Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2000-0573

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-07 May, 2001 | 04:00
Updated At-08 Aug, 2024 | 05:21
Rejected At-
Credits

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:07 May, 2001 | 04:00
Updated At:08 Aug, 2024 | 05:21
Rejected At:
â–¼CVE Numbering Authority (CNA)

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.cert.org/advisories/CA-2000-13.html
third-party-advisory
x_refsource_CERT
http://marc.info/?l=bugtraq&m=96299933720862&w=2
mailing-list
x_refsource_BUGTRAQ
http://www.redhat.com/support/errata/RHSA-2000-039.html
vendor-advisory
x_refsource_REDHAT
http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt
vendor-advisory
x_refsource_CALDERA
http://marc.info/?l=bugtraq&m=96171893218000&w=2
mailing-list
x_refsource_BUGTRAQ
http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html
mailing-list
x_refsource_BUGTRAQ
http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/1387
vdb-entry
x_refsource_BID
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1
vendor-advisory
x_refsource_FREEBSD
ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02
third-party-advisory
x_refsource_AUSCERT
http://marc.info/?l=bugtraq&m=96179429114160&w=2
mailing-list
x_refsource_BUGTRAQ
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc
vendor-advisory
x_refsource_NETBSD
http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com
mailing-list
x_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/4773
vdb-entry
x_refsource_XF
Hyperlink: http://www.cert.org/advisories/CA-2000-13.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://marc.info/?l=bugtraq&m=96299933720862&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.redhat.com/support/errata/RHSA-2000-039.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt
Resource:
vendor-advisory
x_refsource_CALDERA
Hyperlink: http://marc.info/?l=bugtraq&m=96171893218000&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/bid/1387
Resource:
vdb-entry
x_refsource_BID
Hyperlink: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1
Resource:
vendor-advisory
x_refsource_FREEBSD
Hyperlink: ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02
Resource:
third-party-advisory
x_refsource_AUSCERT
Hyperlink: http://marc.info/?l=bugtraq&m=96179429114160&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc
Resource:
vendor-advisory
x_refsource_NETBSD
Hyperlink: http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/4773
Resource:
vdb-entry
x_refsource_XF
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.cert.org/advisories/CA-2000-13.html
third-party-advisory
x_refsource_CERT
x_transferred
http://marc.info/?l=bugtraq&m=96299933720862&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.redhat.com/support/errata/RHSA-2000-039.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt
vendor-advisory
x_refsource_CALDERA
x_transferred
http://marc.info/?l=bugtraq&m=96171893218000&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/bid/1387
vdb-entry
x_refsource_BID
x_transferred
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1
vendor-advisory
x_refsource_FREEBSD
x_transferred
ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02
third-party-advisory
x_refsource_AUSCERT
x_transferred
http://marc.info/?l=bugtraq&m=96179429114160&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc
vendor-advisory
x_refsource_NETBSD
x_transferred
http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com
mailing-list
x_refsource_BUGTRAQ
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/4773
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.cert.org/advisories/CA-2000-13.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=96299933720862&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2000-039.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt
Resource:
vendor-advisory
x_refsource_CALDERA
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=96171893218000&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/bid/1387
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1
Resource:
vendor-advisory
x_refsource_FREEBSD
x_transferred
Hyperlink: ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02
Resource:
third-party-advisory
x_refsource_AUSCERT
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=96179429114160&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc
Resource:
vendor-advisory
x_refsource_NETBSD
x_transferred
Hyperlink: http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/4773
Resource:
vdb-entry
x_refsource_XF
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:07 Jul, 2000 | 04:00
Updated At:16 Apr, 2026 | 00:27

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
HP Inc.
hp
>>hp-ux>>11.00
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1cve@mitre.org
N/A
ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02cve@mitre.org
N/A
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asccve@mitre.org
N/A
http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.htmlcve@mitre.org
N/A
http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.htmlcve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=96171893218000&w=2cve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=96179429114160&w=2cve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=96299933720862&w=2cve@mitre.org
N/A
http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txtcve@mitre.org
N/A
http://www.cert.org/advisories/CA-2000-13.htmlcve@mitre.org
Patch
Third Party Advisory
US Government Resource
http://www.redhat.com/support/errata/RHSA-2000-039.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/1387cve@mitre.org
N/A
http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.comcve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/4773cve@mitre.org
N/A
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1af854a3a-2127-422b-91ae-364da2661108
N/A
ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02af854a3a-2127-422b-91ae-364da2661108
N/A
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.ascaf854a3a-2127-422b-91ae-364da2661108
N/A
http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=96171893218000&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=96179429114160&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=96299933720862&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txtaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.cert.org/advisories/CA-2000-13.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
US Government Resource
http://www.redhat.com/support/errata/RHSA-2000-039.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/1387af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.comaf854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/4773af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=96171893218000&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=96179429114160&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=96299933720862&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.cert.org/advisories/CA-2000-13.html
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.redhat.com/support/errata/RHSA-2000-039.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/1387
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/4773
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=96171893218000&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=96179429114160&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=96299933720862&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.cert.org/advisories/CA-2000-13.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.redhat.com/support/errata/RHSA-2000-039.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/1387
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/4773
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

394Records found
CVE-2019-5390
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-4.36% / 90.01%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:55
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote command injection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2012-3285
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-8.70% / 94.45%
||
7 Day CHG~0.00%
Published-06 Feb, 2013 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1513.

Action-Not Available
Vendor-n/aHP Inc.
Product-san\/iqlefthand_p4000_virtual_san_appliancen/a
CVE-2019-5387
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-8.11% / 94.10%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:54
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2008-5120
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-9.93% / 94.99%
||
7 Day CHG~0.00%
Published-18 Nov, 2008 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote attackers to execute arbitrary code via a long request string.

Action-Not Available
Vendor-n/aHP Inc.
Product-openvmsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-5352
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-8.11% / 94.10%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:37
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2008-4559
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-16.39% / 96.57%
||
7 Day CHG~0.00%
Published-08 Feb, 2009 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via shell metacharacters in argument fields to the (1) webappmon.exe or (2) OpenView5.exe CGI program. NOTE: this issue may be partially covered by CVE-2009-0205.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-4562
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.44% / 94.31%
||
7 Day CHG~0.00%
Published-08 Feb, 2009 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-2330
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-61.04% / 99.04%
||
7 Day CHG~0.00%
Published-06 Jun, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1638.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2014-2624
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-65.44% / 99.16%
||
7 Day CHG~0.00%
Published-11 Sep, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_node_manager_in/a
CVE-2008-2438
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-10||HIGH
EPSS-11.43% / 95.46%
||
7 Day CHG~0.00%
Published-28 Apr, 2009 | 16:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in ovalarmsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted command to TCP port 2954, which triggers a heap-based buffer overflow.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2008-1842
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-12.19% / 95.64%
||
7 Day CHG~0.00%
Published-16 Apr, 2008 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2008-1697
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-74.34% / 99.43%
||
7 Day CHG~0.00%
Published-08 Apr, 2008 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-1662
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.42% / 90.13%
||
7 Day CHG~0.00%
Published-01 Aug, 2008 | 14:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list."

Action-Not Available
Vendor-n/aHP Inc.
Product-system_administration_managerhp-uxn/a
CVE-2008-1666
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.36% / 81.59%
||
7 Day CHG~0.00%
Published-17 Jul, 2008 | 10:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Oracle for OpenView (OfO) 8.1.7, 9.1.01, 9.2, 9.2.0, 10g, and 10gR2 has unknown impact and attack vectors, possibly related to the July 2008 Oracle Critical Patch Update.

Action-Not Available
Vendor-n/aHP Inc.
Product-oracle_for_openviewn/a
CVE-2007-6194
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.42% / 90.13%
||
7 Day CHG~0.00%
Published-06 Dec, 2007 | 02:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 and 4.1x before 4.13.003 allows remote attackers to obtain unspecified access via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-select_identityn/a
CVE-2008-1668
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.46% / 90.22%
||
7 Day CHG~0.00%
Published-13 Aug, 2008 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remote attackers to gain privileges, as demonstrated by a login attempt for an LDAP account when nsswitch.conf does not specify LDAP for passwd information.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2007-6195
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-13.74% / 96.03%
||
7 Day CHG~0.00%
Published-15 Dec, 2007 | 01:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-6425
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.29% / 89.86%
||
7 Day CHG~0.00%
Published-23 Jan, 2008 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-0067
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-10||HIGH
EPSS-63.42% / 99.11%
||
7 Day CHG~0.00%
Published-08 Jan, 2009 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-2280
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-60.29% / 99.02%
||
7 Day CHG~0.00%
Published-18 Dec, 2009 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSG_PROTOCOL command with long arguments, a different vulnerability than CVE-2009-3844.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4241
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-11.43% / 95.46%
||
7 Day CHG~0.00%
Published-08 Aug, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for Cisco Local Director on HP-UX 11.11i allows remote attackers to execute arbitrary code via a long string to TCP port 17781.

Action-Not Available
Vendor-n/aHP Inc.Cisco Systems, Inc.
Product-local_directorhp-uxn/a
CVE-2007-2791
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-6.46% / 92.87%
||
7 Day CHG~0.00%
Published-22 May, 2007 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64n/a
CVE-1999-0008
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.90% / 88.94%
||
7 Day CHG+0.11%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in NIS+, in Sun's rpc.nisd program.

Action-Not Available
Vendor-n/aHP Inc.Sun Microsystems (Oracle Corporation)
Product-sunoshp-uxsolarisn/a
CVE-2018-7103
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-8.87% / 94.55%
||
7 Day CHG~0.00%
Published-27 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_center_wireless_services_manager_softwareHPE Intelligent Management Center (iMC) Wireless Services Manager Software
CVE-2018-7058
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-3.89% / 88.89%
||
7 Day CHG~0.00%
Published-06 Aug, 2018 | 20:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-aruba_clearpass_policy_managerAruba ClearPass
CWE ID-CWE-287
Improper Authentication
CVE-2018-7114
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-32.76% / 98.13%
||
7 Day CHG~0.00%
Published-03 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerHPE Intelligent Management Center (IMC)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-7076
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-12.31% / 95.68%
||
7 Day CHG~0.00%
Published-17 Oct, 2018 | 13:00
Updated-16 Sep, 2024 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerHPE intelligence Management Center (iMC) PLAT
CWE ID-CWE-287
Improper Authentication
CVE-2007-2736
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.31% / 89.90%
||
7 Day CHG+0.22%
Published-17 May, 2007 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.

Action-Not Available
Vendor-windriverachievosanta_cruz_operationn/aApple Inc.IBM CorporationSun Microsystems (Oracle Corporation)Linux Kernel Organization, IncHP Inc.Microsoft Corporation
Product-windows_memac_os_xa_uxachievosco_unixlinux_kernelwindows_98os2tru64bsdoshp-uxwindows_98sewindows_ntwindows_xpsolariswindows_2000windows_2003_serverwindows_95n/a
CVE-2007-1917
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-6.66% / 93.04%
||
7 Day CHG~0.00%
Published-10 Apr, 2007 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Action-Not Available
Vendor-n/aApple Inc.IBM CorporationSAP SESun Microsystems (Oracle Corporation)Siemens AGLinux Kernel Organization, IncHP Inc.Microsoft Corporation
Product-hp-uxrfc_libraryracfsolarisaixmacosreliant_unixwindows_serveros_400linux_kerneltru64n/a
CVE-2008-1661
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-68.96% / 99.26%
||
7 Day CHG~0.00%
Published-04 Jun, 2008 | 19:17
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring (SWSM) before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request.

Action-Not Available
Vendor-n/aHP Inc.
Product-storageworks_storage_mirroringn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-0446
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-44.46% / 98.60%
||
7 Day CHG~0.00%
Published-08 Feb, 2007 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long server_ip_name field to TCP port 54345, which triggers the overflow in mchan.dll.

Action-Not Available
Vendor-n/aHP Inc.
Product-mercury_loadrunner_agentmercury_performance_center_agentmercury_monitor_over_firewalln/a
CVE-2008-0953
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-8.82% / 94.52%
||
7 Day CHG~0.00%
Published-04 Jun, 2008 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.

Action-Not Available
Vendor-n/aHP Inc.
Product-instant_supportn/a
CVE-2012-3262
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-8.58% / 94.39%
||
7 Day CHG~0.00%
Published-25 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464.

Action-Not Available
Vendor-n/aHP Inc.
Product-sitescopen/a
CVE-2006-5151
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.18% / 89.64%
||
7 Day CHG~0.00%
Published-03 Oct, 2006 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2015-2135
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-8.86% / 94.55%
||
7 Day CHG~0.00%
Published-31 Aug, 2015 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Intelligent Provisioning 1.00 through 1.62(a), 2.00, and 2.10 allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_provisioningn/a
CVE-2019-5391
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-2.67% / 83.81%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:56
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack buffer overflow vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-787
Out-of-bounds Write
CVE-2008-0437
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-58.08% / 98.97%
||
7 Day CHG~0.00%
Published-23 Jan, 2008 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or (3) cabroot property value. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-activexvirtual_roomsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-0704
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.29% / 89.86%
||
7 Day CHG~0.00%
Published-28 Mar, 2008 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain unspecified access via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-integrityalphaopen_vms_tcp-ip_servicesn/a
CVE-2007-5606
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-12.81% / 95.78%
||
7 Day CHG~0.00%
Published-04 Jun, 2008 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607.

Action-Not Available
Vendor-n/aHP Inc.
Product-instant_supportn/a
CVE-2013-6218
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-8.70% / 94.45%
||
7 Day CHG~0.00%
Published-19 Apr, 2014 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_node_manager_in/a
CVE-2007-4916
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-19.67% / 97.06%
||
7 Day CHG~0.00%
Published-17 Sep, 2007 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo & Imaging Gallery 1.1 and probably other products, allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long first argument.

Action-Not Available
Vendor-n/aHP Inc.
Product-all-in-on_printerphoto_and_imaging_galleryn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-3794
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.19% / 80.12%
||
7 Day CHG~0.00%
Published-15 Jul, 2007 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.

Action-Not Available
Vendor-n/aIBM CorporationSun Microsystems (Oracle Corporation)Linux Kernel Organization, IncHitachi, Ltd.HP Inc.Microsoft Corporation
Product-cosminexus_clientucosminexus_clientucosminexus_operatorlinux_kernelucosminexus_service_architectucosminexus_application_servercosminexus_developerhp-uxcosminexus_studioucosminexus_service_platformcosminexus_application_serveraixwindowssolarisucosminexus_developercosminexus_servern/a
CVE-2007-2719
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.49% / 90.27%
||
7 Day CHG~0.00%
Published-16 May, 2007 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.

Action-Not Available
Vendor-n/aHP Inc.
Product-systems_insight_managern/a
CWE ID-CWE-287
Improper Authentication
CVE-2014-2623
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-89.39% / 99.77%
||
7 Day CHG~0.00%
Published-18 Jul, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2013-6189
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-16.61% / 96.61%
||
7 Day CHG~0.00%
Published-29 Dec, 2013 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Archive Query Server in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, and 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1666.

Action-Not Available
Vendor-n/aHP Inc.
Product-application_information_optimizern/a
CVE-2013-6195
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-10.44% / 95.16%
||
7 Day CHG~0.00%
Published-04 Jan, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-2008.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2022-24292
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-7.02% / 93.36%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 19:46
Updated-25 Jun, 2026 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-officejet_pro_8210_j3p67a_firmwareofficejet_pro_8740_j6x83a_firmwarelaserjet_pro_m453-m454_w1y44apagewide_managed_p57750dw_j9v82a_firmwareofficejet_pro_8210_j3p66aofficejet_pro_8740_d9l21alaserjet_pro_m453-m454_w1y43aw1a75a_firmwarelaserjet_pro_m304-m305_w1a46a_firmwarepagewide_pro_552dw_d3q17a_firmwarepagewide_pro_577dw_d3q21a_firmwarelaserjet_pro_m304-m305_w1a63a_firmwareofficejet_pro_8740_k7s43aofficejet_pro_8740_k7s42alaserjet_pro_m404-m405_w1a58aw1a82a_firmwarepagewide_managed_p55250dw_j6u55b_firmwarelaserjet_pro_m304-m305_w1a48a_firmwareofficejet_pro_8730_k7s32alaserjet_pro_mfp_m428-m429_f_w1a35alaserjet_pro_m453-m454_w1y40aofficejet_pro_8210_j3p67alaserjet_pro_mfp_m428-m429_w1a33alaserjet_pro_m453-m454_w1y45a_firmwarepagewide_pro_452dw_d3q16a_firmwareofficejet_pro_8210_d9l64a_firmwareofficejet_pro_8730_d9l20apagewide_pro_577z_k9z76a_firmwarelaserjet_pro_m304-m305_w1a59a_firmwareofficejet_pro_8210_j3p65a_firmwarelaserjet_pro_m453-m454_w1y47a_firmwarelaserjet_pro_m304-m305_w1a57a_firmwarepagewide_352dw_j6u57alaserjet_pro_m304-m305_w1a47a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a35a_firmwareofficejet_pro_8210_d9l64aw1a81a_firmwareofficejet_pro_8740_t0g65aofficejet_pro_8740_k7s41alaserjet_pro_m304-m305_w1a56a_firmwareofficejet_pro_8210_j3p68a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a32a_firmwarepagewide_pro_577z_k9z76alaserjet_pro_m453-m454_w1y45aw1a77a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a29a_firmwarelaserjet_pro_m404-m405_w1a52aofficejet_pro_8740_t0g65a_firmwareofficejet_pro_8730_k7s32a_firmwareofficejet_pro_8210_j3p65alaserjet_pro_m304-m305_w1a66alaserjet_pro_m453-m454_w1y47aw1a78aofficejet_pro_8740_k7s40aofficejet_pro_8740_k7s39aw1a76a_firmwareofficejet_pro_8740_k7s43a_firmwarelaserjet_pro_m404-m405_w1a57alaserjet_pro_m453-m454_w1y46aw1a82aw1a77aofficejet_pro_8740_k7s42a_firmwarelaserjet_pro_m404-m405_w1a56alaserjet_pro_m404-m405_w1a63aofficejet_pro_8210_j3p66a_firmwarelaserjet_pro_m453-m454_w1y44a_firmwarepagewide_pro_452dw_d3q16alaserjet_pro_mfp_m428-m429_f_w1a34alaserjet_pro_m453-m454_w1y43a_firmwarew1a78a_firmwarew1a80alaserjet_pro_m404-m405_93m22apagewide_pro_552dw_d3q17aw1a81alaserjet_pro_mfp_m428-m429_w1a31a_firmwarelaserjet_pro_m453-m454_w1y41aofficejet_pro_8210_d9l63a_firmwarelaserjet_pro_mfp_m428-m429_w1a28alaserjet_pro_mfp_m428-m429_f_w1a30alaserjet_pro_m304-m305_w1a60a_firmwarelaserjet_pro_mfp_m428-m429_w1a31apagewide_managed_p55250dw_j6u51bw1a76alaserjet_pro_mfp_m428-m429_f_w1a34a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a30a_firmwarelaserjet_pro_m304-m305_w1a47aofficejet_pro_8740_j6x83aofficejet_pro_8216_t0g70alaserjet_pro_m304-m305_w1a46alaserjet_pro_m304-m305_w1a51a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38a_firmwarepagewide_pro_577dw_d3q21alaserjet_pro_mfp_m428-m429_f_w1a32apagewide_managed_p55250dw_j6u55a_firmwarelaserjet_pro_mfp_m428-m429_w1a28a_firmwareofficejet_pro_8740_d9l21a_firmwarelaserjet_pro_m304-m305_w1a66a_firmwareofficejet_pro_8740_k7s39a_firmwarelaserjet_pro_m304-m305_w1a53a_firmwareofficejet_pro_8210_j3p68apagewide_managed_p57750dw_j9v82apagewide_pro_452dn_d3q15alaserjet_pro_mfp_m428-m429_w1a33a_firmwarelaserjet_pro_m453-m454_w1y46a_firmwarepagewide_pro_477dn_d3q19apagewide_377dw_j9v80aofficejet_pro_8216_t0g70a_firmwarelaserjet_pro_m453-m454_w1y41a_firmwarew1a79alaserjet_pro_m404-m405_93m22a_firmwarepagewide_managed_p55250dw_j6u51b_firmwarelaserjet_pro_m404-m405_w1a51alaserjet_pro_m304-m305_w1a52a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38apagewide_377dw_j9v80a_firmwarepagewide_managed_p55250dw_j6u55blaserjet_pro_m453-m454_w1y40a_firmwarepagewide_pro_452dn_d3q15a_firmwarepagewide_managed_p55250dw_j6u55aw1a80a_firmwarepagewide_pro_477dn_d3q19a_firmwareofficejet_pro_8740_k7s40a_firmwarew1a79a_firmwarepagewide_pro_477dw_d3q20alaserjet_pro_m404-m405_w1a53alaserjet_pro_m304-m305_w1a48aofficejet_pro_8740_k7s41a_firmwareofficejet_pro_8210_d9l63aw1a75alaserjet_pro_m304-m305_w1a58a_firmwareofficejet_pro_8730_d9l20a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a29alaserjet_pro_m404-m405_w1a59apagewide_352dw_j6u57a_firmwarepagewide_pro_477dw_d3q20a_firmwarelaserjet_pro_m404-m405_w1a60aHP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers
CVE-2013-6221
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-77.94% / 99.52%
||
7 Day CHG~0.00%
Published-18 Jun, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_virtualizationn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2014-7898
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-10.35% / 95.13%
||
7 Day CHG-0.07%
Published-09 Mar, 2015 | 17:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-windowsole_point_of_sale_drivern/a
CVE-2017-8947
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-30.31% / 97.99%
||
7 Day CHG-0.54%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE UCMDB version v10.10, v10.11, v10.20, v10.21, v10.22, v10.30, v10.31 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-ucmdb_configuration_managerUCMDB
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 7
  • 8
  • Next
Details not found