Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2001-0797

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-25 Jun, 2002 | 04:00
Updated At-08 Aug, 2024 | 04:30
Rejected At-
Credits

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:25 Jun, 2002 | 04:00
Updated At:08 Aug, 2024 | 04:30
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2025
vdb-entry
signature
x_refsource_OVAL
http://www.cert.org/advisories/CA-2001-34.html
third-party-advisory
x_refsource_CERT
https://exchange.xforce.ibmcloud.com/vulnerabilities/7284
vdb-entry
x_refsource_XF
http://www-1.ibm.com/support/search.wss?rs=0&q=IY26221&apar=only
vendor-advisory
x_refsource_AIXAPAR
http://marc.info/?l=bugtraq&m=100844757228307&w=2
mailing-list
x_refsource_BUGTRAQ
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/CSSA-2001-SCO.40.txt
vendor-advisory
x_refsource_CALDERA
http://www.securityfocus.com/archive/1/246487
mailing-list
x_refsource_BUGTRAQ
ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I
vendor-advisory
x_refsource_SGI
http://www.securityfocus.com/bid/3681
vdb-entry
x_refsource_BID
http://xforce.iss.net/alerts/advise105.php
third-party-advisory
x_refsource_ISS
http://www.kb.cert.org/vuls/id/569272
third-party-advisory
x_refsource_CERT-VN
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/213
vendor-advisory
x_refsource_SUN
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2025
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.cert.org/advisories/CA-2001-34.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/7284
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www-1.ibm.com/support/search.wss?rs=0&q=IY26221&apar=only
Resource:
vendor-advisory
x_refsource_AIXAPAR
Hyperlink: http://marc.info/?l=bugtraq&m=100844757228307&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/CSSA-2001-SCO.40.txt
Resource:
vendor-advisory
x_refsource_CALDERA
Hyperlink: http://www.securityfocus.com/archive/1/246487
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://www.securityfocus.com/bid/3681
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://xforce.iss.net/alerts/advise105.php
Resource:
third-party-advisory
x_refsource_ISS
Hyperlink: http://www.kb.cert.org/vuls/id/569272
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/213
Resource:
vendor-advisory
x_refsource_SUN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2025
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.cert.org/advisories/CA-2001-34.html
third-party-advisory
x_refsource_CERT
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/7284
vdb-entry
x_refsource_XF
x_transferred
http://www-1.ibm.com/support/search.wss?rs=0&q=IY26221&apar=only
vendor-advisory
x_refsource_AIXAPAR
x_transferred
http://marc.info/?l=bugtraq&m=100844757228307&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/CSSA-2001-SCO.40.txt
vendor-advisory
x_refsource_CALDERA
x_transferred
http://www.securityfocus.com/archive/1/246487
mailing-list
x_refsource_BUGTRAQ
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I
vendor-advisory
x_refsource_SGI
x_transferred
http://www.securityfocus.com/bid/3681
vdb-entry
x_refsource_BID
x_transferred
http://xforce.iss.net/alerts/advise105.php
third-party-advisory
x_refsource_ISS
x_transferred
http://www.kb.cert.org/vuls/id/569272
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/213
vendor-advisory
x_refsource_SUN
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2025
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.cert.org/advisories/CA-2001-34.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/7284
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www-1.ibm.com/support/search.wss?rs=0&q=IY26221&apar=only
Resource:
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=100844757228307&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/CSSA-2001-SCO.40.txt
Resource:
vendor-advisory
x_refsource_CALDERA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/246487
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://www.securityfocus.com/bid/3681
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://xforce.iss.net/alerts/advise105.php
Resource:
third-party-advisory
x_refsource_ISS
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/569272
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/213
Resource:
vendor-advisory
x_refsource_SUN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:12 Dec, 2001 | 05:00
Updated At:03 Apr, 2025 | 01:03

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Silicon Graphics, Inc.
sgi
>>irix>>3.2
cpe:2.3:o:sgi:irix:3.2:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>3.3
cpe:2.3:o:sgi:irix:3.3:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>3.3.1
cpe:2.3:o:sgi:irix:3.3.1:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>3.3.2
cpe:2.3:o:sgi:irix:3.3.2:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>3.3.3
cpe:2.3:o:sgi:irix:3.3.3:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.00
cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.01
cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.10
cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.20
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>10.24
cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.00
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.0.4
cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.11
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.3
cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.3.1
cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.3.2
cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.3.3
cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>5.1
cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*
sco
sco
>>openserver>>5.0
cpe:2.3:o:sco:openserver:5.0:*:*:*:*:*:*:*
sco
sco
>>openserver>>5.0.1
cpe:2.3:o:sco:openserver:5.0.1:*:*:*:*:*:*:*
sco
sco
>>openserver>>5.0.2
cpe:2.3:o:sco:openserver:5.0.2:*:*:*:*:*:*:*
sco
sco
>>openserver>>5.0.3
cpe:2.3:o:sco:openserver:5.0.3:*:*:*:*:*:*:*
sco
sco
>>openserver>>5.0.4
cpe:2.3:o:sco:openserver:5.0.4:*:*:*:*:*:*:*
sco
sco
>>openserver>>5.0.5
cpe:2.3:o:sco:openserver:5.0.5:*:*:*:*:*:*:*
sco
sco
>>openserver>>5.0.6
cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*
sco
sco
>>openserver>>5.0.6a
cpe:2.3:o:sco:openserver:5.0.6a:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>2.4
cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>2.5
cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>2.5.1
cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>2.5.1
cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>2.6
cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>7.0
cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>8.0
cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>-
cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.0
cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.1
cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.2
cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.3
cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.4
cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.5
cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.5.1
cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.7
cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.8
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
ftp://patches.sgi.com/support/free/security/advisories/20011201-01-Icve@mitre.org
N/A
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/CSSA-2001-SCO.40.txtcve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=100844757228307&w=2cve@mitre.org
N/A
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/213cve@mitre.org
N/A
http://www-1.ibm.com/support/search.wss?rs=0&q=IY26221&apar=onlycve@mitre.org
N/A
http://www.cert.org/advisories/CA-2001-34.htmlcve@mitre.org
Patch
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/569272cve@mitre.org
US Government Resource
http://www.securityfocus.com/archive/1/246487cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/3681cve@mitre.org
Exploit
Patch
Vendor Advisory
http://xforce.iss.net/alerts/advise105.phpcve@mitre.org
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7284cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2025cve@mitre.org
N/A
ftp://patches.sgi.com/support/free/security/advisories/20011201-01-Iaf854a3a-2127-422b-91ae-364da2661108
N/A
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/CSSA-2001-SCO.40.txtaf854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=100844757228307&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/213af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-1.ibm.com/support/search.wss?rs=0&q=IY26221&apar=onlyaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.cert.org/advisories/CA-2001-34.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/569272af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.securityfocus.com/archive/1/246487af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/3681af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
Vendor Advisory
http://xforce.iss.net/alerts/advise105.phpaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/7284af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2025af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/CSSA-2001-SCO.40.txt
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=100844757228307&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/213
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www-1.ibm.com/support/search.wss?rs=0&q=IY26221&apar=only
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.cert.org/advisories/CA-2001-34.html
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/569272
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.securityfocus.com/archive/1/246487
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/3681
Source: cve@mitre.org
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://xforce.iss.net/alerts/advise105.php
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/7284
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2025
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/CSSA-2001-SCO.40.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=100844757228307&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/213
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-1.ibm.com/support/search.wss?rs=0&q=IY26221&apar=only
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.cert.org/advisories/CA-2001-34.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/569272
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.securityfocus.com/archive/1/246487
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/3681
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Vendor Advisory
Hyperlink: http://xforce.iss.net/alerts/advise105.php
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/7284
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2025
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

930Records found
CVE-2002-0746
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.56% / 67.42%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2017-8947
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-66.25% / 98.46%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE UCMDB version v10.10, v10.11, v10.20, v10.21, v10.22, v10.30, v10.31 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-ucmdb_configuration_managerUCMDB
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2011-2450
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-10||HIGH
EPSS-3.04% / 86.13%
||
7 Day CHG~0.00%
Published-11 Nov, 2011 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

Action-Not Available
Vendor-n/aMicrosoft CorporationLinux Kernel Organization, IncGoogle LLCSun Microsystems (Oracle Corporation)Apple Inc.Adobe Inc.
Product-linux_kernelwindowssolarisandroidflash_playeradobe_airmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8954
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8975
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-moonshot_provisioning_manager_applianceMoonshot Provisioning Manager Appliance
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4838
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-27.67% / 96.26%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnern/a
CVE-2017-8981
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-17.05% / 94.73%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8956
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-13.73% / 94.01%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2013-5789
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.12%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2011-1851
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-29.84% / 96.47%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1731
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-38.90% / 97.16%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-5824
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.12%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5832, and CVE-2013-5852.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2019-5356
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-19.72% / 95.21%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:39
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2013-5817
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.94% / 92.73%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-1999-1573
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.92% / 74.99%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2007-0446
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-63.75% / 98.34%
||
7 Day CHG~0.00%
Published-08 Feb, 2007 | 23:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long server_ip_name field to TCP port 54345, which triggers the overflow in mchan.dll.

Action-Not Available
Vendor-n/aHP Inc.
Product-mercury_performance_center_agentmercury_monitor_over_firewallmercury_loadrunner_agentn/a
CVE-2013-5787
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.12%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5789, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5809
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-20.98% / 95.43%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5829.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2000-0308
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.35% / 56.64%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.

Action-Not Available
Vendor-scon/aNetscape (Yahoo Inc.)
Product-fasttrack_serverproxy_serverunixwareenterprise_servern/a
CVE-2006-7198
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.09% / 77.07%
||
7 Day CHG~0.00%
Published-30 Apr, 2007 | 22:00
Updated-07 Aug, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 5.1.1.14, and WAS for z/OS 601 before 6.0.2.13, has unknown impact and attack vectors, related to a "Potential security exposure," aka PK26123.

Action-Not Available
Vendor-n/aIBM Corporation
Product-racfwebsphere_application_servern/a
CVE-2013-5400
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-3.58% / 87.28%
||
7 Day CHG~0.00%
Published-14 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unspecified servlet in IBM Platform Symphony Developer Edition (DE) 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain "local environment" access via unknown vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-platform_symphonyn/a
CVE-1999-0696
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.58% / 89.92%
||
7 Day CHG~0.00%
Published-02 Jun, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)HP Inc.
Product-solarissunoshp-uxn/a
CVE-2013-5370
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-16.62% / 94.66%
||
7 Day CHG~0.00%
Published-01 Oct, 2013 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP2 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-4042.

Action-Not Available
Vendor-n/aIBM Corporation
Product-spss_collaboration_and_deployment_servicesn/a
CVE-1999-0169
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.48% / 64.25%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NFS allows attackers to read and write any file on the system by specifying a false UID.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-nfsn/a
CVE-2017-5817
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-83.65% / 99.24%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6195
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-27.67% / 96.26%
||
7 Day CHG~0.00%
Published-04 Jan, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-2008.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-1999-0408
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.48% / 64.25%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-cobalt_raqn/a
CVE-2017-5814
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-37.13% / 97.04%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-network_automationNetwork Automation
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-1999-0789
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-31.59% / 96.63%
||
7 Day CHG~0.00%
Published-22 Mar, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in AIX ftpd in the libc library.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2019-4202
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||CRITICAL
EPSS-2.04% / 83.11%
||
7 Day CHG~0.00%
Published-15 Apr, 2019 | 14:55
Updated-17 Sep, 2024 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal is vulnerable to command injection. An attacker with a specially crafted request can run arbitrary code on the server and gain complete access to the system. IBM X-Force ID: 159123.

Action-Not Available
Vendor-IBM Corporation
Product-api_connectAPI Connect
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-1999-0042
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.49% / 89.83%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in University of Washington's implementation of IMAP and POP servers.

Action-Not Available
Vendor-bsdiuniversity_of_washingtonn/aThe MITRE Corporation (Caldera)IBM CorporationRed Hat, Inc.
Product-bsd_osaiximappoplinuxopenlinuxn/a
CVE-2017-5815
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-61.26% / 98.25%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5821
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-47.52% / 97.62%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CVE-2017-5824
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-26.55% / 96.14%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 02:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-aruba_clearpass_policy_managerAruba ClearPass Policy Manager
CVE-2017-5804
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-55.25% / 97.97%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2011-1854
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-18.95% / 95.08%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long syslog packet, related to an exception handler.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CVE-2017-5819
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5816
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-90.38% / 99.58%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-1999-0073
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.26% / 49.00%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.

Action-Not Available
Vendor-digitaln/aSilicon Graphics, Inc.
Product-irixosf_1unixn/a
CVE-2017-5638
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-94.27% / 99.93%
||
7 Day CHG~0.00%
Published-11 Mar, 2017 | 02:11
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

Action-Not Available
Vendor-IBM CorporationHP Inc.Lenovo Group LimitedThe Apache Software FoundationOracle CorporationAruba NetworksNetApp, Inc.
Product-strutsstorwize_v7000storage_v5030weblogic_serverstorwize_v3500_firmwareclearpass_policy_manageroncommand_balancestorage_v5030_firmwarestorwize_v7000_firmwarestorwize_v5000storwize_v3500storwize_v5000_firmwareserver_automationApache StrutsStruts
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2017-5807
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-46.96% / 97.59%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 00:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-data_protectorData Protector
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-5403
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-1.89% / 82.42%
||
7 Day CHG~0.00%
Published-27 Sep, 2013 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.0 through 2.5.0.1 allows remote attackers to obtain administrative access via unknown vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_datapower_xc10_appliancewebsphere_datapower_xc10_appliance_firmwaren/a
CVE-2013-4813
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-6.40% / 90.64%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-22 Apr, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_manageridentity_driven_managern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2019-5390
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-20.35% / 95.31%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:55
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote command injection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2013-5814
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.94% / 92.73%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5446
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-0.47% / 63.57%
||
7 Day CHG~0.00%
Published-22 Oct, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_datapower_xc10_appliancewebsphere_datapower_xc10_appliance_firmwaren/a
CVE-2013-4822
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-74.06% / 98.78%
||
7 Day CHG~0.00%
Published-13 Oct, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1606.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerimc_branch_intelligent_management_system_software_modulen/a
CVE-2006-6136
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.21% / 78.17%
||
7 Day CHG~0.00%
Published-28 Nov, 2006 | 02:00
Updated-07 Aug, 2024 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CVE-2006-6636
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.66% / 81.30%
||
7 Day CHG~0.00%
Published-19 Dec, 2006 | 20:00
Updated-07 Aug, 2024 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Utility Classes for IBM WebSphere Application Server (WAS) before 5.1.1.13 and 6.x before 6.0.2.17 has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CVE-2019-5387
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-19.03% / 95.09%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:54
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 18
  • 19
  • Next
Details not found