Vendor CVEs
Microfocus
All CVEs
2,280 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-0754 | 0.00 | — | 0.01 | Oct 20, 2000 | Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords. | |||
| CVE-2000-0730 | 0.00 | — | 0.00 | Oct 20, 2000 | Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges. | |||
| CVE-2000-0616 | 0.00 | — | 0.01 | Jun 26, 2000 | Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain additional privileges via DBUTIL.PUB.SYS. | |||
| CVE-2000-0558 | 0.00 | — | 0.05 | Jun 6, 2000 | Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345. | |||
| CVE-2000-0414 | 0.00 | — | 0.00 | May 4, 2000 | Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables. | |||
| CVE-2000-0083 | 0.00 | — | 0.01 | Apr 18, 2000 | HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. | |||
| CVE-2000-0251 | 0.00 | — | 0.02 | Apr 6, 2000 | HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses. | |||
| CVE-2000-0159 | 0.00 | — | 0.02 | Feb 17, 2000 | HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. | |||
| CVE-2000-0095 | 0.00 | — | 0.02 | Jan 24, 2000 | The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier. | |||
| CVE-1999-0992 | 0.00 | — | 0.03 | Jan 18, 2000 | HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). | |||
| CVE-2000-0078 | 0.00 | — | 0.01 | Jan 2, 2000 | The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command. | |||
| CVE-1999-1573 | 0.00 | — | 0.05 | Dec 28, 1999 | Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files. | |||
| CVE-1999-1163 | 0.00 | — | 0.02 | Nov 24, 1999 | Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation. | |||
| CVE-1999-0829 | 0.00 | — | 0.02 | Nov 1, 1999 | HP Secure Web Console uses weak encryption. | |||
| CVE-1999-0688 | 0.00 | — | 0.01 | Jul 1, 1999 | Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x. | |||
| CVE-1999-0707 | 0.00 | — | 0.02 | Jul 1, 1999 | The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization. | |||
| CVE-1999-0690 | 0.00 | — | 0.01 | Jul 1, 1999 | HP CDE program includes the current directory in root's PATH variable. | |||
| CVE-1999-0686 | 0.00 | — | 0.02 | May 7, 1999 | Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL. | |||
| CVE-1999-0684 | 0.00 | — | 0.02 | Apr 19, 1999 | Denial of service in Sendmail 8.8.6 in HPUX. | |||
| CVE-1999-0447 | 0.00 | — | 0.00 | Apr 1, 1999 | Local users can gain privileges using the debug utility in the MPE/iX operating system. | |||
| CVE-1999-0436 | 0.00 | — | 0.00 | Mar 1, 1999 | Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges. | |||
| CVE-1999-0479 | 0.00 | — | 0.02 | Mar 1, 1999 | Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. | |||
| CVE-1999-0435 | 0.00 | — | 0.01 | Mar 1, 1999 | MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM. | |||
| CVE-1999-0432 | 0.00 | — | 0.00 | Mar 1, 1999 | ftp on HP-UX 11.00 allows local users to gain privileges. | |||
| CVE-1999-1247 | 0.00 | — | 0.01 | Feb 24, 1999 | Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges. | |||
| CVE-1999-0353 | 0.00 | — | 0.02 | Feb 10, 1999 | rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory. | |||
| CVE-2000-0005 | 0.00 | — | 0.01 | Jan 2, 1999 | HP-UX aserver program allows local users to gain privileges via a symlink attack. | |||
| CVE-1999-0478 | 0.00 | — | 0.01 | Dec 1, 1998 | Denial of service in HP-UX sendmail 8.8.6 related to accepting connections. | |||
| CVE-1999-0254 | 0.00 | — | 0.04 | Nov 2, 1998 | A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. | |||
| CVE-1999-0779 | 0.00 | — | 0.02 | Sep 3, 1998 | Denial of service in HP-UX SharedX recserv program. | |||
| CVE-1999-1136 | 0.00 | — | 0.01 | Jul 30, 1998 | Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems. | |||
| CVE-1999-0008 | 0.00 | — | 0.04 | Jun 8, 1998 | Buffer overflow in NIS+, in Sun's rpc.nisd program. | |||
| CVE-1999-0551 | 0.00 | — | 0.01 | Apr 1, 1998 | HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests. | |||
| CVE-1999-0004 | 0.00 | — | 0.03 | Dec 16, 1997 | MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. | |||
| CVE-1999-0216 | 0.00 | — | 0.03 | Nov 1, 1997 | Denial of service of inetd on Linux through SYN and RST packets. | |||
| CVE-1999-0097 | 0.00 | — | 0.04 | Oct 29, 1997 | The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). | |||
| CVE-1999-1062 | 0.00 | — | 0.02 | Oct 4, 1997 | HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100. | |||
| CVE-1999-1061 | 0.00 | — | 0.04 | Oct 4, 1997 | HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging. | |||
| CVE-1999-1213 | 0.00 | — | 0.02 | Oct 1, 1997 | Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service. | |||
| CVE-1999-0326 | 0.00 | — | 0.01 | Oct 1, 1997 | Vulnerability in HP-UX mediainit program. | |||
| CVE-1999-1133 | 0.00 | — | 0.00 | Sep 1, 1997 | HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users. | |||
| CVE-1999-1139 | 0.00 | — | 0.00 | Sep 1, 1997 | Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. | |||
| CVE-1999-1308 | 0.00 | — | 0.00 | Jul 31, 1997 | Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges. | |||
| CVE-1999-0962 | 0.00 | — | 0.01 | May 14, 1997 | Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option. | |||
| CVE-1999-0318 | 0.00 | — | 0.01 | Mar 1, 1997 | Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. | |||
| CVE-1999-1160 | 0.00 | — | 0.04 | Feb 2, 1997 | Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges. | |||
| CVE-1999-0309 | 0.00 | — | 0.01 | Feb 1, 1997 | HP-UX vgdisplay program gives root access to local users. | |||
| CVE-1999-1144 | 0.00 | — | 0.01 | Jan 30, 1997 | Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges. | |||
| CVE-1999-1088 | 0.00 | — | 0.01 | Jan 9, 1997 | Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges. | |||
| CVE-1999-1145 | 0.00 | — | 0.01 | Jan 7, 1997 | Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges. |
- CVE-2000-0754Oct 20, 2000risk 0.00cvss —epss 0.01
Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.
- CVE-2000-0730Oct 20, 2000risk 0.00cvss —epss 0.00
Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.
- CVE-2000-0616Jun 26, 2000risk 0.00cvss —epss 0.01
Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain additional privileges via DBUTIL.PUB.SYS.
- CVE-2000-0558Jun 6, 2000risk 0.00cvss —epss 0.05
Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345.
- CVE-2000-0414May 4, 2000risk 0.00cvss —epss 0.00
Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables.
- CVE-2000-0083Apr 18, 2000risk 0.00cvss —epss 0.01
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.
- CVE-2000-0251Apr 6, 2000risk 0.00cvss —epss 0.02
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses.
- CVE-2000-0159Feb 17, 2000risk 0.00cvss —epss 0.02
HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.
- CVE-2000-0095Jan 24, 2000risk 0.00cvss —epss 0.02
The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier.
- CVE-1999-0992Jan 18, 2000risk 0.00cvss —epss 0.03
HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP).
- CVE-2000-0078Jan 2, 2000risk 0.00cvss —epss 0.01
The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.
- CVE-1999-1573Dec 28, 1999risk 0.00cvss —epss 0.05
Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files.
- CVE-1999-1163Nov 24, 1999risk 0.00cvss —epss 0.02
Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation.
- CVE-1999-0829Nov 1, 1999risk 0.00cvss —epss 0.02
HP Secure Web Console uses weak encryption.
- CVE-1999-0688Jul 1, 1999risk 0.00cvss —epss 0.01
Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.
- CVE-1999-0707Jul 1, 1999risk 0.00cvss —epss 0.02
The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization.
- CVE-1999-0690Jul 1, 1999risk 0.00cvss —epss 0.01
HP CDE program includes the current directory in root's PATH variable.
- CVE-1999-0686May 7, 1999risk 0.00cvss —epss 0.02
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
- CVE-1999-0684Apr 19, 1999risk 0.00cvss —epss 0.02
Denial of service in Sendmail 8.8.6 in HPUX.
- CVE-1999-0447Apr 1, 1999risk 0.00cvss —epss 0.00
Local users can gain privileges using the debug utility in the MPE/iX operating system.
- CVE-1999-0436Mar 1, 1999risk 0.00cvss —epss 0.00
Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges.
- CVE-1999-0479Mar 1, 1999risk 0.00cvss —epss 0.02
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.
- CVE-1999-0435Mar 1, 1999risk 0.00cvss —epss 0.01
MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM.
- CVE-1999-0432Mar 1, 1999risk 0.00cvss —epss 0.00
ftp on HP-UX 11.00 allows local users to gain privileges.
- CVE-1999-1247Feb 24, 1999risk 0.00cvss —epss 0.01
Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges.
- CVE-1999-0353Feb 10, 1999risk 0.00cvss —epss 0.02
rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.
- CVE-2000-0005Jan 2, 1999risk 0.00cvss —epss 0.01
HP-UX aserver program allows local users to gain privileges via a symlink attack.
- CVE-1999-0478Dec 1, 1998risk 0.00cvss —epss 0.01
Denial of service in HP-UX sendmail 8.8.6 related to accepting connections.
- CVE-1999-0254Nov 2, 1998risk 0.00cvss —epss 0.04
A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.
- CVE-1999-0779Sep 3, 1998risk 0.00cvss —epss 0.02
Denial of service in HP-UX SharedX recserv program.
- CVE-1999-1136Jul 30, 1998risk 0.00cvss —epss 0.01
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.
- CVE-1999-0008Jun 8, 1998risk 0.00cvss —epss 0.04
Buffer overflow in NIS+, in Sun's rpc.nisd program.
- CVE-1999-0551Apr 1, 1998risk 0.00cvss —epss 0.01
HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests.
- CVE-1999-0004Dec 16, 1997risk 0.00cvss —epss 0.03
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
- CVE-1999-0216Nov 1, 1997risk 0.00cvss —epss 0.03
Denial of service of inetd on Linux through SYN and RST packets.
- CVE-1999-0097Oct 29, 1997risk 0.00cvss —epss 0.04
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
- CVE-1999-1062Oct 4, 1997risk 0.00cvss —epss 0.02
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100.
- CVE-1999-1061Oct 4, 1997risk 0.00cvss —epss 0.04
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging.
- CVE-1999-1213Oct 1, 1997risk 0.00cvss —epss 0.02
Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service.
- CVE-1999-0326Oct 1, 1997risk 0.00cvss —epss 0.01
Vulnerability in HP-UX mediainit program.
- CVE-1999-1133Sep 1, 1997risk 0.00cvss —epss 0.00
HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users.
- CVE-1999-1139Sep 1, 1997risk 0.00cvss —epss 0.00
Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.
- CVE-1999-1308Jul 31, 1997risk 0.00cvss —epss 0.00
Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges.
- CVE-1999-0962May 14, 1997risk 0.00cvss —epss 0.01
Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option.
- CVE-1999-0318Mar 1, 1997risk 0.00cvss —epss 0.01
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
- CVE-1999-1160Feb 2, 1997risk 0.00cvss —epss 0.04
Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges.
- CVE-1999-0309Feb 1, 1997risk 0.00cvss —epss 0.01
HP-UX vgdisplay program gives root access to local users.
- CVE-1999-1144Jan 30, 1997risk 0.00cvss —epss 0.01
Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges.
- CVE-1999-1088Jan 9, 1997risk 0.00cvss —epss 0.01
Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges.
- CVE-1999-1145Jan 7, 1997risk 0.00cvss —epss 0.01
Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges.
Page 45 of 46