Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2002-1604

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-25 Mar, 2005 | 05:00
Updated At-08 Aug, 2024 | 03:34
Rejected At-
Credits

Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:25 Mar, 2005 | 05:00
Updated At:08 Aug, 2024 | 03:34
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.kb.cert.org/vuls/id/584243
third-party-advisory
x_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/567963
third-party-advisory
x_refsource_CERT-VN
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
vendor-advisory
x_refsource_HP
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_FULLDISC
http://www.kb.cert.org/vuls/id/846307
third-party-advisory
x_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/437899
third-party-advisory
x_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/531355
third-party-advisory
x_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/158499
third-party-advisory
x_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/448987
third-party-advisory
x_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/416427
third-party-advisory
x_refsource_CERT-VN
http://www.securityfocus.com/bid/5647
vdb-entry
x_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
vdb-entry
x_refsource_XF
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/290115
mailing-list
x_refsource_BUGTRAQ
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_nlspath.txt
x_refsource_MISC
http://www.kb.cert.org/vuls/id/592515
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.kb.cert.org/vuls/id/584243
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.kb.cert.org/vuls/id/567963
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://www.kb.cert.org/vuls/id/846307
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.kb.cert.org/vuls/id/437899
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.kb.cert.org/vuls/id/531355
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.kb.cert.org/vuls/id/158499
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.kb.cert.org/vuls/id/448987
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.kb.cert.org/vuls/id/416427
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.securityfocus.com/bid/5647
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/archive/1/290115
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_nlspath.txt
Resource:
x_refsource_MISC
Hyperlink: http://www.kb.cert.org/vuls/id/592515
Resource:
third-party-advisory
x_refsource_CERT-VN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.kb.cert.org/vuls/id/584243
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.kb.cert.org/vuls/id/567963
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
vendor-advisory
x_refsource_HP
x_transferred
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_FULLDISC
x_transferred
http://www.kb.cert.org/vuls/id/846307
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.kb.cert.org/vuls/id/437899
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.kb.cert.org/vuls/id/531355
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.kb.cert.org/vuls/id/158499
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.kb.cert.org/vuls/id/448987
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.kb.cert.org/vuls/id/416427
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.securityfocus.com/bid/5647
vdb-entry
x_refsource_BID
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
vdb-entry
x_refsource_XF
x_transferred
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/archive/1/290115
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_nlspath.txt
x_refsource_MISC
x_transferred
http://www.kb.cert.org/vuls/id/592515
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/584243
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/567963
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/846307
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/437899
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/531355
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/158499
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/448987
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/416427
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/5647
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/290115
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_nlspath.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/592515
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:02 Sep, 2002 | 04:00
Updated At:03 Apr, 2025 | 01:03

Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
HP Inc.
hp
>>hp-ux>>10.20
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.00
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.04
cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.11
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.22
cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>4.0f
cpe:2.3:o:hp:tru64:4.0f:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>4.0g
cpe:2.3:o:hp:tru64:4.0g:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.0a
cpe:2.3:o:hp:tru64:5.0a:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.1
cpe:2.3:o:hp:tru64:5.1:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.1a
cpe:2.3:o:hp:tru64:5.1a:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlcve@mitre.org
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlcve@mitre.org
N/A
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11cve@mitre.org
N/A
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_nlspath.txtcve@mitre.org
Exploit
http://www.kb.cert.org/vuls/id/158499cve@mitre.org
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/416427cve@mitre.org
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/437899cve@mitre.org
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/448987cve@mitre.org
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/531355cve@mitre.org
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/567963cve@mitre.org
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/584243cve@mitre.org
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/592515cve@mitre.org
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/846307cve@mitre.org
Third Party Advisory
US Government Resource
http://www.securityfocus.com/archive/1/290115cve@mitre.org
N/A
http://www.securityfocus.com/bid/5647cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/10016cve@mitre.org
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_nlspath.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.kb.cert.org/vuls/id/158499af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/416427af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/437899af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/448987af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/531355af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/567963af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/584243af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/592515af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/846307af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.securityfocus.com/archive/1/290115af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/5647af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/10016af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_nlspath.txt
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.kb.cert.org/vuls/id/158499
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/416427
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/437899
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/448987
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/531355
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/567963
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/584243
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/592515
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/846307
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.securityfocus.com/archive/1/290115
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/5647
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_nlspath.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.kb.cert.org/vuls/id/158499
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/416427
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/437899
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/448987
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/531355
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/567963
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/584243
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/592515
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/846307
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.securityfocus.com/archive/1/290115
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/5647
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

205Records found
CVE-2016-8511
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-20.47% / 95.34%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-network_automationNetwork Automation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2016-8512
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-8.01% / 91.76%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-performance_centerloadrunnerLoadRunner and Performance Center
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2005-1771
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.76% / 72.31%
||
7 Day CHG~0.00%
Published-31 May, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in HP-UX trusted systems B.11.00 through B.11.23 allows remote attackers to gain unauthorized access, possibly involving remshd and/or telnet -t.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2005-1825
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-21.09% / 95.44%
||
7 Day CHG~0.00%
Published-02 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameters to a RADEXECD process.

Action-Not Available
Vendor-n/aHP Inc.
Product-radia_clientn/a
CVE-2004-1332
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-11.89% / 93.49%
||
7 Day CHG~0.00%
Published-06 Jan, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxhp-ux_series_700hp-ux_series_800vvossisn/a
CVE-2004-1082
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.08% / 89.39%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

Action-Not Available
Vendor-scon/aThe Apache Software FoundationAvaya LLCIBM CorporationOpenBSDApple Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-communication_managermn100openbsdopenserversolarisapache_mod_digest_applehttp_serversunosnetwork_routingwebproxyintuity_audix_lxvirtualvaultmodular_messaging_message_storage_servern/a
CVE-2004-1480
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.39%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the management station in HP StorageWorks Command View XP 1.8B and earlier allows remote attackers to bypass access restrictions.

Action-Not Available
Vendor-n/aHP Inc.
Product-storageworks_command_viewn/a
CVE-2016-2177
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-47.95% / 97.64%
||
7 Day CHG~0.00%
Published-20 Jun, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.

Action-Not Available
Vendor-n/aOpenSSLOracle CorporationHP Inc.
Product-solarisicewall_sso_agent_optionopenssllinuxicewall_mcrpicewall_sson/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2003-0064
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.87% / 74.30%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Action-Not Available
Vendor-n/aIBM CorporationSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-hp-uxaixsolarisirixsunosn/a
CVE-2003-0951
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.04%
||
7 Day CHG~0.00%
Published-18 Nov, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2004-0951
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.25% / 83.92%
||
7 Day CHG~0.00%
Published-19 Aug, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information.

Action-Not Available
Vendor-n/aHP Inc.
Product-ignite-uxn/a
CVE-2004-0826
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.00% / 86.04%
||
7 Day CHG~0.00%
Published-02 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)HP Inc.Mozilla CorporationNetscape (Yahoo Inc.)
Product-hp-uxone_application_servercertificate_servernetwork_security_servicesjava_enterprise_systemone_web_serverdirectory_serverjava_system_application_serverpersonalization_engineenterprise_servern/a
CVE-2002-1317
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-42.48% / 97.37%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

Action-Not Available
Vendor-xfree86_projectn/aSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-hp-uxsolarisirixsunosx11r6n/a
CVE-2002-0677
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-19.03% / 95.09%
||
7 Day CHG~0.00%
Published-12 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

Action-Not Available
Vendor-xi_graphicscompaqn/aThe MITRE Corporation (Caldera)HP Inc.IBM CorporationSun Microsystems (Oracle Corporation)Silicon Graphics, Inc.
Product-tru64dextophp-uxaixsolarisirixunixwaresunosopenunixn/a
CVE-2002-0076
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.07% / 76.91%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.

Action-Not Available
Vendor-n/aMicrosoft CorporationSun Microsystems (Oracle Corporation)HP Inc.
Product-jdkjresdkjava_jre-jdkvirtual_machinen/a
CVE-2001-1563
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.98% / 89.28%
||
7 Day CHG~0.00%
Published-14 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.

Action-Not Available
Vendor-n/aThe Apache Software FoundationHP Inc.
Product-secure_ostomcatn/a
CVE-2001-1039
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.60% / 68.52%
||
7 Day CHG~0.00%
Published-02 Feb, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.

Action-Not Available
Vendor-n/aHP Inc.
Product-jetadminn/a
CVE-2004-0709
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.19%
||
7 Day CHG~0.00%
Published-21 Jul, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_select_accessn/a
CVE-2001-0668
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.76% / 81.85%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1062
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.23%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100.

Action-Not Available
Vendor-n/aHP Inc.
Product-jetdirectn/a
CVE-1999-0517
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-92.33% / 99.72%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An SNMP community name is the default (e.g. public), null, or missing.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)HP Inc.
Product-sunoshp-uxn/a
CVE-2002-1048
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-10.28% / 92.87%
||
7 Day CHG~0.00%
Published-31 Aug, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0.

Action-Not Available
Vendor-n/aHP Inc.
Product-jetdirectn/a
CVE-1999-0057
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.86% / 85.72%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vacation program allows command execution by remote users through a sendmail command.

Action-Not Available
Vendor-eric_allmann/aIBM CorporationFreeBSD FoundationSun Microsystems (Oracle Corporation)HP Inc.
Product-hp-uxvacationaixsolarissunosvvosfreebsdn/a
CVE-2013-4825
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.41%
||
7 Day CHG~0.00%
Published-13 Oct, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to bypass intended access restrictions via unknown vectors, aka ZDI-CAN-1645.

Action-Not Available
Vendor-n/aHP Inc.
Product-imc_service_operation_management_software_moduleintelligent_management_centern/a
CVE-2013-4797
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-7.65% / 91.53%
||
7 Day CHG~0.00%
Published-26 Jul, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnern/a
CVE-2013-4809
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.86% / 74.17%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-22 Apr, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_manageridentity_driven_managern/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2002-1605
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-27.59% / 96.25%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2002-1408
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.92% / 75.03%
||
7 Day CHG~0.00%
Published-18 Mar, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_emanate_snmp_agentvvosn/a
CVE-2013-2370
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-81.68% / 99.14%
||
7 Day CHG~0.00%
Published-26 Jul, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1671.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnern/a
CVE-2002-0763
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.65% / 69.79%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the server.

Action-Not Available
Vendor-n/aHP Inc.
Product-virtualvaultn/a
CVE-2003-0028
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-56.05% / 98.01%
||
7 Day CHG~0.00%
Published-21 Mar, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

Action-Not Available
Vendor-openafscrayn/aMIT (Massachusetts Institute of Technology)IBM CorporationSilicon Graphics, Inc.OpenBSDFreeBSD FoundationGNUSun Microsystems (Oracle Corporation)HP Inc.
Product-glibchp-uxopenbsdaixhp-ux_series_700solarisirixunicoshp-ux_series_800sunosopenafsfreebsdkerberos_5n/a
CVE-2019-6318
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.54% / 80.64%
||
7 Day CHG~0.00%
Published-11 Apr, 2019 | 14:45
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers have an insufficient solution bundle signature validation that potentially allows execution of arbitrary code.

Action-Not Available
Vendor-HPHP Inc.
Product-laserjet_enterprise_flow_mfp_m633color_laserjet_managed_flow_mfp_m880zm_firmwarecolor_laserjet_managed_mfp_e67550_firmwarepagewide_enterprise_color_mfp_586laserjet_enterprise_flow_mfp_m630pagewide_color_mfp_774_firmwarepagewide_managed_color_mfp_p77440_firmwarepagewide_managed_color_mfp_e77650_firmwarelaserjet_enterprise_color_flow_mfp_m575color_laserjet_managed_mfp_e77825_firmwarelaserjet_managed_flow_mfp_m527z_firmwarescanjet_enterprise_8500_fn1_document_capture_workstationpagewide_managed_color_mfp_p77940color_laserjet_enterprise_m552color_laserjet_managed_mfp_e77830_firmwarelaserjet_managed_flow_mfp_m830_firmwarelaserjet_enterprise_m4555_mfp_firmwarelaserjet_enterprise_color_flow_mfp_m575_firmwarelaserjet_managed_flow_mfp_e62575color_laserjet_enterprise_flow_mfp_m577laserjet_enterprise_700_m712_firmwarescanjet_enterprise_flow_n9120_fn2_document_scanner_firmwarelaserjet_managed_mfp_e72525_firmwarelaserjet_managed_mfp_e82560_firmwarelaserjet_enterprise_mfp_m631_firmwarelaserjet_enterprise_m607pagewide_managed_color_e75160laserjet_managed_500_color_mfp_m575_firmwarecolor_laserjet_managed_e55040dw_firmwarecolor_laserjet_enterprise_flow_mfp_m880zlaserjet_managed_mfp_m630_firmwarelaserjet_enterprise_flow_mfp_m525_firmwarepagewide_managed_color_flow_mfp_e77650_firmwarelaserjet_managed_e60075laserjet_enterprise_700_color_mfp_m775_firmwarecolor_laserjet_managed_mfp_e67560laserjet_enterprise_700_color_mfp_m775pagewide_managed_color_mfp_p77960color_laserjet_managed_mfp_e87650_firmwarelaserjet_managed_flow_mfp_e72535_firmwarelaserjet_enterprise_flow_mfp_m527z_firmwarelaserjet_enterprise_flow_mfp_m632color_laserjet_managed_flow_mfp_m577color_laserjet_managed_mfp_e87660color_laserjet_managed_mfp_e57540_firmwarelaserjet_enterprise_mfp_m630_firmwarelaserjet_managed_mfp_e82560laserjet_enterprise_500_color_m551laserjet_managed_500_mfp_m525_firmwarelaserjet_managed_e60065laserjet_enterprise_m604laserjet_enterprise_mfp_m725officejet_enterprise_color_x555color_laserjet_managed_flow_mfp_e77830color_laserjet_managed_mfp_m577pagewide_managed_color_flow_mfp_e77660zlaserjet_enterprise_flow_mfp_m632_firmwarecolor_laserjet_managed_m651laserjet_managed_flow_mfp_e52545ccolor_laserjet_managed_flow_mfp_e57540pagewide_managed_color_mfp_e58650dn_firmwarecolor_laserjet_managed_flow_mfp_m680laserjet_enterprise_500_mfp_m525fcolor_laserjet_managed_flow_mfp_e77822laserjet_enterprise_m609laserjet_managed_mfp_e72530laserjet_managed_e50045_firmwarelaserjet_managed_e60055laserjet_managed_mfp_e62555laserjet_enterprise_flow_mfp_m527zcolor_laserjet_managed_mfp_e77825pagewide_managed_color_p75250laserjet_managed_flow_mfp_m525_firmwarecolor_laserjet_managed_e65060_firmwarecolor_laserjet_enterprise_m653_firmwarepagewide_managed_color_mfp_e58650dnofficejet_enterprise_color_x555_firmwarecolor_laserjet_managed_flow_mfp_e57540_firmwarelaserjet_managed_m506_firmwarecolor_laserjet_enterprise_flow_mfp_m682_firmwarecolor_laserjet_managed_mfp_e67550officejet_managed_color_mfp_x585_firmwarecolor_laserjet_enterprise_flow_mfp_m880z_firmwarecolor_laserjet_managed_flow_mfp_e77830_firmwarepagewide_managed_color_flow_mfp_e77650pagewide_managed_color_mfp_p77950laserjet_enterprise_flow_mfp_m830_firmwarelaserjet_managed_flow_mfp_e72530color_laserjet_managed_flow_mfp_e87640_firmwareofficejet_enterprise_color_mfp_x585_firmwarepagewide_enterprise_color_mfp_780_firmwarepagewide_enterprise_color_flow_mfp_586z_firmwarelaserjet_managed_mfp_e72535_firmwarecolor_laserjet_enterprise_m652_firmwarepagewide_managed_color_p75250_firmwarecolor_laserjet_managed_m553officejet_managed_color_flow_mfp_x585_firmwarelaserjet_managed_mfp_e52545_firmwarecolor_laserjet_enterprise_m553_firmwarecolor_laserjet_enterprise_m651color_laserjet_managed_flow_mfp_e77825color_laserjet_enterprise_m750pagewide_managed_color_e55650_firmwarecolor_laserjet_cm4540_mfpcolor_laserjet_managed_flow_mfp_e67560_firmwarecolor_laserjet_managed_e65050color_laserjet_managed_e65060laserjet_managed_mfp_e72530_firmwarepagewide_enterprise_color_flow_mfp_780flaserjet_managed_flow_mfp_e72535laserjet_managed_mfp_e82550_firmwarecolor_laserjet_managed_flow_mfp_m680_firmwarecolor_laserjet_enterprise_flow_mfp_m681laserjet_enterprise_500_color_mfp_m575_firmwarelaserjet_enterprise_m608_firmwarelaserjet_managed_color_flow_mfp_m575color_laserjet_managed_flow_mfp_e87650_firmwarelaserjet_enterprise_m806_firmwarelaserjet_managed_e50045pagewide_enterprise_color_flow_mpf_785color_laserjet_enterprise_m750_firmwarepagewide_enterprise_color_flow_mpf_785_firmwarepagewide_enterprise_color_556laserjet_managed_flow_mfp_e82550color_laserjet_managed_flow_mfp_e87660laserjet_enterprise_600_m601_firmwarelaserjet_enterprise_m607_firmwarelaserjet_enterprise_mfp_m725_firmwareofficejet_managed_color_flow_mfp_x585color_laserjet_enterprise_m855laserjet_enterprise_600_m602laserjet_managed_flow_mfp_m527zlaserjet_enterprise_m605laserjet_enterprise_m606color_laserjet_enterprise_mfp_m680_firmwareofficejet_enterprise_color_mfp_x585laserjet_enterprise_m605_firmwarepagewide_color_755_firmwarepagewide_color_mfp_779pagewide_managed_color_mfp_p77950_firmwarecolor_laserjet_managed_mfp_m775color_laserjet_enterprise_m552_firmwarepagewide_enterprise_color_mfp_780color_laserjet_managed_flow_mfp_m577_firmwaredigital_sender_flow_8500_fn2_document_capture_workstation_firmwarecolor_laserjet_managed_flow_mfp_e77825_firmwarepagewide_managed_color_mfp_e77650color_laserjet_managed_mfp_e67560_firmwarelaserjet_managed_mfp_m630laserjet_managed_flow_mfp_e72525_firmwareofficejet_enterprise_color_flow_mfp_x585_firmwarecolor_laserjet_enterprise_mfp_m681_firmwarecolor_laserjet_managed_flow_mfp_e6750color_laserjet_managed_flow_mfp_e87660_firmwarelaserjet_managed_flow_mfp_e62565pagewide_managed_color_mfp_p77440color_laserjet_managed_mfp_e77822laserjet_enterprise_mfp_m527_firmwarepagewide_managed_color_flow_mfp_e58650zcolor_laserjet_enterprise_m653pagewide_managed_color_e75160_firmwarelaserjet_managed_500_color_mfp_m575laserjet_enterprise_mfp_m527laserjet_enterprise_flow_mfp_m830laserjet_managed_e60075_firmwarelaserjet_managed_m605color_laserjet_cm4540_mfp_firmwarelaserjet_managed_flow_mfp_m830laserjet_enterprise_mfp_m633pagewide_color_mfp_779_firmwarelaserjet_managed_flow_mfp_e72530_firmwarecolor_laserjet_managed_mfp_e87640color_laserjet_managed_e55040dwlaserjet_managed_flow_mfp_e82540color_laserjet_managed_flow_mfp_e87640laserjet_enterprise_mfp_m631laserjet_managed_mfp_e82540_firmwarepagewide_enterprise_color_flow_mfp_586zcolor_laserjet_enterprise_mfp_m682officejet_enterprise_color_flow_mfp_x585laserjet_managed_flow_mfp_m630_firmwarecolor_laserjet_managed_mfp_m680color_laserjet_managed_flow_mfp_e67560pagewide_color_755laserjet_enterprise_mfp_m633_firmwarelaserjet_managed_flow_mfp_e82540_firmwarecolor_laserjet_enterprise_flow_mfp_m680_firmwarecolor_laserjet_enterprise_flow_mfp_m680color_laserjet_enterprise_mfp_m577pagewide_enterprise_color_mfp_586_firmwarelaserjet_enterprise_500_color_m551_firmwarelaserjet_managed_mfp_e72525laserjet_managed_flow_mfp_e72525color_laserjet_enterprise_flow_mfp_m682laserjet_enterprise_m604_firmwarelaserjet_enterprise_flow_mfp_m525color_laserjet_managed_e65050_firmwarelaserjet_managed_flow_mfp_e52545c_firmwarelaserjet_managed_m605_firmwarelaserjet_enterprise_mfp_m630pagewide_enterprise_color_765color_laserjet_enterprise_mfp_m682_firmwarelaserjet_enterprise_600_m602_firmwarepagewide_enterprise_color_flow_mfp_780f_firmwarelaserjet_managed_m506officejet_managed_color_mfp_x585laserjet_managed_500_mfp_m525laserjet_enterprise_mfp_m632color_laserjet_managed_m553_firmwarelaserjet_managed_e60055_firmwarecolor_laserjet_enterprise_m651_firmwarelaserjet_managed_flow_mfp_e62555_firmwarelaserjet_managed_flow_mfp_e82560color_laserjet_managed_flow_mfp_e87650color_laserjet_managed_flow_mfp_m880zmcolor_laserjet_enterprise_mfp_m681pagewide_enterprise_color_765_firmwarelaserjet_enterprise_600_m603laserjet_managed_mfp_m725_firmwarelaserjet_managed_mfp_e62555_firmwarelaserjet_managed_flow_mfp_m630laserjet_enterprise_mfp_m632_firmwarepagewide_managed_color_flow_mfp_e58650z_firmwarelaserjet_enterprise_flow_mfp_m630_firmwarecolor_laserjet_enterprise_mfp_m577_firmwarelaserjet_enterprise_m806laserjet_enterprise_m609_firmwarepagewide_color_mfp_774pagewide_enterprise_color_556_firmwarelaserjet_managed_flow_mfp_e82550_firmwarelaserjet_managed_mfp_e72535color_laserjet_enterprise_cp5525_firmwaredigital_sender_flow_8500_fn2_document_capture_workstationcolor_laserjet_managed_mfp_e87640_firmwarelaserjet_enterprise_m4555_mfppagewide_managed_color_mfp_p77940_firmwarecolor_laserjet_managed_flow_mfp_e77822_firmwarelaserjet_enterprise_m506laserjet_enterprise_flow_mfp_m633_firmwarecolor_laserjet_managed_mfp_m577_firmwarelaserjet_enterprise_500_mfp_m525f_firmwarelaserjet_managed_e60065_firmwarecolor_laserjet_managed_mfp_m775_firmwarelaserjet_managed_flow_mfp_e62565_firmwarecolor_laserjet_enterprise_m855_firmwarepagewide_managed_color_e55650laserjet_enterprise_flow_mfp_m631_firmwarecolor_laserjet_managed_mfp_e77822_firmwarepagewide_managed_color_flow_mfp_e77660z_firmwarecolor_laserjet_managed_mfp_m680_firmwarelaserjet_managed_mfp_e52545laserjet_managed_flow_mfp_e62575_firmwarelaserjet_enterprise_m608color_laserjet_managed_mfp_e87660_firmwarelaserjet_managed_mfp_e82550laserjet_managed_mfp_e62565laserjet_managed_mfp_m527_firmwarelaserjet_managed_mfp_m527laserjet_managed_flow_mfp_e82560_firmwarecolor_laserjet_managed_m651_firmwarescanjet_enterprise_8500_fn1_document_capture_workstation_firmwarecolor_laserjet_managed_mfp_e77830laserjet_enterprise_600_m603_firmwarecolor_laserjet_enterprise_flow_mfp_m577_firmwarepagewide_managed_color_mfp_p77960_firmwarelaserjet_managed_flow_mfp_m525color_laserjet_enterprise_flow_mfp_m681_firmwarelaserjet_managed_flow_mfp_e62555laserjet_enterprise_700_m712laserjet_managed_mfp_e62565_firmwarecolor_laserjet_managed_flow_mfp_e6750_firmwarecolor_laserjet_enterprise_cp5525laserjet_managed_mfp_e82540color_laserjet_enterprise_m553laserjet_enterprise_600_m601laserjet_managed_color_flow_mfp_m575_firmwarescanjet_enterprise_flow_n9120_fn2_document_scannercolor_laserjet_managed_mfp_e57540laserjet_enterprise_500_color_mfp_m575color_laserjet_enterprise_m652color_laserjet_managed_mfp_e87650laserjet_enterprise_flow_mfp_m631color_laserjet_enterprise_mfp_m680laserjet_enterprise_m606_firmwarelaserjet_enterprise_m506_firmwarelaserjet_managed_mfp_m725HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2019-6327
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.82% / 73.35%
||
7 Day CHG~0.00%
Published-17 Jun, 2019 | 15:55
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an IPP Parser potentially vulnerable to Buffer Overflow.

Action-Not Available
Vendor-n/aHP Inc.
Product-laserjet_pro_mfp_m28-m31_w2g55a_firmwarelaserjet_pro_m280-m281_t6b82alaserjet_pro_m280-m281_t6b83a_firmwarelaserjet_pro_mfp_m28-m31_w2g55alaserjet_pro_m280-m281_t6b83alaserjet_pro_mfp_m28-m31_y5s54alaserjet_pro_mfp_m28-m31_w2g54alaserjet_pro_m280-m281_t6b80a_firmwarelaserjet_pro_mfp_m28-m31_y5s55alaserjet_pro_m280-m281_t6b81a_firmwarelaserjet_pro_mfp_m28-m31_y5s50alaserjet_pro_mfp_m28-m31_y5s55a_firmwarelaserjet_pro_m280-m281_t6b82a_firmwarelaserjet_pro_mfp_m28-m31_w2g54a_firmwarelaserjet_pro_m280-m281_t6b81alaserjet_pro_mfp_m28-m31_y5s54a_firmwarelaserjet_pro_mfp_m28-m31_y5s50a_firmwarelaserjet_pro_mfp_m28-m31_y5s53alaserjet_pro_m280-m281_t6b80alaserjet_pro_mfp_m28-m31_y5s53a_firmwareHP Color LaserJet Pro M280-M281 Multifunction Printer series; HP LaserJet Pro MFP M28-M31 Printer series
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2000-0159
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.69% / 70.84%
||
7 Day CHG~0.00%
Published-18 Apr, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2002-0610
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.65% / 85.19%
||
7 Day CHG~0.00%
Published-11 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properly validate certain FTP commands, which allows attackers to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpe_ixn/a
CVE-2002-0836
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.44% / 93.65%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.

Action-Not Available
Vendor-n/aHP Inc.Red Hat, Inc.Mandriva (Mandrakesoft)
Product-secure_oslinuxmandrake_linuxn/a
CVE-2012-5214
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-1.07% / 76.82%
||
7 Day CHG~0.00%
Published-09 Mar, 2013 | 11:01
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP ServiceCenter 6.2.8 before 6.2.8.10 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_centern/a
CVE-2012-5206
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-1.07% / 76.82%
||
7 Day CHG~0.00%
Published-09 Mar, 2013 | 11:01
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1660.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerintelligent_management_center_for_automated_network_managern/a
CVE-2012-5208
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-1.07% / 76.82%
||
7 Day CHG~0.00%
Published-09 Mar, 2013 | 11:01
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1615.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerintelligent_management_center_for_automated_network_managern/a
CVE-2019-6330
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.03% / 76.37%
||
7 Day CHG~0.00%
Published-09 Jan, 2020 | 18:37
Updated-04 Aug, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified in the software solution HP Access Control versions prior to 16.7. This vulnerability could potentially grant elevation of privilege.

Action-Not Available
Vendor-n/aHP Inc.
Product-access_controlHP Access Control
CVE-2002-0250
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.76% / 92.16%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password.

Action-Not Available
Vendor-n/aHP Inc.
Product-advancestack_10base-t_switching_hub_j3201aadvancestack_10base-t_switching_hub_j3202aadvancestack_10base-t_switching_hub_j3205aadvancestack_10base-t_switching_hub_j3203aadvancestack_10base-t_switching_hub_j3210aadvancestack_10base-t_switching_hub_j3200aadvancestack_10base-t_switching_hub_j3204an/a
CVE-2012-5202
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-67.45% / 98.50%
||
7 Day CHG~0.00%
Published-09 Mar, 2013 | 11:01
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1612.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerintelligent_management_center_for_automated_network_managern/a
CVE-2012-5211
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-1.07% / 76.82%
||
7 Day CHG~0.00%
Published-09 Mar, 2013 | 11:01
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Intelligent Management Center (iMC) User Access Manager (UAM) before 5.2 E0402 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1643.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_center_user_access_managern/a
CVE-2001-0978
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.29% / 78.85%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2019-14678
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||CRITICAL
EPSS-0.80% / 73.07%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 20:59
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Examples are Local File Reading, Out Of Band File Exfiltration, Server Side Request Forgery, and/or Potential Denial of Service attacks. This vulnerability also affects the XMLV2 LIBNAME engine when the AUTOMAP option is used.

Action-Not Available
Vendor-sasn/aMicrosoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-windows_server_2016windows_8linux_kernelwindows_8.1windows_server_2012solarishp-uxwindowswindows_7windows_10xml_mapperz\/osaixbase_saswindows_server_2019n/a
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-1999-1324
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.01% / 76.21%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for attackers to conduct brute force password guessing.

Action-Not Available
Vendor-n/aHP Inc.
Product-openvms_vaxn/a
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-1999-0502
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-42.28% / 97.35%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Unix account has a default, null, blank, or missing password.

Action-Not Available
Vendor-n/aRed Hat, Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-solarislinuxsunoshp-uxn/a
CVE-1999-1061
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.60% / 68.62%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging.

Action-Not Available
Vendor-n/aHP Inc.
Product-jetdirectn/a
CVE-1999-0707
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.74% / 71.99%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization.

Action-Not Available
Vendor-n/aHP Inc.
Product-visualize_conference_ftphp-uxn/a
CVE-1999-0333
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.34% / 79.19%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found