Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges.

  • CVE-2004-2665Dec 31, 2004
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors.

  • CVE-2004-2753Dec 31, 2004
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "files in a potentially insecure manner."

  • CVE-2004-2600Dec 31, 2004
    risk 0.00cvss epss 0.03

    The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN…

  • CVE-2004-2678Dec 31, 2004
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors.

  • CVE-2004-1811Dec 31, 2004
    risk 0.00cvss epss 0.02

    The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates.

  • CVE-2004-0951Dec 31, 2004
    risk 0.00cvss epss 0.04

    The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information.

  • CVE-2004-1858Dec 31, 2004
    risk 0.00cvss epss 0.01

    HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of service (crash) via a malformed request, possibly due to a stricmp() error from an invalid use of the "$" character.

  • CVE-2004-1375Dec 23, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges.

  • CVE-2004-1713Aug 10, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in HP Process Resource Manager (PRM) C.02.01[.01] and earlier, as used by HP-UX Workload Manager (WLM), allows local users to corrupt data files.

  • CVE-2004-0525Aug 6, 2004
    risk 0.00cvss epss 0.03

    HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero.

  • CVE-2004-0657Aug 6, 2004
    risk 0.00cvss epss 0.03

    Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.

  • CVE-2004-0709Jul 27, 2004
    risk 0.00cvss epss 0.03

    HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions.

  • CVE-2004-1764Jan 14, 2004
    risk 0.00cvss epss 0.01

    Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.

  • CVE-2003-1496Dec 31, 2003
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840.

  • CVE-2003-1087Dec 31, 2003
    risk 0.00cvss epss 0.03

    Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic.

  • CVE-2003-1495Dec 31, 2003
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors.

  • CVE-2003-1356Dec 31, 2003
    risk 0.00cvss epss 0.00

    The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors.

  • CVE-2003-1494Dec 31, 2003
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet.

  • CVE-2003-1362Dec 31, 2003
    risk 0.00cvss epss 0.02

    Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases.

  • CVE-2003-1493Dec 31, 2003
    risk 0.00cvss epss 0.03

    Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (memory exhaustion) via crafted TCP packets.

  • CVE-2003-1374Dec 31, 2003
    risk 0.00cvss epss 0.01

    Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options.

  • CVE-2003-1360Dec 31, 2003
    risk 0.00cvss epss 0.01

    Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable.

  • CVE-2003-1098Dec 31, 2003
    risk 0.00cvss epss 0.01

    The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges.

  • CVE-2003-0914Dec 15, 2003
    risk 0.00cvss epss 0.03

    ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

  • CVE-2003-0951Dec 15, 2003
    risk 0.00cvss epss 0.01

    Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.

  • CVE-2003-0724Oct 20, 2003
    risk 0.00cvss epss 0.01

    ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges.

  • CVE-2003-0746Oct 20, 2003
    risk 0.00cvss epss 0.05

    Various Distributed Computing Environment (DCE) implementations, including HP OpenView, allow remote attackers to cause a denial of service (process hang or termination) via certain malformed inputs, as triggered by attempted exploits against the vulnerabilities CVE-2003-0352 or…

  • CVE-2003-0458Aug 18, 2003
    risk 0.00cvss epss 0.00

    Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges.

  • CVE-2003-0333May 19, 2003
    risk 0.00cvss epss 0.01

    Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying…

Page 42 of 46