Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2002-1473

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-18 Mar, 2003 | 05:00
Updated At-08 Aug, 2024 | 03:26
Rejected At-
Credits

Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:18 Mar, 2003 | 05:00
Updated At:08 Aug, 2024 | 03:26
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.iss.net/security_center/static/9992.php
vdb-entry
x_refsource_XF
http://archives.neohapsis.com/archives/hp/2002-q3/0064.html
vendor-advisory
x_refsource_HP
Hyperlink: http://www.iss.net/security_center/static/9992.php
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://archives.neohapsis.com/archives/hp/2002-q3/0064.html
Resource:
vendor-advisory
x_refsource_HP
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.iss.net/security_center/static/9992.php
vdb-entry
x_refsource_XF
x_transferred
http://archives.neohapsis.com/archives/hp/2002-q3/0064.html
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.iss.net/security_center/static/9992.php
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/hp/2002-q3/0064.html
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:22 Apr, 2003 | 04:00
Updated At:03 Apr, 2025 | 01:03

Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
HP Inc.
hp
>>hp-ux>>10.20
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.00
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.11
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/hp/2002-q3/0064.htmlcve@mitre.org
Patch
Vendor Advisory
http://www.iss.net/security_center/static/9992.phpcve@mitre.org
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/hp/2002-q3/0064.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.iss.net/security_center/static/9992.phpaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
Hyperlink: http://archives.neohapsis.com/archives/hp/2002-q3/0064.html
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.iss.net/security_center/static/9992.php
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://archives.neohapsis.com/archives/hp/2002-q3/0064.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.iss.net/security_center/static/9992.php
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

94Records found
CVE-2021-20515
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.33%
||
7 Day CHG~0.00%
Published-30 Apr, 2021 | 15:45
Updated-16 Sep, 2024 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local privileged user could overflow a buffer and execute arbitrary code on the system or cause a denial of service condition. IBM X-Force ID: 198366.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelhp-uxwindowsaixinformix_dynamic_serverInformix Dynamic Server
CWE ID-CWE-787
Out-of-bounds Write
CVE-2003-0458
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 24.85%
||
7 Day CHG~0.00%
Published-17 Jul, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-nonstop_seeview_server_gatewayn/a
CVE-2019-18619
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.70%
||
7 Day CHG~0.00%
Published-22 Jul, 2020 | 13:15
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to execute arbitrary code in the enclave (that can compromise confidentiality of enclave data) via APIs that accept invalid pointers.

Action-Not Available
Vendor-synapticsn/aHP Inc.Lenovo Group Limited
Product-thinkpad_t480_firmwarethinkpad_t470_\(20hx\)thinkpad_p50_firmwarethinkpad_x1_carbon_firmwareenvy_x360_-_15t-dr100_firmwarethinkpad_25thinkpad_e580_firmwarethinkpad_e490thinkpad_e590_firmwareenvy_17m-bw0xxx_firmwareenvy_13-aq0xxxenvy_17-bw0xxx_firmwarethinkpad_t490thinkpad_t470s_\(20jx\)_firmwarethinkpad_t570\(20jx\)_firmwarethinkpad_x280_firmwarethinkpad_p73_firmwarethinkpad_t590thinkpad_p53envy_15-dr0xxx_x360envy_15m-dr0xxx_x360_\(validity_fps\)thinkpad_p72_firmwarethinkpad_x1_tabletenvy_-_17t-ce000_firmwarethinkpad_p52thinkpad_l480thinkpad_p70thinkpad_x1_carbon_\(20hx\)thinkpad_x390_firmwarethinkpad_r490_firmwareenvy_x360_-_15t-dr100_\(validity_fps\)pavilion_x360_-_14t-cd000_firmwarethinkpad_t570_\(20hx\)_firmwarethinkpad_x270envy_15-dr1xxx_x360_\(validity_fps\)envy_x360_-_15t-dr100thankpad_a485_firmwarethinkpad_t460penvy_13-aq1xxxthinkpad_p1envy_-_17t-ce100thinkpad_l580_firmwareenvy_-_17t-bw000envy_15-dr0xxx_x360_\(validity_fps\)pavilion_x360_14t-dh000thinkpad_x1_tablet_firmwarespectre_x360_firmwarethinkpad_x280thinkpad_x390envy_17-ce0xxx_firmwarepavilion_14-cd2xxx_x360pavilion_x360_14t-dh000_firmwarethinkpad_yoga_370envy_-_13t-ah100_firmwareenvy_17m-bw0xxxthinkpad_s3_firmwareenvy_13-ah0xxx_firmwareenvy_x360_-_15t-cn000_firmwarethinkpad_p71_\(20hx\)_firmwarethinkpad_t470s_\(20hx\)thinkpad_t490_firmwarethinkpad_x390_yoga_firmwareenvy_x360_-_15t-dr000thinkpad_r590_firmwareenvy_15-cn1xxx_x360thinkpad_t580thinkpad_t590_firmwarethinkpad_x1_yoga_firmwarethinkpad_t570\(20jx\)thinkpad_x1_extremethinkpad_x1_yogathinkpad_e485_firmwareenvy_x360_-_15t-cn000envy_13-ah1xxx_firmwarepavilion_14-cd1xxx_x360thinkpad_x1_carbonthinkpad_p1_gen_2_firmwarethinkpad_t460p_firmwarethinkpad_p51s_\(20kx\)pavilion_15thinkpad_p52s_firmwarethinkpad_r490envy_15-dr1xxx_x360_firmwarethinkpad_p51s_\(20hx\)envy_15-cn0xxx_x360_firmwareenvy_-_13t-aq100envy_13-aq0xxx_firmwareenvy_13-ah0xxxthinkpad_a275_firmwarethinkpad_e585pavilion_14m-dh0xxx_x360pavilion_15_firmwarethinkpad_x1_carbon_\(20kx\)envy_17m-ce1xxx_firmwareenvy_17-ce1xxxthinkpad_e590thinkpad_x1_yoga_3rd_genthinkpad_x380_yoga_firmwareenvy_15m-dr1xxx_x360_\(validity_fps\)envy_-_17t-bw000_firmwarepavilion_14-cd1xxx_x360_firmwarethinkpad_e490sthinkpad_t470_\(20jx\)thinkpad_p1_firmwarethinkpad_p51s_\(20jx\)envy_x360_-_15t-dr100_\(validity_fps\)_firmwarethinkpad_x1_carbon_\(20kx\)_firmwarethinkpad_x1_yoga_4th_genpavilion_14-cd2xxx_x360_firmwarethinkpad_t570_\(20hx\)thinkpad_p52_firmwarepavilion_x360_-_14t-cd000thinkpad_t470s_\(20hx\)_firmwareenvy_15-dr1xxx_x360_\(validity_fps\)_firmwarethinkpad_t470_\(20hx\)_firmwarethinkpad_t580_firmwarethinkpad_a275thinkpad_e485thinkpad_x380_yogathinkpad_l480_firmwarethinkpad_yoga_s1_firmwarethinkpad_p53sthinkpad_t480sthankpad_a485envy_15m-dr0xxx_x360thinkpad_p71_\(20hx\)envy_x360_-_15t-dr000_\(validity_fps\)_firmwarethinkpad_x1_extreme_2nd_firmwarethinkpad_p51_firmwarevfs75xxthinkpad_t460spavilion_x360_-_15t-dq000_firmwarethinkpad_x390_yogaenvy_13-aq1xxx_firmwarethinkpad_t25_\(20k7\)_firmwarepavilion_x360_-_15t-dq000pavilion_14-dh0xxx_x360pavilion_x360_14t-cd100_firmwareenvy_-_13t-aq100_firmwarepavilion_14m-dh0xxx_x360_firmwarethinkpad_p43sthinkpad_x1_yoga_4th_gen_firmwarethinkpad_x1_extreme_firmwarethinkpad_x1_yoga_3rd_gen_firmwareenvy_15m-cn0xxx_x360_firmwarepavilion_14m-cd0xxx_x360thinkpad_p51s_\(20kx\)_firmwarethankpad_a475_firmwarethinkpad_t490s_firmwarethinkpad_p51s_\(20hx\)_firmwarepavilion_x360_-_15t-dq100pavilion_14m-cd0xxx_x360_firmwarethinkpad_25_firmwarepavilion_14-dh0xxx_x360_firmwarespectre_x360thinkpad_l580thinkpad_p50thinkpad_r590envy_15-dr0xxx_x360_firmwarethinkpad_e580envy_17-bw0xxxenvy_15m-dr1xxx_x360_firmwareenvy_17-ce0xxxenvy_13-ah1xxxpavilion_x360_-_15t-dq100_firmwareenvy_15-dr0xxx_x360_\(validity_fps\)_firmwarethinkpad_x1_tablet_\(20jx\)thinkpad_e490s_firmwareenvy_15m-dr0xxx_x360_firmwarethinkpad_x1_yoga_\(20jx\)thinkpad_p1_gen_2envy_15-dr1xxx_x360thinkpad_t470p_firmwarethinkpad_e480_firmwareenvy_15m-dr1xxx_x360envy_17m-ce1xxxthinkpad_e490_firmwarethinkpad_p70_firmwarethinkpad_s1_3rd_firmwarethinkpad_t460s_firmwareenvy_x360_-_15t-dr000_\(validity_fps\)thinkpad_x1_tablet_\(20jx\)_firmwareenvy_17m-ce0xxx_firmwarethinkpad_p53_firmwarepavilion_x360_14t-cd100thinkpad_x270_firmwareenvy_-_17t-ce100_firmwarethankpad_a475thinkpad_t25_\(20k7\)envy_15m-cn0xxx_x360envy_x360_-_15t-dr000_firmwarevfs75xx_firmwareenvy_15-cn1xxx_x360_firmwarethinkpad_s1_3rdenvy_17-ce1xxx_firmwarethinkpad_e480thinkpad_t480s_firmwarethinkpad_p51thinkpad_yoga_260thinkpad_s3envy_15-cn0xxx_x360thinkpad_t470_\(20jx\)_firmwarethinkpad_e585_firmwarethinkpad_t490sthinkpad_p73thinkpad_p72envy_17m-ce0xxxthinkpad_t470pthinkpad_x1_yoga_\(20jx\)_firmwarethinkpad_yoga_260_firmwarethinkpad_yoga_s1envy_15m-dr0xxx_x360_\(validity_fps\)_firmwarethinkpad_t470s_\(20jx\)thinkpad_yoga_370_firmwareenvy_15m-dr1xxx_x360_\(validity_fps\)_firmwarethinkpad_p53s_firmwareenvy_-_17t-ce000thinkpad_p51s_\(20jx\)_firmwarethinkpad_t480envy_-_13t-ah100thinkpad_x1_extreme_2ndthinkpad_p52sthinkpad_p43s_firmwarethinkpad_x1_carbon_\(20hx\)_firmwaren/a
CWE ID-CWE-763
Release of Invalid Pointer or Reference
CVE-2002-1796
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.14%
||
7 Day CHG~0.00%
Published-28 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.

Action-Not Available
Vendor-n/aHP Inc.
Product-chaivm_ezloaderlaserjet_8150laserjet_4550laserjet_4100laserjet_4500n/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2002-1608
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.88% / 75.10%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2002-1606
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.38% / 58.89%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2020-6931
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.71%
||
7 Day CHG~0.00%
Published-03 Nov, 2021 | 19:07
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Print and Scan Doctor may potentially be vulnerable to local elevation of privilege.

Action-Not Available
Vendor-n/aHP Inc.
Product-print_and_scan_doctorHP Print and Scan Doctor
CVE-2019-16286
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.24% / 47.20%
||
7 Day CHG~0.00%
Published-22 Nov, 2019 | 21:49
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.

Action-Not Available
Vendor-HPHP Inc.
Product-thinpro_linuxThinPro Linux
CWE ID-CWE-287
Improper Authentication
CVE-2020-7135
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.15%
||
7 Day CHG~0.00%
Published-27 Apr, 2020 | 14:16
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified in the disk drive firmware installers named Supplemental Update / Online ROM Flash Component on HPE servers running Linux. The vulnerable software is included in the HPE Service Pack for ProLiant (SPP) releases 2018.06.0, 2018.09.0, and 2018.11.0. The vulnerable software is the Supplemental Update / Online ROM Flash Component for Linux (x64) software. The installer in this software component could be locally exploited to execute arbitrary code. Drive Models can be found in the Vulnerability Resolution field of the security bulletin. The 2019_03 SPP and Supplemental update / Online ROM Flash Component for Linux (x64) after 2019.03.0 has fixed this issue.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-service_pack_for_proliantHPE Server SATA Hard DrivesHPE Server SAS Hard DrivesHPE Server Enterprise Hard DrivesHPE Server Solid State DrivesHPE SATA Read Intensive Solid State DrivesHPE Service Pack for ProLiantHPE Business Critical Hard DrivesHPE NVMe Mixed Use Solid State Drives
CVE-2002-0279
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.13% / 32.58%
||
7 Day CHG~0.00%
Published-03 May, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2000-0414
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 28.33%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxvvosn/a
CVE-2000-0468
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-1.15% / 78.30%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2000-0616
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 26.93%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain additional privileges via DBUTIL.PUB.SYS.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpe_ixn/a
CVE-1999-1248
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 24.85%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1249
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 21.39%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0436
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 28.33%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxdesmsn/a
CVE-1999-0129
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.14% / 33.53%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

Action-Not Available
Vendor-bsdieric_allmanscon/aIBM CorporationFreeBSD FoundationSun Microsystems (Oracle Corporation)HP Inc.
Product-sendmailbsd_osinternet_faststarthp-uxaixopenserversolarissunosfreebsdn/a
CVE-1999-0688
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.12% / 31.49%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0423
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 28.33%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0551
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.12% / 30.40%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests.

Action-Not Available
Vendor-n/aHP Inc.
Product-openmailn/a
CVE-2020-28416
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.48%
||
7 Day CHG~0.00%
Published-03 Nov, 2021 | 19:02
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-officejet_pro_6830_m0f56aofficejet_pro_8732m_t0g56aofficejet_6960_t0g26a_firmwareofficejet_pro_8732m_t0g59aofficejet_pro_6960_t0g25aofficejet_pro_8747_k7s41a_firmwareofficejet_6960_t0g25a_firmwareofficejet_pro_8732m_t0g59a_firmwareofficejet_pro_8732m_t0g56a_firmwareofficejet_pro_6960_j7k33aofficejet_pro_8745_k7s43aofficejet_6835_t6t84aofficejet_4650_f1h96aofficejet_5740_b9s78apagewide_377dw_j9v80bofficejet_pro_8712_t0g46aofficejet_252c_n4l18cofficejet_pro_6830_e3e02aofficejet_4654_k9v76aofficejet_pro_8717_k7s38aofficejet_pro_8728_t0g54a_firmwarepagewide_pro_477dn_d3q19aofficejet_pro_8715_j6x76aofficejet_pro_8716_j6x81aofficejet_4650_f9d37a_firmwareofficejet_4651_k9v83b_firmwareofficejet_6960_t0f30aofficejet_6950_p4c85apagewide_managed_p52750dw_j9v78b_firmwarepagewide_managed_p57750dw_j9v82b_firmwareofficejet_pro_6970_t0f35aofficejet_pro_8743_t0g65aofficejet_7512_k1z44a_firmwareofficejet_6960_j7k33aofficejet_pro_8732m_t0g58a_firmwarepagewide_377dw_j9v80b_firmwarepagewide_pro_477dw_d3q20dofficejet_pro_8715_j6x78a_firmwareofficejet_pro_8728_t0g54aofficejet_pro_6960_t0f30aofficejet_6950_p4c84aofficejet_6950_p4c85a_firmwarepagewide_managed_p57750dw_9v82aofficejet_4650_f1h96a_firmwareofficejet_pro_6960_t0g26a_firmwareofficejet_pro_6970_t0f35a_firmwareofficejet_4655_f1j00a_firmwareofficejet_pro_6835_j2d37a_firmwarepagewide_managed_p57750dw_j9v82bpagewide_pro_477dn_d3q19d_firmwareofficejet_6960_j7k39aofficejet_pro_6970_t0f34a_firmwareofficejet_pro_6970_j7k42aofficejet_pro_8720_m9l75a_firmwareofficejet_pro_8720_d9l19aofficejet_pro_8727_j7a29aofficejet_pro_8718_t0g47a_firmwareofficejet_pro_6970_j7k34apagewide_managed_p57750dw_j9v82cofficejet_6960_j7k37a_firmwareofficejet_4655_f1j00aofficejet_5746_f8b09aofficejet_pro_8725_j7a28a_firmwareofficejet_6950_t3p03aofficejet_4655_k9v82bpagewide_managed_p57750dw_j9v82c_firmwareofficejet_5744_b9s85a_firmwareofficejet_6960_j7k38aofficejet_pro_8715_k7s37a_firmwareofficejet_pro_6960_j7k39aofficejet_258_n4l17aofficejet_pro_6970_t0f37apagewide_pro_477dn_d3q19dofficejet_4658_v6d28b_firmwareofficejet_pro_8712_t0g46a_firmwareofficejet_pro_8718_t0g48a_firmwarepagewide_377dw_j9v80a_firmwareofficejet_4651_k9v83bofficejet_pro_8740_d9l21aofficejet_pro_8732m_t0g57apagewide_managed_p57750dw_9v82a_firmwarepagewide_pro_477dn_d3q19bofficejet_pro_6960_j7k33a_firmwareofficejet_pro_6960_t0g26aofficejet_4656_k9v81bofficejet_pro_8732m_t0g57a_firmwareofficejet_252c_n4l18c_firmwarepagewide_pro_477dw_d3q20apagewide_managed_p57750dw_j9v82d_firmwareofficejet_6960_t0f28aofficejet_4656_k9v81b_firmwareofficejet_6960_t0f30a_firmwareofficejet_5744_b9s82a_firmwareofficejet_250c_l9d57a_firmwareofficejet_pro_6960_t0f31a_firmwareofficejet_pro_6960_j7k38a_firmwarepagewide_pro_577dw_d3q21cofficejet_6950_p4c81aofficejet_4650_k9v77a_firmwareofficejet_250c_l9d57apagewide_377dw_j9v80aofficejet_pro_6970_t0f39a_firmwareofficejet_7510_g3j47a_firmwareofficejet_5742_f8b11aofficejet_5744_b9s82aofficejet_4650_k9v85b_firmwareofficejet_pro_8710_j6x79a_firmwarepagewide_pro_477dw_w2z53bpagewide_pro_577dw_d3q21a_firmwareofficejet_pro_6830c_l3l04a_firmwareofficejet_pro_7740_g5j38aofficejet_pro_8725_m9l80a_firmwareofficejet_6950_p4c82aofficejet_pro_6960_t0g25a_firmwarepagewide_pro_577dw_d3q21b_firmwareofficejet_4652_f1j02a_firmwareofficejet_pro_6960_t0f31aofficejet_pro_6970_j7k34a_firmwareofficejet_6835_t6t84a_firmwareofficejet_5740_b9s76a_firmwareofficejet_6960_t0f31a_firmwareofficejet_pro_6960_t0f32aofficejet_4658_v6d30bofficejet_pro_8745_j6x83aofficejet_pro_8740_k7s42aofficejet_pro_8725_k7s34aofficejet_pro_8720_k7s36aofficejet_pro_8744_k7s39aofficejet_pro_6960_t0f38a_firmwareofficejet_pro_8710_m9l67aofficejet_250_cz992aofficejet_6960_j7k38a_firmwareofficejet_pro_8740_d9l21a_firmwareofficejet_6960_t0f28a_firmwareofficejet_pro_8746_k7s40aofficejet_4658_v6d30b_firmwareofficejet_pro_6970_j7k41a_firmwareofficejet_6960_j7k39a_firmwareofficejet_6950_p4c84a_firmwareofficejet_pro_6960_j7k35a_firmwareofficejet_pro_6970_t0f33a_firmwareofficejet_pro_8747_k7s41apagewide_pro_477dn_d3q19a_firmwareofficejet_5742_b9s81a_firmwareofficejet_4654_f1j06bpagewide_pro_477dw_d3q20bofficejet_6960_t0g26aofficejet_4650_k9v85bofficejet_pro_8725_m9l80aofficejet_pro_8740_k7s42a_firmwarepagewide_pro_477dn_d3q19b_firmwareofficejet_4650_f9d37aofficejet_252_n4l16cofficejet_pro_7745_t1p99aofficejet_4654_f1j07bofficejet_pro_8715_m9l70aofficejet_pro_8744_k7s39a_firmwareofficejet_pro_8710_d9l18aofficejet_pro_8720_k7s35aofficejet_5741_b9s83aofficejet_pro_8727_j7a29a_firmwareofficejet_pro_6960_j7k37aofficejet_pro_8710_j6x79aofficejet_pro_7740_g5j38a_firmwareofficejet_6960_t0f32aofficejet_pro_8725_k7s34a_firmwareofficejet_5740_b9s76aofficejet_pro_6970_t0f40aofficejet_pro_6960_j7k38aofficejet_pro_8720_k7s35a_firmwarepagewide_pro_477dw_w2z53b_firmwareofficejet_4652_f1j05bofficejet_pro_8716_j6x81a_firmwareofficejet_pro_6970_t0f34aofficejet_pro_8718_t0g48aofficejet_5745_b9s80aofficejet_4657_v6d29bofficejet_6950_p4c78a_firmwareofficejet_5746_t1p36aofficejet_pro_6970_j7k42a_firmwareofficejet_6950_p4c86aofficejet_pro_8720_m9l74a_firmwareofficejet_pro_8720_m9l76a_firmwareofficejet_6950_p4c82a_firmwarepagewide_pro_577dw_d3q21bofficejet_6950_p4c78aofficejet_4657_v6d27bofficejet_6950_p4c86a_firmwareofficejet_5740_b9s79aofficejet_4657_v6d29b_firmwareofficejet_5742_b9s84a_firmwareofficejet_pro_8717_k7s38a_firmwareofficejet_5742_f8b11a_firmwareofficejet_pro_8719_t0g49a_firmwareofficejet_pro_6970_t0f39aofficejet_4654_k9v76a_firmwareofficejet_pro_6970_t0f29a_firmwareofficejet_pro_6960_t0f36a_firmwareofficejet_pro_7745_t1p99a_firmwarepagewide_pro_577dw_d3q21d_firmwareofficejet_pro_6970_j7k41aofficejet_6960_t0f38aofficejet_pro_6970_t0f33aofficejet_pro_8745_j6x83a_firmwarepagewide_pro_477dw_d3q20c_firmwarepagewide_pro_477dw_d3q20d_firmwareofficejet_4650_k9v77aofficejet_pro_8715_j6x80aofficejet_pro_6970_j7k36aofficejet_4657_v6d27b_firmwareofficejet_pro_8743_t0g65a_firmwareofficejet_pro_8720_k7s36a_firmwareofficejet_4650_f1j03aofficejet_pro_6960_t0f38aofficejet_6960_j7k33a_firmwareofficejet_pro_8715_j6x76a_firmwareofficejet_4652_k9v84b_firmwareofficejet_5742_b9s84aofficejet_pro_8720_m9l75apagewide_pro_577dw_d3q21aofficejet_pro_8720_d9l19a_firmwareofficejet_7510_g3j47aofficejet_pro_8716_j6x77aofficejet_6960_j7k37aofficejet_252_n4l16c_firmwareofficejet_pro_6960_t0f30a_firmwareofficejet_pro_6960_j7k39a_firmwareofficejet_4654_f1j06b_firmwareofficejet_pro_6960_t0f28aofficejet_pro_8725_j7a31aofficejet_4655_k9v82b_firmwarepagewide_pro_477dw_d3q20b_firmwareofficejet_pro_6970_t0f37a_firmwareofficejet_pro_8720_m9l76aofficejet_pro_6970_j7k36a_firmwareofficejet_pro_6960_t0f28a_firmwareofficejet_pro_8745_k7s43a_firmwareofficejet_pro_8710_m9l67a_firmwareofficejet_pro_8719_t0g49aofficejet_4658_v6d28bofficejet_6960_t0g25aofficejet_5746_f8b09a_firmwareofficejet_4650_e6g87a_firmwareofficejet_6960_j7k35aofficejet_5745_b9s80a_firmwareofficejet_258_n4l17a_firmwareofficejet_5743_f8b10a_firmwareofficejet_pro_8715_m9l70a_firmwareofficejet_4652_k9v84bofficejet_pro_6960_t0f36aofficejet_6960_t0f31aofficejet_pro_8710_m9l66a_firmwareofficejet_pro_8746_k7s40a_firmwareofficejet_pro_8715_k7s37apagewide_managed_p57750dw_j9v82dofficejet_5742_b9s81aofficejet_4650_f1h96b_firmwareofficejet_5744_b9s85aofficejet_pro_8717_m9l65aofficejet_250_cz992a_firmwareofficejet_pro_8718_t0g47apagewide_pro_477dw_d3q20a_firmwareofficejet_pro_6830_e3e02a_firmwareofficejet_4652_f1j02aofficejet_pro_6830c_l3l04aofficejet_6960_j7k35a_firmwareofficejet_pro_6960_j7k37a_firmwareofficejet_5740_b9s79a_firmwareofficejet_pro_8717_m9l65a_firmwareofficejet_6960_t0f38a_firmwareofficejet_6960_t0f32a_firmwareofficejet_6950_t3p03a_firmwareofficejet_pro_8710_d9l18a_firmwareofficejet_6960_t0f36a_firmwareofficejet_pro_6830_m0f56a_firmwareofficejet_pro_6970_t0f29aofficejet_5746_t1p36a_firmwareofficejet_pro_6970_j7k40a_firmwareofficejet_6950_p4c81a_firmwareofficejet_4650_f1j04aofficejet_pro_8725_j7a31a_firmwareofficejet_pro_873_d9l20a_firmwareofficejet_pro_6960_j7k35aofficejet_4650_f1h96bofficejet_5743_f8b10aofficejet_4652_f1j05b_firmwarepagewide_pro_577dw_d3q21c_firmwareofficejet_4654_f1j07b_firmwareofficejet_pro_8715_j6x78aofficejet_4650_e6g87aofficejet_4650_f1j04a_firmwareofficejet_pro_8716_j6x77a_firmwareofficejet_pro_8732m_t0g58aofficejet_7512_k1z44aofficejet_5741_b9s83a_firmwareofficejet_pro_6960_t0f32a_firmwareofficejet_pro_6970_j7k40aofficejet_pro_8710_m9l66aofficejet_4650_f1j03a_firmwareofficejet_5740_b9s78a_firmwareofficejet_pro_8715_j6x80a_firmwareofficejet_pro_8725_j7a28apagewide_managed_p52750dw_j9v78bpagewide_pro_477dw_d3q20cofficejet_pro_873_d9l20aofficejet_pro_8720_m9l74aofficejet_6960_t0f36apagewide_pro_577dw_d3q21dofficejet_pro_6970_t0f40a_firmwareofficejet_pro_6835_j2d37aHP OfficeJet Printer; HP PageWide Printer
CVE-2008-0708
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.20%
||
7 Day CHG~0.00%
Published-06 Apr, 2008 | 23:00
Updated-07 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP USB 2.0 Floppy Drive Key product options (1) 442084-B21 and (2) 442085-B21 for certain HP ProLiant servers contain the (a) W32.Fakerecy and (b) W32.SillyFDC worms, which might be launched if the server does not have up-to-date detection.

Action-Not Available
Vendor-n/aHP Inc.
Product-442084-b21442085-b21proliantn/a
CVE-2001-0311
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-48.85% / 97.71%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.

Action-Not Available
Vendor-n/aHP Inc.
Product-omniback_iihp-uxn/a
CVE-2001-0278
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 24.85%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpe_ixn/a
CVE-2010-1970
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.94%
||
7 Day CHG~0.00%
Published-14 Jul, 2010 | 18:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users to read or modify data, and consequently gain privileges, via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-windowsinsight_software_installern/a
CVE-2000-1031
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.60% / 69.11%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-1999-1311
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 30.15%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows local users to bypass authentication and gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1308
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 29.61%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1242
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.24% / 46.18%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2015-5442
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 24.79%
||
7 Day CHG~0.00%
Published-29 Sep, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-software_updaten/a
CVE-2016-4397
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.23% / 45.55%
||
7 Day CHG~0.00%
Published-06 Aug, 2018 | 20:00
Updated-06 Aug, 2024 | 00:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A local code execution security vulnerability was identified in HP Network Node Manager i (NNMi) v10.00, v10.10 and v10.20 Software.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-network_node_manager_iHP Network Node Manager (NNMi)
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2015-3317
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.06% / 18.19%
||
7 Day CHG~0.00%
Published-17 Jun, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aCA Technologies (Broadcom Inc.)Linux Kernel Organization, IncIBM CorporationOracle CorporationHP Inc.
Product-universal_job_management_agentnsm_job_management_optionsolarislinux_kernelclient_automationhp-uxnetwork_and_systems_managementvirtual_assurance_for_infrastructure_managersworkload_automation_aeaixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3318
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.06% / 18.19%
||
7 Day CHG~0.00%
Published-17 Jun, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aCA Technologies (Broadcom Inc.)Linux Kernel Organization, IncIBM CorporationOracle CorporationHP Inc.
Product-universal_job_management_agentnsm_job_management_optionsolarislinux_kernelclient_automationhp-uxnetwork_and_systems_managementvirtual_assurance_for_infrastructure_managersworkload_automation_aeaixn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-3316
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 21.00%
||
7 Day CHG~0.00%
Published-17 Jun, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.

Action-Not Available
Vendor-n/aCA Technologies (Broadcom Inc.)Linux Kernel Organization, IncBroadcom Inc.IBM CorporationOracle CorporationHP Inc.
Product-universal_job_management_agentnsm_job_management_optionsolarislinux_kernelclient_automationhp-uxnetwork_and_systems_managementvirtual_assurance_for_infrastructure_managersworkload_automation_aeaixn/a
CVE-2015-0949
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-0.08% / 22.93%
||
7 Day CHG~0.00%
Published-30 Jan, 2020 | 20:45
Updated-06 Aug, 2024 | 04:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Boot protection mechanism and gain privileges by leveraging write access to physical memory.

Action-Not Available
Vendor-HPDell Inc.HP Inc.
Product-latitude_e6430elitebook_850_g1latitude_e6430_firmwareelitebook_850_g1_firmwareLatitude E6430EliteBook 850 G1
CWE ID-CWE-269
Improper Privilege Management
CVE-2014-7301
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.12% / 31.84%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 17:23
Updated-06 Aug, 2024 | 12:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading /etc/odapw.

Action-Not Available
Vendor-n/aHP Inc.
Product-sgi_tempon/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2013-2339
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 24.79%
||
7 Day CHG~0.00%
Published-29 Jun, 2013 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-t610_plus_flexible_thin_clientt5565z_smart_clientt510_flexible_thin_clientt410_all-in-one_smart_zero_clientsmart_zero_coret610_flexible_thin_clientt410_smart_zero_clientn/a
CVE-2014-2631
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.36% / 57.51%
||
7 Day CHG~0.00%
Published-12 Aug, 2014 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Application Lifecycle Management (aka Quality Center) 11.5x and 12.0x allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2138.

Action-Not Available
Vendor-n/aHP Inc.
Product-application_lifecycle_managementn/a
CVE-2015-5426
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 28.54%
||
7 Day CHG~0.00%
Published-16 Sep, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP LoadRunner Controller before 12.50 allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2756.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnern/a
CVE-2022-23699
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.97%
||
7 Day CHG~0.00%
Published-04 Apr, 2022 | 19:45
Updated-03 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.

Action-Not Available
Vendor-n/aHP Inc.
Product-oneviewHPE OneView
CVE-2019-18910
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.02% / 77.06%
||
7 Day CHG~0.00%
Published-22 Nov, 2019 | 21:23
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.

Action-Not Available
Vendor-HPHP Inc.
Product-thinproThinPro Linux
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2002-1607
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.88% / 75.10%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2020-15596
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.46%
||
7 Day CHG~0.00%
Published-12 Aug, 2020 | 21:35
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.

Action-Not Available
Vendor-n/aHP Inc.
Product-elitebook_x360_1030_g2elite_x2_1012_g2elite_x2_1012_g1_firmwarepro_x2_612_g2elitebook_1030_g1elitebook_revolve_810_g3pro_x2_612_g2_firmwarezbook_x2_g4elitebook_x360_1020_g2_firmwareelite_x2_1012_g1elitebook_folio_1040_g3_firmwareelitebook_x360_1020_g2elitebook_1040_g4_firmwareelitebook_folio_g1_firmwareelitebook_x360_1030_g2_firmwareelitebook_revolve_810_g3_firmwarezbook_x2_g4_firmwarezbook_studio_g3zbook_studio_g3_firmwareelitebook_revolve_810_g2elitebook_1030_g1_firmwareelitebook_revolve_810_g2_firmwarezbook_studio_g4_firmwareelitebook_folio_g1zbook_studio_g4elitebook_folio_1040_g3elite_x2_1012_g2_firmwareelitebook_1040_g4n/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2018-7118
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.89%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 18:28
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A local access restriction bypass vulnerability was identified in HPE Service Pack for ProLiant (SPP) Bundled Software earlier than version 2018.09.0.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_pack_for_proliantHPE Service Pack for Proliant (HPE SPP)
  • Previous
  • 1
  • 2
  • Next
Details not found