Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-1999-0696

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-02 Jun, 2000 | 04:00
Updated At-01 Aug, 2024 | 16:48
Rejected At-
Credits

Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:02 Jun, 2000 | 04:00
Updated At:01 Aug, 2024 | 16:48
Rejected At:
â–¼CVE Numbering Authority (CNA)

Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188
vendor-advisory
x_refsource_SUN
http://www.ciac.org/ciac/bulletins/j-051.shtml
third-party-advisory
government-resource
x_refsource_CIAC
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102
vendor-advisory
x_refsource_HP
Hyperlink: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188
Resource:
vendor-advisory
x_refsource_SUN
Hyperlink: http://www.ciac.org/ciac/bulletins/j-051.shtml
Resource:
third-party-advisory
government-resource
x_refsource_CIAC
Hyperlink: http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102
Resource:
vendor-advisory
x_refsource_HP
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188
vendor-advisory
x_refsource_SUN
x_transferred
http://www.ciac.org/ciac/bulletins/j-051.shtml
third-party-advisory
government-resource
x_refsource_CIAC
x_transferred
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188
Resource:
vendor-advisory
x_refsource_SUN
x_transferred
Hyperlink: http://www.ciac.org/ciac/bulletins/j-051.shtml
Resource:
third-party-advisory
government-resource
x_refsource_CIAC
x_transferred
Hyperlink: http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:01 Jul, 1999 | 04:00
Updated At:16 Apr, 2026 | 00:27

Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
HP Inc.
hp
>>hp-ux>>10.24
cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.00
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>2.5
cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>2.6
cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>4.1.3
cpe:2.3:o:sun:sunos:4.1.3:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.3
cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.4
cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.5
cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.5.1
cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188cve@mitre.org
N/A
http://www.ciac.org/ciac/bulletins/j-051.shtmlcve@mitre.org
N/A
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102cve@mitre.org
N/A
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ciac.org/ciac/bulletins/j-051.shtmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ciac.org/ciac/bulletins/j-051.shtml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ciac.org/ciac/bulletins/j-051.shtml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

641Records found
CVE-2016-1985
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||CRITICAL
EPSS-2.41% / 85.15%
||
7 Day CHG~0.00%
Published-30 Jan, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-operations_managerwindowsn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2016-1329
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.07% / 84.02%
||
7 Day CHG~0.00%
Published-03 Mar, 2016 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.

Action-Not Available
Vendor-zzincn/aSamsungSun Microsystems (Oracle Corporation)Cisco Systems, Inc.Zyxel Networks Corporation
Product-nexus_3064xx14j_firmwaregs1900-10hp_firmwareopensolarisnexus_3064nexus_3048nexus_3548nexus_3524keymouse_firmwarenexus_3064tn/a
CWE ID-CWE-287
Improper Authentication
CVE-2003-1081
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.48% / 81.09%
||
7 Day CHG~0.00%
Published-08 Feb, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunossolarisn/a
CVE-2016-1989
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-13.50% / 94.25%
||
7 Day CHG~0.00%
Published-15 Mar, 2016 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_automationn/a
CVE-2011-0922
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-82.01% / 99.22%
||
7 Day CHG~0.00%
Published-09 Feb, 2011 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protectorn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-2245
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-14.45% / 94.46%
||
7 Day CHG~0.00%
Published-19 Mar, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-support_assistantn/a
CWE ID-CWE-287
Improper Authentication
CVE-2016-1997
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.58% / 85.65%
||
7 Day CHG~0.00%
Published-22 Mar, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Action-Not Available
Vendor-n/aHP Inc.
Product-operations_orchestrationoperations_orchestration_contentn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1998
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.67% / 82.19%
||
7 Day CHG~0.00%
Published-22 Mar, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5356
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-19.72% / 95.46%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:39
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2016-2005
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-47.25% / 97.71%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protectorn/a
CVE-2008-0704
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.67% / 85.87%
||
7 Day CHG~0.00%
Published-28 Mar, 2008 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain unspecified access via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-integrityalphaopen_vms_tcp-ip_servicesn/a
CVE-2001-0552
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.35% / 87.37%
||
7 Day CHG~0.00%
Published-29 Aug, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.

Action-Not Available
Vendor-n/aIBM CorporationHP Inc.
Product-tivoli_netviewopenview_network_node_managern/a
CVE-2008-3553
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.15% / 89.92%
||
7 Day CHG~0.00%
Published-08 Aug, 2008 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition devices allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 3-10." NOTE: as of 20080807, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a company led by a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Action-Not Available
Vendor-n/aNokia CorporationSun Microsystems (Oracle Corporation)
Product-j2meseries_40n/a
CVE-2002-0033
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-55.47% / 98.09%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunossolarisn/a
CVE-2016-1999
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.23% / 87.13%
||
7 Day CHG~0.00%
Published-30 May, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Action-Not Available
Vendor-n/aHP Inc.
Product-release_controln/a
CWE ID-CWE-284
Improper Access Control
CVE-2014-7898
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-23.36% / 95.98%
||
7 Day CHG~0.00%
Published-09 Mar, 2015 | 17:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-windowsole_point_of_sale_drivern/a
CVE-2016-4448
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.20% / 79.03%
||
7 Day CHG~0.00%
Published-09 Jun, 2016 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

Action-Not Available
Vendor-n/aApple Inc.SlackwareOracle CorporationMcAfee, LLCRed Hat, Inc.HP Inc.Microsoft Corporationlibxml2 (XMLSoft)Tenable, Inc.
Product-vm_servermac_os_xenterprise_linux_server_tusenterprise_linux_desktopweb_gatewayenterprise_linux_server_eusenterprise_linux_server_auslog_correlation_enginetvosslackware_linuxituneswatchoslibxml2enterprise_linux_serverenterprise_linux_workstationicewall_federation_agentwindowsiphone_oslinuxicloudenterprise_linuxn/a
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2010-3566
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-6.76% / 91.35%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that leads to a buffer overflow via a crafted devs (device information) tag structure in a color profile.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jrejdkn/a
CVE-2020-24650
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-7.21% / 91.64%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:36
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A legend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2020-24648
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-22.10% / 95.82%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:36
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A accessmgrservlet classname deserialization of untrusted data remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2020-24646
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-9.17% / 92.72%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:34
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-24651
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-8.60% / 92.44%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:36
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A syslogtempletselectwin expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2008-1697
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-83.18% / 99.27%
||
7 Day CHG~0.00%
Published-08 Apr, 2008 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24292
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.04% / 83.94%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 19:46
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-officejet_pro_8210_j3p67a_firmwareofficejet_pro_8740_k7s42a_firmwarelaserjet_pro_m453-m454_w1y46a_firmwarelaserjet_pro_mfp_m478-m479_w1a80alaserjet_pro_m304-m305_w1a47alaserjet_pro_m453-m454_w1y45a_firmwarelaserjet_pro_m304-m305_w1a48a_firmwareofficejet_pro_8740_t0g65aofficejet_pro_8210_j3p65aofficejet_pro_8210_d9l63a_firmwarelaserjet_pro_m453-m454_w1y44aofficejet_pro_8740_k7s40aofficejet_pro_8740_j6x83a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a29a_firmwarepagewide_managed_p55250dw_j6u55alaserjet_pro_m304-m305_w1a46aofficejet_pro_8740_k7s43alaserjet_pro_m453-m454_w1y43a_firmwarepagewide_352dw_j6u57a_firmwarelaserjet_pro_m453-m454_w1y47a_firmwarepagewide_pro_477dn_d3q19alaserjet_pro_m304-m305_w1a46a_firmwarelaserjet_pro_m304-m305_w1a66a_firmwarelaserjet_pro_m404-m405_w1a57alaserjet_pro_m404-m405_w1a59alaserjet_pro_m453-m454_w1y41a_firmwarelaserjet_pro_mfp_m478-m479_w1a78a_firmwarelaserjet_pro_m404-m405_w1a56alaserjet_pro_m404-m405_w1a52alaserjet_pro_mfp_m478-m479_w1a82alaserjet_pro_mfp_m428-m429_w1a31apagewide_pro_452dw_d3q16a_firmwarelaserjet_pro_mfp_m478-m479_w1a77a_firmwarepagewide_pro_452dw_d3q16apagewide_pro_452dn_d3q15apagewide_managed_p57750dw_j9v82aofficejet_pro_8740_k7s41aofficejet_pro_8210_d9l63alaserjet_pro_m304-m305_w1a53a_firmwarepagewide_pro_552dw_d3q17a_firmwarelaserjet_pro_mfp_m478-m479_w1a79alaserjet_pro_mfp_m428-m429_w1a31a_firmwareofficejet_pro_8210_j3p68a_firmwareofficejet_pro_8216_t0g70a_firmwarelaserjet_pro_m304-m305_w1a51a_firmwarelaserjet_pro_m304-m305_w1a59a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38alaserjet_pro_m304-m305_w1a48alaserjet_pro_mfp_m428-m429_f_w1a32a_firmwareofficejet_pro_8216_t0g70alaserjet_pro_m453-m454_w1y47alaserjet_pro_m304-m305_w1a56a_firmwarepagewide_pro_577z_k9z76a_firmwarepagewide_managed_p55250dw_j6u55b_firmwareofficejet_pro_8730_k7s32a_firmwareofficejet_pro_8740_j6x83apagewide_pro_577dw_d3q21alaserjet_pro_mfp_m478-m479_w1a80a_firmwarelaserjet_pro_m304-m305_w1a52a_firmwarepagewide_pro_452dn_d3q15a_firmwareofficejet_pro_8210_d9l64alaserjet_pro_m453-m454_w1y46alaserjet_pro_mfp_m428-m429_f_w1a32alaserjet_pro_mfp_m478-m479_w1a81a_firmwarelaserjet_pro_m453-m454_w1y44a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34a_firmwareofficejet_pro_8740_k7s41a_firmwareofficejet_pro_8210_d9l64a_firmwarepagewide_377dw_j9v80a_firmwarelaserjet_pro_m304-m305_w1a57a_firmwareofficejet_pro_8740_d9l21alaserjet_pro_m304-m305_w1a58a_firmwarelaserjet_pro_mfp_m478-m479_w1a75apagewide_managed_p55250dw_j6u55bofficejet_pro_8740_k7s39alaserjet_pro_mfp_m428-m429_f_w1a30alaserjet_pro_m304-m305_w1a66alaserjet_pro_m453-m454_w1y40alaserjet_pro_mfp_m478-m479_w1a77apagewide_managed_p55250dw_j6u55a_firmwarepagewide_pro_477dw_d3q20aofficejet_pro_8210_j3p66alaserjet_pro_m404-m405_w1a60alaserjet_pro_mfp_m428-m429_f_w1a35alaserjet_pro_mfp_m478-m479_w1a76a_firmwarepagewide_pro_577z_k9z76apagewide_managed_p55250dw_j6u51bpagewide_377dw_j9v80alaserjet_pro_mfp_m478-m479_w1a78alaserjet_pro_m304-m305_w1a63a_firmwarelaserjet_pro_m304-m305_w1a60a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34aofficejet_pro_8740_t0g65a_firmwarepagewide_pro_477dw_d3q20a_firmwarelaserjet_pro_m453-m454_w1y40a_firmwareofficejet_pro_8740_k7s39a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a35a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a30a_firmwarepagewide_managed_p55250dw_j6u51b_firmwareofficejet_pro_8730_d9l20a_firmwarelaserjet_pro_mfp_m428-m429_w1a33a_firmwarelaserjet_pro_m404-m405_93m22alaserjet_pro_mfp_m478-m479_w1a76alaserjet_pro_mfp_m478-m479_w1a82a_firmwareofficejet_pro_8210_j3p68alaserjet_pro_mfp_m478-m479_w1a81alaserjet_pro_m404-m405_w1a51alaserjet_pro_mfp_m428-m429_w1a33aofficejet_pro_8210_j3p66a_firmwarelaserjet_pro_m404-m405_w1a53alaserjet_pro_m453-m454_w1y43alaserjet_pro_mfp_m478-m479_w1a79a_firmwarelaserjet_pro_m404-m405_w1a58alaserjet_pro_mfp_m428-m429_w1a28a_firmwareofficejet_pro_8210_j3p67alaserjet_pro_mfp_m428-m429_w1a28aofficejet_pro_8740_k7s42apagewide_pro_552dw_d3q17aofficejet_pro_8210_j3p65a_firmwareofficejet_pro_8740_k7s43a_firmwarelaserjet_pro_m453-m454_w1y41alaserjet_pro_m453-m454_w1y45alaserjet_pro_m304-m305_w1a47a_firmwareofficejet_pro_8730_d9l20aofficejet_pro_8740_d9l21a_firmwareofficejet_pro_8740_k7s40a_firmwareofficejet_pro_8730_k7s32apagewide_managed_p57750dw_j9v82a_firmwarelaserjet_pro_m404-m405_93m22a_firmwarelaserjet_pro_m404-m405_w1a63alaserjet_pro_mfp_m428-m429_f_w1a29alaserjet_pro_mfp_m478-m479_w1a75a_firmwarepagewide_352dw_j6u57apagewide_pro_477dn_d3q19a_firmwarepagewide_pro_577dw_d3q21a_firmwareHP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers
CVE-2013-6218
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-31.62% / 96.82%
||
7 Day CHG~0.00%
Published-19 Apr, 2014 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_node_manager_in/a
CVE-2009-3845
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-16.97% / 95.00%
||
7 Day CHG-1.62%
Published-10 Dec, 2009 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2013-5787
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.57%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5789, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2013-5824
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.57%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5832, and CVE-2013-5852.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2013-5809
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-10.71% / 93.36%
||
7 Day CHG+2.91%
Published-16 Oct, 2013 | 17:31
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5829.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jrejdkn/a
CVE-2013-5817
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-7.77% / 91.98%
||
7 Day CHG+1.41%
Published-16 Oct, 2013 | 17:31
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2013-6221
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-84.14% / 99.31%
||
7 Day CHG~0.00%
Published-18 Jun, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_virtualizationn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2013-5789
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.57%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jrejdkn/a
CVE-2013-5782
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-7.77% / 91.98%
||
7 Day CHG+1.41%
Published-16 Oct, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jrockitjrejdkn/a
CVE-2013-4841
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-28.40% / 96.54%
||
7 Day CHG~0.00%
Published-26 Feb, 2014 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in HP StoreVirtual 4000 and StoreVirtual VSA Software (formerly LeftHand Virtual SAN Appliance) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1509.

Action-Not Available
Vendor-n/aHP Inc.
Product-storevirtual_virtual_storage_appliancelefthandstorevirtual_4000n/a
CVE-2013-4808
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-4.20% / 88.78%
||
7 Day CHG~0.00%
Published-18 Aug, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31 and Service Center 6.2.8 allows remote attackers to obtain privileged access via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_managerservice_centern/a
CVE-2013-4813
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-6.40% / 91.08%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_manageridentity_driven_managern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-4812
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-74.00% / 98.85%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_manageridentity_driven_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4838
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-27.67% / 96.47%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnern/a
CVE-2013-4798
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-83.19% / 99.28%
||
7 Day CHG~0.00%
Published-26 Jul, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnern/a
CVE-2013-4810
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-89.70% / 99.57%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-21 Apr, 2026 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874.

Action-Not Available
Vendor-n/aHP Inc.
Product-application_lifecycle_managementprocurve_managern/aProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-4811
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-83.54% / 99.29%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_manageridentity_driven_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3573
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-1.11% / 78.27%
||
7 Day CHG~0.00%
Published-14 Jun, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-insight_diagnosticsn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-2420
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-6.27% / 90.97%
||
7 Day CHG~0.00%
Published-17 Apr, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jrejdkn/a
CVE-2013-2472
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-54.41% / 98.04%
||
7 Day CHG~0.00%
Published-18 Jun, 2013 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jrejdkn/a
CVE-2013-2324
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-38.30% / 97.25%
||
7 Day CHG~0.00%
Published-06 Jun, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1629.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2013-2349
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-27.67% / 96.47%
||
7 Day CHG~0.00%
Published-04 Jan, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1896.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2013-2326
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-20.80% / 95.64%
||
7 Day CHG~0.00%
Published-06 Jun, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1634.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2013-2335
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-20.80% / 95.64%
||
7 Day CHG~0.00%
Published-06 Jun, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2013-2347
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-76.79% / 98.97%
||
7 Day CHG~0.00%
Published-04 Jan, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2013-2463
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-44.66% / 97.59%
||
7 Day CHG~0.00%
Published-18 Jun, 2013 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jrejdkn/a
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 12
  • 13
  • Next
Details not found