Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2002-1048

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-31 Aug, 2002 | 04:00
Updated At-08 Aug, 2024 | 03:12
Rejected At-
Credits

HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:31 Aug, 2002 | 04:00
Updated At:08 Aug, 2024 | 03:12
Rejected At:
▼CVE Numbering Authority (CNA)

HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.kb.cert.org/vuls/id/377003
third-party-advisory
x_refsource_CERT-VN
http://www.iss.net/security_center/static/9693.php
vdb-entry
x_refsource_XF
http://archives.neohapsis.com/archives/bugtraq/2002-07/0345.html
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/5331
vdb-entry
x_refsource_BID
Hyperlink: http://www.kb.cert.org/vuls/id/377003
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.iss.net/security_center/static/9693.php
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-07/0345.html
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/bid/5331
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.kb.cert.org/vuls/id/377003
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.iss.net/security_center/static/9693.php
vdb-entry
x_refsource_XF
x_transferred
http://archives.neohapsis.com/archives/bugtraq/2002-07/0345.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/bid/5331
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/377003
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.iss.net/security_center/static/9693.php
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-07/0345.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/bid/5331
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:04 Oct, 2002 | 04:00
Updated At:03 Apr, 2025 | 01:03

HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
HP Inc.
hp
>>jetdirect>>j3111a_rev._a.08.06
cpe:2.3:h:hp:jetdirect:j3111a_rev._a.08.06:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>j3111a_rev._g.05.35
cpe:2.3:h:hp:jetdirect:j3111a_rev._g.05.35:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>j3111a_rev._g.07.02
cpe:2.3:h:hp:jetdirect:j3111a_rev._g.07.02:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>j3111a_rev._g.07.03
cpe:2.3:h:hp:jetdirect:j3111a_rev._g.07.03:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>j3111a_rev._g.07.17
cpe:2.3:h:hp:jetdirect:j3111a_rev._g.07.17:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>j3111a_rev._g.08.03
cpe:2.3:h:hp:jetdirect:j3111a_rev._g.08.03:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>x.08.00
cpe:2.3:h:hp:jetdirect:x.08.00:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>x.08.04
cpe:2.3:h:hp:jetdirect:x.08.04:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>x.08.05
cpe:2.3:h:hp:jetdirect:x.08.05:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>x.08.20
cpe:2.3:h:hp:jetdirect:x.08.20:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>x.08.32
cpe:2.3:h:hp:jetdirect:x.08.32:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>x.20.00
cpe:2.3:h:hp:jetdirect:x.20.00:*:*:*:*:*:*:*
HP Inc.
hp
>>jetdirect>>x.21.00
cpe:2.3:h:hp:jetdirect:x.21.00:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/bugtraq/2002-07/0345.htmlcve@mitre.org
Vendor Advisory
http://www.iss.net/security_center/static/9693.phpcve@mitre.org
N/A
http://www.kb.cert.org/vuls/id/377003cve@mitre.org
US Government Resource
http://www.securityfocus.com/bid/5331cve@mitre.org
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2002-07/0345.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.iss.net/security_center/static/9693.phpaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kb.cert.org/vuls/id/377003af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.securityfocus.com/bid/5331af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-07/0345.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.iss.net/security_center/static/9693.php
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/377003
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.securityfocus.com/bid/5331
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-07/0345.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.iss.net/security_center/static/9693.php
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/377003
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.securityfocus.com/bid/5331
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

205Records found
CVE-2004-1480
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.38%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the management station in HP StorageWorks Command View XP 1.8B and earlier allows remote attackers to bypass access restrictions.

Action-Not Available
Vendor-n/aHP Inc.
Product-storageworks_command_viewn/a
CVE-2004-0951
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.25% / 83.92%
||
7 Day CHG~0.00%
Published-19 Aug, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information.

Action-Not Available
Vendor-n/aHP Inc.
Product-ignite-uxn/a
CVE-2004-1082
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.08% / 89.39%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

Action-Not Available
Vendor-scon/aThe Apache Software FoundationAvaya LLCIBM CorporationOpenBSDApple Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-communication_managermn100openbsdopenserversolarisapache_mod_digest_applehttp_serversunosnetwork_routingwebproxyintuity_audix_lxvirtualvaultmodular_messaging_message_storage_servern/a
CVE-2004-0826
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.00% / 86.02%
||
7 Day CHG~0.00%
Published-02 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)HP Inc.Mozilla CorporationNetscape (Yahoo Inc.)
Product-hp-uxone_application_servercertificate_servernetwork_security_servicesjava_enterprise_systemone_web_serverdirectory_serverjava_system_application_serverpersonalization_engineenterprise_servern/a
CVE-2011-2404
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-80.49% / 99.09%
||
7 Day CHG~0.00%
Published-11 Aug, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-4786 and CVE-2011-4787.

Action-Not Available
Vendor-n/aHP Inc.
Product-easy_printer_care_softwaren/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2017-14356
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 66.18%
||
7 Day CHG~0.00%
Published-31 Oct, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQL injection.

Action-Not Available
Vendor-Micro Focus International LimitedHP Inc.
Product-arcsight_enterprise_security_managerarcsight_enterprise_security_manager_expressHP ArcSight ESM ExpressHP ArcSight ESM
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2017-14349
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-0.76% / 72.32%
||
7 Day CHG~0.00%
Published-29 Sep, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data.

Action-Not Available
Vendor-n/aHP Inc.
Product-sitescopen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2011-1532
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-2.06% / 83.16%
||
7 Day CHG~0.00%
Published-15 Apr, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SNMP component on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to obtain sensitive information or modify data via vectors related to the Embedded Web Server (EWS).

Action-Not Available
Vendor-n/aHP Inc.
Product-photosmart_premium_c510photosmart_d110photosmart_premium_fax_all-in-onephotosmart_premium_c310photosmart_plus_b210photosmart_b110envy_100_d410n/a
CVE-2003-0028
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-56.05% / 98.01%
||
7 Day CHG~0.00%
Published-21 Mar, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

Action-Not Available
Vendor-openafscrayn/aMIT (Massachusetts Institute of Technology)IBM CorporationSilicon Graphics, Inc.OpenBSDFreeBSD FoundationGNUSun Microsystems (Oracle Corporation)HP Inc.
Product-glibchp-uxopenbsdaixhp-ux_series_700solarisirixunicoshp-ux_series_800sunosopenafsfreebsdkerberos_5n/a
CVE-2003-0064
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.87% / 74.28%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Action-Not Available
Vendor-n/aIBM CorporationSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-hp-uxaixsolarisirixsunosn/a
CVE-2010-4494
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.97% / 82.77%
||
7 Day CHG~0.00%
Published-07 Dec, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

Action-Not Available
Vendor-n/aGoogle LLCFedora Projectlibxml2 (XMLSoft)Debian GNU/LinuxSUSEThe Apache Software FoundationRed Hat, Inc.openSUSEApple Inc.HP Inc.
Product-fedorainsight_control_server_deploymentsuse_linux_enterprise_serverenterprise_linux_workstationrapid_deployment_packiphone_ositunessafarichromeopensusedebian_linuxlibxml2enterprise_linux_serveropenofficeenterprise_linux_desktopenterprise_linux_eusmac_os_xn/a
CWE ID-CWE-415
Double Free
CVE-2010-4267
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-10.22% / 92.84%
||
7 Day CHG~0.00%
Published-20 Jan, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value.

Action-Not Available
Vendor-n/aHP Inc.
Product-linux_imaging_and_printing_projectn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4028
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.98% / 75.86%
||
7 Day CHG~0.00%
Published-28 Oct, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remote attackers to cause a denial of service, and possibly obtain sensitive information or modify data, via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnerloadrunner_web_toursn/a
CVE-2002-1605
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-27.59% / 96.25%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2002-1604
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-46.02% / 97.55%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2010-4029
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-1.86% / 82.28%
||
7 Day CHG~0.00%
Published-28 Oct, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Essentials before 6.3.0, when LDAP authentication is enabled, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_essentialsn/a
CVE-2002-1317
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-42.48% / 97.36%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

Action-Not Available
Vendor-xfree86_projectn/aSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-hp-uxsolarisirixsunosx11r6n/a
CVE-2002-1408
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.92% / 75.02%
||
7 Day CHG~0.00%
Published-18 Mar, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_emanate_snmp_agentvvosn/a
CVE-2002-0250
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.76% / 92.14%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password.

Action-Not Available
Vendor-n/aHP Inc.
Product-advancestack_10base-t_switching_hub_j3201aadvancestack_10base-t_switching_hub_j3202aadvancestack_10base-t_switching_hub_j3205aadvancestack_10base-t_switching_hub_j3203aadvancestack_10base-t_switching_hub_j3210aadvancestack_10base-t_switching_hub_j3200aadvancestack_10base-t_switching_hub_j3204an/a
CVE-2002-0610
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.65% / 85.18%
||
7 Day CHG~0.00%
Published-11 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properly validate certain FTP commands, which allows attackers to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpe_ixn/a
CVE-2006-4201
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-30.25% / 96.52%
||
7 Day CHG~0.00%
Published-17 Aug, 2006 | 21:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the backup agent and Cell Manager in HP OpenView Storage Data Protector 5.1 and 5.5 before 20060810 allows remote attackers to execute arbitrary code on an agent via unspecified vectors related to authentication and input validation.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CVE-2002-0836
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.44% / 93.64%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.

Action-Not Available
Vendor-n/aHP Inc.Red Hat, Inc.Mandriva (Mandrakesoft)
Product-secure_oslinuxmandrake_linuxn/a
CVE-2002-0076
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.07% / 76.89%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.

Action-Not Available
Vendor-n/aMicrosoft CorporationSun Microsystems (Oracle Corporation)HP Inc.
Product-jdkjresdkjava_jre-jdkvirtual_machinen/a
CVE-2002-0677
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-19.03% / 95.09%
||
7 Day CHG~0.00%
Published-12 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

Action-Not Available
Vendor-xi_graphicscompaqn/aThe MITRE Corporation (Caldera)HP Inc.IBM CorporationSun Microsystems (Oracle Corporation)Silicon Graphics, Inc.
Product-tru64dextophp-uxaixsolarisirixunixwaresunosopenunixn/a
CVE-2010-1964
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-82.13% / 99.17%
||
7 Day CHG~0.00%
Published-17 Jun, 2010 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2001-0608
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.68% / 70.72%
||
7 Day CHG~0.00%
Published-27 Jul, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP architected interface facility (AIF) as includes with MPE/iX 5.5 through 6.5 running on a HP3000 allows an attacker to gain additional privileges and gain access to databases via the AIF - AIFCHANGELOGON program.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpen/a
CVE-2001-0668
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.76% / 81.85%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2000-0443
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.35% / 88.49%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.

Action-Not Available
Vendor-n/aHP Inc.
Product-jetadminn/a
CVE-2000-0159
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.69% / 70.83%
||
7 Day CHG~0.00%
Published-18 Apr, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1324
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.01% / 76.19%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for attackers to conduct brute force password guessing.

Action-Not Available
Vendor-n/aHP Inc.
Product-openvms_vaxn/a
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-1999-1062
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.23%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100.

Action-Not Available
Vendor-n/aHP Inc.
Product-jetdirectn/a
CVE-2022-22317
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.51%
||
7 Day CHG~0.00%
Published-20 Jun, 2022 | 16:25
Updated-16 Sep, 2024 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelhp-uxwindowscuram_social_program_managementz\/osaixCuram Social Program Management
CWE ID-CWE-613
Insufficient Session Expiration
CVE-1999-1163
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.35%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation.

Action-Not Available
Vendor-n/aHP Inc.
Product-9000n/a
CVE-1999-0057
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.86% / 85.71%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vacation program allows command execution by remote users through a sendmail command.

Action-Not Available
Vendor-eric_allmann/aIBM CorporationFreeBSD FoundationSun Microsystems (Oracle Corporation)HP Inc.
Product-hp-uxvacationaixsolarissunosvvosfreebsdn/a
CVE-2015-5419
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-7.93% / 91.67%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2879.

Action-Not Available
Vendor-n/aHP Inc.
Product-keyviewn/a
CVE-2009-2298
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.77% / 85.48%
||
7 Day CHG~0.00%
Published-02 Jul, 2009 | 10:00
Updated-16 Sep, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.53 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a CGI request to webappmon.exe. NOTE: this may overlap CVE-2009-1420.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2004-0709
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.17%
||
7 Day CHG~0.00%
Published-21 Jul, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_select_accessn/a
CVE-2007-5604
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-33.63% / 96.79%
||
7 Day CHG~0.00%
Published-04 Jun, 2008 | 20:00
Updated-07 Aug, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607.

Action-Not Available
Vendor-n/aHP Inc.
Product-instant_supportn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2001-1563
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.98% / 89.28%
||
7 Day CHG~0.00%
Published-14 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.

Action-Not Available
Vendor-n/aThe Apache Software FoundationHP Inc.
Product-secure_ostomcatn/a
CVE-2001-0978
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.29% / 78.83%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2009-0716
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.16% / 77.74%
||
7 Day CHG~0.00%
Published-21 Apr, 2009 | 15:00
Updated-07 Aug, 2024 | 04:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to cause a denial of service or obtain "access" via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-storageworks_storage_mirroringn/a
CVE-2009-0920
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-58.77% / 98.14%
||
7 Day CHG~0.00%
Published-25 Mar, 2009 | 01:00
Updated-07 Aug, 2024 | 04:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long OvOSLocale cookie, a variant of CVE-2008-0067.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2002-0763
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.65% / 69.78%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the server.

Action-Not Available
Vendor-n/aHP Inc.
Product-virtualvaultn/a
CVE-1999-0502
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-42.28% / 97.35%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Unix account has a default, null, blank, or missing password.

Action-Not Available
Vendor-n/aRed Hat, Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-solarislinuxsunoshp-uxn/a
CVE-2012-5203
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-67.45% / 98.50%
||
7 Day CHG~0.00%
Published-09 Mar, 2013 | 11:01
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1613.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerintelligent_management_center_for_automated_network_managern/a
CVE-2007-1945
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.67% / 70.42%
||
7 Day CHG~0.00%
Published-11 Apr, 2007 | 01:00
Updated-07 Aug, 2024 | 13:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aMicrosoft CorporationHP Inc.Sun Microsystems (Oracle Corporation)IBM CorporationLinux Kernel Organization, Inc
Product-solarislinux_kernelwindows_2000websphere_application_serverwindows_2003_serverwindows_xphp-uxaixi5osn/a
CVE-2019-6330
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.03% / 76.35%
||
7 Day CHG~0.00%
Published-09 Jan, 2020 | 18:37
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified in the software solution HP Access Control versions prior to 16.7. This vulnerability could potentially grant elevation of privilege.

Action-Not Available
Vendor-n/aHP Inc.
Product-access_controlHP Access Control
CVE-2019-6318
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.54% / 80.63%
||
7 Day CHG~0.00%
Published-11 Apr, 2019 | 14:45
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers have an insufficient solution bundle signature validation that potentially allows execution of arbitrary code.

Action-Not Available
Vendor-HPHP Inc.
Product-laserjet_enterprise_flow_mfp_m633color_laserjet_managed_flow_mfp_m880zm_firmwarecolor_laserjet_managed_mfp_e67550_firmwarepagewide_enterprise_color_mfp_586laserjet_enterprise_flow_mfp_m630pagewide_color_mfp_774_firmwarepagewide_managed_color_mfp_p77440_firmwarepagewide_managed_color_mfp_e77650_firmwarelaserjet_enterprise_color_flow_mfp_m575color_laserjet_managed_mfp_e77825_firmwarelaserjet_managed_flow_mfp_m527z_firmwarescanjet_enterprise_8500_fn1_document_capture_workstationpagewide_managed_color_mfp_p77940color_laserjet_enterprise_m552color_laserjet_managed_mfp_e77830_firmwarelaserjet_managed_flow_mfp_m830_firmwarelaserjet_enterprise_m4555_mfp_firmwarelaserjet_enterprise_color_flow_mfp_m575_firmwarelaserjet_managed_flow_mfp_e62575color_laserjet_enterprise_flow_mfp_m577laserjet_enterprise_700_m712_firmwarescanjet_enterprise_flow_n9120_fn2_document_scanner_firmwarelaserjet_managed_mfp_e72525_firmwarelaserjet_managed_mfp_e82560_firmwarelaserjet_enterprise_mfp_m631_firmwarelaserjet_enterprise_m607pagewide_managed_color_e75160laserjet_managed_500_color_mfp_m575_firmwarecolor_laserjet_managed_e55040dw_firmwarecolor_laserjet_enterprise_flow_mfp_m880zlaserjet_managed_mfp_m630_firmwarelaserjet_enterprise_flow_mfp_m525_firmwarepagewide_managed_color_flow_mfp_e77650_firmwarelaserjet_managed_e60075laserjet_enterprise_700_color_mfp_m775_firmwarecolor_laserjet_managed_mfp_e67560laserjet_enterprise_700_color_mfp_m775pagewide_managed_color_mfp_p77960color_laserjet_managed_mfp_e87650_firmwarelaserjet_managed_flow_mfp_e72535_firmwarelaserjet_enterprise_flow_mfp_m527z_firmwarelaserjet_enterprise_flow_mfp_m632color_laserjet_managed_flow_mfp_m577color_laserjet_managed_mfp_e87660color_laserjet_managed_mfp_e57540_firmwarelaserjet_enterprise_mfp_m630_firmwarelaserjet_managed_mfp_e82560laserjet_enterprise_500_color_m551laserjet_managed_500_mfp_m525_firmwarelaserjet_managed_e60065laserjet_enterprise_m604laserjet_enterprise_mfp_m725officejet_enterprise_color_x555color_laserjet_managed_flow_mfp_e77830color_laserjet_managed_mfp_m577pagewide_managed_color_flow_mfp_e77660zlaserjet_enterprise_flow_mfp_m632_firmwarecolor_laserjet_managed_m651laserjet_managed_flow_mfp_e52545ccolor_laserjet_managed_flow_mfp_e57540pagewide_managed_color_mfp_e58650dn_firmwarecolor_laserjet_managed_flow_mfp_m680laserjet_enterprise_500_mfp_m525fcolor_laserjet_managed_flow_mfp_e77822laserjet_enterprise_m609laserjet_managed_mfp_e72530laserjet_managed_e50045_firmwarelaserjet_managed_e60055laserjet_managed_mfp_e62555laserjet_enterprise_flow_mfp_m527zcolor_laserjet_managed_mfp_e77825pagewide_managed_color_p75250laserjet_managed_flow_mfp_m525_firmwarecolor_laserjet_managed_e65060_firmwarecolor_laserjet_enterprise_m653_firmwarepagewide_managed_color_mfp_e58650dnofficejet_enterprise_color_x555_firmwarecolor_laserjet_managed_flow_mfp_e57540_firmwarelaserjet_managed_m506_firmwarecolor_laserjet_enterprise_flow_mfp_m682_firmwarecolor_laserjet_managed_mfp_e67550officejet_managed_color_mfp_x585_firmwarecolor_laserjet_enterprise_flow_mfp_m880z_firmwarecolor_laserjet_managed_flow_mfp_e77830_firmwarepagewide_managed_color_flow_mfp_e77650pagewide_managed_color_mfp_p77950laserjet_enterprise_flow_mfp_m830_firmwarelaserjet_managed_flow_mfp_e72530color_laserjet_managed_flow_mfp_e87640_firmwareofficejet_enterprise_color_mfp_x585_firmwarepagewide_enterprise_color_mfp_780_firmwarepagewide_enterprise_color_flow_mfp_586z_firmwarelaserjet_managed_mfp_e72535_firmwarecolor_laserjet_enterprise_m652_firmwarepagewide_managed_color_p75250_firmwarecolor_laserjet_managed_m553officejet_managed_color_flow_mfp_x585_firmwarelaserjet_managed_mfp_e52545_firmwarecolor_laserjet_enterprise_m553_firmwarecolor_laserjet_enterprise_m651color_laserjet_managed_flow_mfp_e77825color_laserjet_enterprise_m750pagewide_managed_color_e55650_firmwarecolor_laserjet_cm4540_mfpcolor_laserjet_managed_flow_mfp_e67560_firmwarecolor_laserjet_managed_e65050color_laserjet_managed_e65060laserjet_managed_mfp_e72530_firmwarepagewide_enterprise_color_flow_mfp_780flaserjet_managed_flow_mfp_e72535laserjet_managed_mfp_e82550_firmwarecolor_laserjet_managed_flow_mfp_m680_firmwarecolor_laserjet_enterprise_flow_mfp_m681laserjet_enterprise_500_color_mfp_m575_firmwarelaserjet_enterprise_m608_firmwarelaserjet_managed_color_flow_mfp_m575color_laserjet_managed_flow_mfp_e87650_firmwarelaserjet_enterprise_m806_firmwarelaserjet_managed_e50045pagewide_enterprise_color_flow_mpf_785color_laserjet_enterprise_m750_firmwarepagewide_enterprise_color_flow_mpf_785_firmwarepagewide_enterprise_color_556laserjet_managed_flow_mfp_e82550color_laserjet_managed_flow_mfp_e87660laserjet_enterprise_600_m601_firmwarelaserjet_enterprise_m607_firmwarelaserjet_enterprise_mfp_m725_firmwareofficejet_managed_color_flow_mfp_x585color_laserjet_enterprise_m855laserjet_enterprise_600_m602laserjet_managed_flow_mfp_m527zlaserjet_enterprise_m605laserjet_enterprise_m606color_laserjet_enterprise_mfp_m680_firmwareofficejet_enterprise_color_mfp_x585laserjet_enterprise_m605_firmwarepagewide_color_755_firmwarepagewide_color_mfp_779pagewide_managed_color_mfp_p77950_firmwarecolor_laserjet_managed_mfp_m775color_laserjet_enterprise_m552_firmwarepagewide_enterprise_color_mfp_780color_laserjet_managed_flow_mfp_m577_firmwaredigital_sender_flow_8500_fn2_document_capture_workstation_firmwarecolor_laserjet_managed_flow_mfp_e77825_firmwarepagewide_managed_color_mfp_e77650color_laserjet_managed_mfp_e67560_firmwarelaserjet_managed_mfp_m630laserjet_managed_flow_mfp_e72525_firmwareofficejet_enterprise_color_flow_mfp_x585_firmwarecolor_laserjet_enterprise_mfp_m681_firmwarecolor_laserjet_managed_flow_mfp_e6750color_laserjet_managed_flow_mfp_e87660_firmwarelaserjet_managed_flow_mfp_e62565pagewide_managed_color_mfp_p77440color_laserjet_managed_mfp_e77822laserjet_enterprise_mfp_m527_firmwarepagewide_managed_color_flow_mfp_e58650zcolor_laserjet_enterprise_m653pagewide_managed_color_e75160_firmwarelaserjet_managed_500_color_mfp_m575laserjet_enterprise_mfp_m527laserjet_enterprise_flow_mfp_m830laserjet_managed_e60075_firmwarelaserjet_managed_m605color_laserjet_cm4540_mfp_firmwarelaserjet_managed_flow_mfp_m830laserjet_enterprise_mfp_m633pagewide_color_mfp_779_firmwarelaserjet_managed_flow_mfp_e72530_firmwarecolor_laserjet_managed_mfp_e87640color_laserjet_managed_e55040dwlaserjet_managed_flow_mfp_e82540color_laserjet_managed_flow_mfp_e87640laserjet_enterprise_mfp_m631laserjet_managed_mfp_e82540_firmwarepagewide_enterprise_color_flow_mfp_586zcolor_laserjet_enterprise_mfp_m682officejet_enterprise_color_flow_mfp_x585laserjet_managed_flow_mfp_m630_firmwarecolor_laserjet_managed_mfp_m680color_laserjet_managed_flow_mfp_e67560pagewide_color_755laserjet_enterprise_mfp_m633_firmwarelaserjet_managed_flow_mfp_e82540_firmwarecolor_laserjet_enterprise_flow_mfp_m680_firmwarecolor_laserjet_enterprise_flow_mfp_m680color_laserjet_enterprise_mfp_m577pagewide_enterprise_color_mfp_586_firmwarelaserjet_enterprise_500_color_m551_firmwarelaserjet_managed_mfp_e72525laserjet_managed_flow_mfp_e72525color_laserjet_enterprise_flow_mfp_m682laserjet_enterprise_m604_firmwarelaserjet_enterprise_flow_mfp_m525color_laserjet_managed_e65050_firmwarelaserjet_managed_flow_mfp_e52545c_firmwarelaserjet_managed_m605_firmwarelaserjet_enterprise_mfp_m630pagewide_enterprise_color_765color_laserjet_enterprise_mfp_m682_firmwarelaserjet_enterprise_600_m602_firmwarepagewide_enterprise_color_flow_mfp_780f_firmwarelaserjet_managed_m506officejet_managed_color_mfp_x585laserjet_managed_500_mfp_m525laserjet_enterprise_mfp_m632color_laserjet_managed_m553_firmwarelaserjet_managed_e60055_firmwarecolor_laserjet_enterprise_m651_firmwarelaserjet_managed_flow_mfp_e62555_firmwarelaserjet_managed_flow_mfp_e82560color_laserjet_managed_flow_mfp_e87650color_laserjet_managed_flow_mfp_m880zmcolor_laserjet_enterprise_mfp_m681pagewide_enterprise_color_765_firmwarelaserjet_enterprise_600_m603laserjet_managed_mfp_m725_firmwarelaserjet_managed_mfp_e62555_firmwarelaserjet_managed_flow_mfp_m630laserjet_enterprise_mfp_m632_firmwarepagewide_managed_color_flow_mfp_e58650z_firmwarelaserjet_enterprise_flow_mfp_m630_firmwarecolor_laserjet_enterprise_mfp_m577_firmwarelaserjet_enterprise_m806laserjet_enterprise_m609_firmwarepagewide_color_mfp_774pagewide_enterprise_color_556_firmwarelaserjet_managed_flow_mfp_e82550_firmwarelaserjet_managed_mfp_e72535color_laserjet_enterprise_cp5525_firmwaredigital_sender_flow_8500_fn2_document_capture_workstationcolor_laserjet_managed_mfp_e87640_firmwarelaserjet_enterprise_m4555_mfppagewide_managed_color_mfp_p77940_firmwarecolor_laserjet_managed_flow_mfp_e77822_firmwarelaserjet_enterprise_m506laserjet_enterprise_flow_mfp_m633_firmwarecolor_laserjet_managed_mfp_m577_firmwarelaserjet_enterprise_500_mfp_m525f_firmwarelaserjet_managed_e60065_firmwarecolor_laserjet_managed_mfp_m775_firmwarelaserjet_managed_flow_mfp_e62565_firmwarecolor_laserjet_enterprise_m855_firmwarepagewide_managed_color_e55650laserjet_enterprise_flow_mfp_m631_firmwarecolor_laserjet_managed_mfp_e77822_firmwarepagewide_managed_color_flow_mfp_e77660z_firmwarecolor_laserjet_managed_mfp_m680_firmwarelaserjet_managed_mfp_e52545laserjet_managed_flow_mfp_e62575_firmwarelaserjet_enterprise_m608color_laserjet_managed_mfp_e87660_firmwarelaserjet_managed_mfp_e82550laserjet_managed_mfp_e62565laserjet_managed_mfp_m527_firmwarelaserjet_managed_mfp_m527laserjet_managed_flow_mfp_e82560_firmwarecolor_laserjet_managed_m651_firmwarescanjet_enterprise_8500_fn1_document_capture_workstation_firmwarecolor_laserjet_managed_mfp_e77830laserjet_enterprise_600_m603_firmwarecolor_laserjet_enterprise_flow_mfp_m577_firmwarepagewide_managed_color_mfp_p77960_firmwarelaserjet_managed_flow_mfp_m525color_laserjet_enterprise_flow_mfp_m681_firmwarelaserjet_managed_flow_mfp_e62555laserjet_enterprise_700_m712laserjet_managed_mfp_e62565_firmwarecolor_laserjet_managed_flow_mfp_e6750_firmwarecolor_laserjet_enterprise_cp5525laserjet_managed_mfp_e82540color_laserjet_enterprise_m553laserjet_enterprise_600_m601laserjet_managed_color_flow_mfp_m575_firmwarescanjet_enterprise_flow_n9120_fn2_document_scannercolor_laserjet_managed_mfp_e57540laserjet_enterprise_500_color_mfp_m575color_laserjet_enterprise_m652color_laserjet_managed_mfp_e87650laserjet_enterprise_flow_mfp_m631color_laserjet_enterprise_mfp_m680laserjet_enterprise_m606_firmwarelaserjet_enterprise_m506_firmwarelaserjet_managed_mfp_m725HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-1999-1061
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.60% / 68.61%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging.

Action-Not Available
Vendor-n/aHP Inc.
Product-jetdirectn/a
CVE-2019-6327
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.82% / 73.35%
||
7 Day CHG~0.00%
Published-17 Jun, 2019 | 15:55
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an IPP Parser potentially vulnerable to Buffer Overflow.

Action-Not Available
Vendor-n/aHP Inc.
Product-laserjet_pro_mfp_m28-m31_w2g55a_firmwarelaserjet_pro_m280-m281_t6b82alaserjet_pro_m280-m281_t6b83a_firmwarelaserjet_pro_mfp_m28-m31_w2g55alaserjet_pro_m280-m281_t6b83alaserjet_pro_mfp_m28-m31_y5s54alaserjet_pro_mfp_m28-m31_w2g54alaserjet_pro_m280-m281_t6b80a_firmwarelaserjet_pro_mfp_m28-m31_y5s55alaserjet_pro_m280-m281_t6b81a_firmwarelaserjet_pro_mfp_m28-m31_y5s50alaserjet_pro_mfp_m28-m31_y5s55a_firmwarelaserjet_pro_m280-m281_t6b82a_firmwarelaserjet_pro_mfp_m28-m31_w2g54a_firmwarelaserjet_pro_m280-m281_t6b81alaserjet_pro_mfp_m28-m31_y5s54a_firmwarelaserjet_pro_mfp_m28-m31_y5s50a_firmwarelaserjet_pro_mfp_m28-m31_y5s53alaserjet_pro_m280-m281_t6b80alaserjet_pro_mfp_m28-m31_y5s53a_firmwareHP Color LaserJet Pro M280-M281 Multifunction Printer series; HP LaserJet Pro MFP M28-M31 Printer series
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found