Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2002-1617

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-25 Mar, 2005 | 05:00
Updated At-08 Aug, 2024 | 03:34
Rejected At-
Credits

Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:25 Mar, 2005 | 05:00
Updated At:08 Aug, 2024 | 03:34
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_FULLDISC
http://www.kb.cert.org/vuls/id/931579
third-party-advisory
x_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/836275
third-party-advisory
x_refsource_CERT-VN
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_BUGTRAQ
http://www.kb.cert.org/vuls/id/202939
third-party-advisory
x_refsource_CERT-VN
http://www.securityfocus.com/archive/1/290115
mailing-list
x_refsource_BUGTRAQ
http://www.kb.cert.org/vuls/id/600699
third-party-advisory
x_refsource_CERT-VN
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt
x_refsource_MISC
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt
x_refsource_MISC
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt
x_refsource_MISC
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt
x_refsource_MISC
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://www.kb.cert.org/vuls/id/931579
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.kb.cert.org/vuls/id/836275
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.kb.cert.org/vuls/id/202939
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.securityfocus.com/archive/1/290115
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.kb.cert.org/vuls/id/600699
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt
Resource:
x_refsource_MISC
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt
Resource:
x_refsource_MISC
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt
Resource:
x_refsource_MISC
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_FULLDISC
x_transferred
http://www.kb.cert.org/vuls/id/931579
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.kb.cert.org/vuls/id/836275
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.kb.cert.org/vuls/id/202939
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.securityfocus.com/archive/1/290115
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.kb.cert.org/vuls/id/600699
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt
x_refsource_MISC
x_transferred
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt
x_refsource_MISC
x_transferred
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt
x_refsource_MISC
x_transferred
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt
x_refsource_MISC
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/931579
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/836275
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/202939
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/290115
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/600699
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:31 Dec, 2002 | 05:00
Updated At:03 Apr, 2025 | 01:03

Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
HP Inc.
hp
>>tru64>>5.1b_pk2_bl22
cpe:2.3:o:hp:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlcve@mitre.org
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlcve@mitre.org
N/A
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txtcve@mitre.org
Exploit
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txtcve@mitre.org
Exploit
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txtcve@mitre.org
Exploit
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txtcve@mitre.org
Exploit
http://www.kb.cert.org/vuls/id/202939cve@mitre.org
US Government Resource
http://www.kb.cert.org/vuls/id/600699cve@mitre.org
US Government Resource
http://www.kb.cert.org/vuls/id/836275cve@mitre.org
US Government Resource
http://www.kb.cert.org/vuls/id/931579cve@mitre.org
US Government Resource
http://www.securityfocus.com/archive/1/290115cve@mitre.org
Vendor Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.kb.cert.org/vuls/id/202939af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.kb.cert.org/vuls/id/600699af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.kb.cert.org/vuls/id/836275af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.kb.cert.org/vuls/id/931579af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.securityfocus.com/archive/1/290115af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.kb.cert.org/vuls/id/202939
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/600699
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/836275
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/931579
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.securityfocus.com/archive/1/290115
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.kb.cert.org/vuls/id/202939
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/600699
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/836275
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/931579
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.securityfocus.com/archive/1/290115
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

156Records found
CVE-2015-2126
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.2||HIGH
EPSS-0.05% / 13.26%
||
7 Day CHG~0.00%
Published-06 Jul, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1161
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 13.75%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-0840
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.19% / 41.09%
||
7 Day CHG~0.00%
Published-09 Oct, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-1098
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.20% / 42.06%
||
7 Day CHG~0.00%
Published-11 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2021-39300
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-8.8||HIGH
EPSS-0.06% / 18.95%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 16:38
Updated-04 Aug, 2024 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-proone_600_g5_21.5-in_all-in-one_business_pcelitebook_840_g5zbook_studio_g5_firmwareprobook_440_g5elitebook_1050_g1_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pcprobook_640_g7eliteone_800_g6_27_all-in-one_pcprobook_640_g4prodesk_680_g6_pci_microtower_pceliteone_800_g6_24_all-in-one_pc_firmwareelitedesk_805_g8_small_form_factor_pczhan_66_pro_14_g2probook_630_g8_firmwareelitebook_x360_830_g5_firmwareelitebook_x360_830_g5prodesk_600_g5_microtower_pc\(with_pci_slot\)elite_x2_1013_g3elitedesk_800_g5_small_form_factor_pcelitedesk_880_g6_tower_pcprodesk_600_g4_microtower_pc\(with_pci_slot\)_firmwareproone_440_g6_24_all-in-one_pc_firmwarezhan_66_pro_13_g2elite_dragonflyprobook_440_g5_firmwareelite_dragonfly_maxelitebook_840_g7_firmwareprodesk_405_g8_desktop_mini_pczbook_14u_g6_firmwareeliteone_800_g8_24_all-in-one_pc260_g3_desktop_mini_pcprobook_x360_11_g3_education_editionzbook_17_g6zbook_15_g6probook_650_g8_firmwareproone_400_g6_24_all-in-one_pcelitebook_850_g6_firmwareeliteone_800_g6_24_all-in-one_pcprodesk_480_g5_microtower_pcprobook_430_g8_firmwareelitedesk_800_95w_g4_desktop_mini_pczbook_fury_17_g7_firmwarezhan_66_pro_14_g3elitedesk_800_g4_workstation_editionzbook_studio_15_g8_firmwareelitedesk_880_g8_tower_pc_firmwareelitebook_836_g6prodesk_405_g8_small_form_factor_pczbook_17_g6_firmwareprobook_470_g5elitedesk_800_65w_g4_desktop_mini_pcelitebook_850_g5_firmwareprodesk_480_g7_pci_microtower_pc_firmwareelitebook_840_g8elitebook_x360_1030_g7_firmwareprobook_640_g4_firmwareelitebook_846_g5probook_x360_11_g7_education_editionelitedesk_800_g4_small_form_factor_pc_firmwarezbook_fury_15_g7z4_g4_workstation_\(xeon_w\)zhan_66_pro_15_g3eliteone_800_g5_23.8-in_healthcare_edition_all-in-oneproone_440_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g8_tower_pczbook_17_g5_firmwareelitebook_x360_1040_g8_firmwarez8_g4_workstation_firmwareelitebook_830_g5zhan_66_pro_g3_24_all-in-one_pcelitedesk_800_g6_tower_pcproone_600_g6_22_all-in-one_pc_firmwareelitebook_x360_1040_g6elitebook_840_g6_firmwareprodesk_405_g8_desktop_mini_pc_firmwarezhan_66_pro_15_g2elitedesk_800_g5_tower_pcelitebook_840_g5_firmwareeliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmwareelitebook_x360_1030_g8probook_640_g5zbook_firefly_14_g7_firmwareproone_400_g6_20_all-in-one_pc_firmwarez1_entry_tower_g6_workstationprobook_x360_11_g6_education_editionz4_g4_workstation_\(xeon_w\)_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmwareelite_dragonfly_g2elitebook_830_g6prodesk_400_g7_microtower_pcprodesk_600_g5_small_form_factor_pcproone_440_g5_23.8-in_all-in-one_business_pc_firmwareprobook_x360_11_g7_education_edition_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pcprobook_430_g6_firmwareprodesk_400_g6_small_form_factor_pc_firmwareeliteone_800_g5_23.8-inch_all-in-oneprodesk_600_g4_desktop_mini_pc_firmwareprobook_650_g5_firmwarez1_entry_tower_g5_workstationeliteone_800_g8_27_all-in-one_pcproone_400_g4_20-inch_non-touch_all-in-one_business_pcproone_400_g5_20-inch_all-in-one_business_pc260_g3_desktop_mini_pc_firmwarez1_entry_tower_g5_workstation_firmwarezbook_fury_17_g8elitedesk_800_g4_small_form_factor_pcprodesk_680_g4_microtower_pceliteone_800_g6_27_all-in-one_pc_firmwareelitebook_x360_830_g7elitebook_x360_1040_g8probook_450_g5probook_450_g6_firmwareelitebook_836_g6_firmwareelitedesk_880_g4_tower_pceliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmwareelitebook_x360_1030_g7prodesk_400_g6_microtower_pc_firmwareprobook_430_g5_firmwareelitebook_836_g5_firmwareelitebook_x360_1040_g7_firmwareprobook_650_g7_firmwarezbook_17_g5probook_x360_440_g1zhan_66_pro_15_g3_firmwareprodesk_400_g5_microtower_pcprobook_440_g7elitebook_x360_1040_g5elitedesk_800_35w_g4_desktop_mini_pczbook_fury_17_g8_firmwareeliteone_800_g8_27_all-in-one_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmwareelitebook_850_g8prodesk_600_g4_microtower_pcelitebook_x360_1030_g4probook_x360_440_g1_firmwareelitebook_830_g8_firmwareprodesk_600_g4_small_form_factor_pcprodesk_600_g5_microtower_pc_firmwareelitedesk_880_g6_tower_pc_firmwarezbook_15_g5_firmwareelitebook_840_g5_healthcare_edition_firmwareprodesk_400_g6_desktop_mini_pcz1_entry_tower_g6_workstation_firmwareprobook_x360_11_g3_education_edition_firmwareprodesk_400_g5_small_form_factor_pc_firmwarezbook_firefly_14_g7elitebook_840_g6_healthcare_edition_firmwaremp9_g4_retail_systemzbook_fury_15_g8probook_640_g7_firmwareelitebook_840_g6zhan_66_pro_g3_24_all-in-one_pc_firmwareelitebook_x360_830_g8probook_470_g5_firmwareengage_flex_mini_retail_system_firmwareelitebook_850_g8_firmwareproone_600_g4_21.5-inch_touch_all-in-one_business_pcelitebook_x360_830_g6probook_450_g8prodesk_400_g5_microtower_pc_firmwarezbook_power_15_g8_firmwareelitedesk_880_g5_tower_pc_firmwareprodesk_600_g5_microtower_pc\(with_pci_slot\)_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmwareprobook_x360_11_g4_education_editionzbook_studio_g7prodesk_600_g4_microtower_pc\(with_pci_slot\)elitebook_840_aero_g8_firmwareproone_400_g6_20_all-in-one_pcprodesk_600_g5_microtower_pcprodesk_600_g6_small_form_factor_pcz4_g4_workstation_\(core-x\)_firmwarezbook_fury_15_g7_firmwareprobook_640_g8_firmwarezbook_14u_g5_firmwareprodesk_600_g6_small_form_factor_pc_firmwareeliteone_1000_g2_23.8-in_all-in-one_business_pc_firmwarezbook_studio_x360_g5elitedesk_800_g8_small_form_factor_pc_firmwarez1_g8_tower_desktop_pc_firmwarezbook_15u_g6zbook_studio_x360_g5_firmwareeliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pcelitedesk_800_g8_desktop_mini_pcproone_400_g4_23.8-inch_non-touch_all-in-one_business_pcelitedesk_800_g4_tower_pcelitedesk_880_g5_tower_pczbook_firefly_15_g8elite_dragonfly_max_firmwarezbook_studio_g7_firmwareproone_440_g5_23.8-in_all-in-one_business_pcprobook_x360_11_g6_education_edition_firmwarezbook_firefly_15_g7_firmwarez6_g4_workstationproone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_touch_all-in-one_pcelitebook_846_g5_firmwareprodesk_600_g5_small_form_factor_pc_firmwareelite_x2_g8_tabletzbook_15u_g5prodesk_600_g6_microtower_pczbook_fury_17_g7elitebook_840_g5_healthcare_editionprodesk_480_g6_microtower_pc_firmwareproone_440_g6_24_all-in-one_pceliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmwareprodesk_400_g4_desktop_mini_pc_firmwareelite_x2_1013_g3_firmwareelitedesk_805_g6_small_form_factor_pcprodesk_400_g5_small_form_factor_pcelitebook_830_g7_firmwarezbook_14u_g6eliteone_1000_g2_23.8-in_touch_all-in-one_business_pcelitebook_850_g6probook_450_g7zbook_15u_g6_firmwareproone_400_g6_24_all-in-one_pc_firmwareelitedesk_880_g4_tower_pc_firmwareprodesk_680_g6_pci_microtower_pc_firmwareprodesk_400_g6_microtower_pcprobook_440_g8prodesk_600_g4_desktop_mini_pcprobook_450_g7_firmwareprobook_640_g5_firmwareprobook_440_g6probook_450_g6prodesk_600_g5_desktop_mini_pc_firmwareprodesk_600_g5_desktop_mini_pcprobook_630_g8probook_650_g8probook_650_g4_firmwarezbook_firefly_15_g8_firmwarezbook_fury_15_g8_firmwareelitedesk_800_g6_small_form_factor_pcprobook_650_g4zhan_x_13_g2probook_650_g5z6_g4_workstation_firmwarezbook_studio_g5prodesk_600_g4_small_form_factor_pc_firmwareelitedesk_800_g8_desktop_mini_pc_firmwarezbook_create_g7elitedesk_805_g8_small_form_factor_pc_firmwarezhan_66_pro_14_g2_firmwareprodesk_600_g4_microtower_pc_firmwareprobook_430_g8zbook_studio_15_g8elitedesk_800_g5_desktop_mini_pc_firmwareprodesk_400_g6_desktop_mini_pc_firmwareelitebook_x360_1040_g7elite_x2_g4prodesk_600_g6_desktop_mini_pc_firmwarezbook_15_g5probook_430_g6eliteone_800_g5_23.8-inch_all-in-one_firmwareelitebook_830_g8elitebook_x360_1030_g3proone_400_g5_23.8-inch_all-in-one_business_pc_firmwareelitedesk_805_g6_desktop_mini_pc_firmwareeliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmwareproone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmwareelitedesk_800_g5_desktop_mini_pcelitedesk_800_g6_small_form_factor_pc_firmwarezhan_x_13_g2_firmwareelitebook_x360_830_g8_firmwareprodesk_600_g6_desktop_mini_pczhan_66_pro_14_g4prodesk_680_g4_microtower_pc\(with_pci_slot\)probook_430_g7probook_450_g8_firmwareproone_400_g5_23.8-inch_all-in-one_business_pcprodesk_680_g4_microtower_pc\(with_pci_slot\)_firmwareelitebook_836_g5elitedesk_800_g5_small_form_factor_pc_firmwareelitedesk_800_g8_tower_pc_firmwareproone_400_g5_20-inch_all-in-one_business_pc_firmwareeliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmwareprodesk_680_g4_microtower_pc_firmwareelitebook_830_g7elitedesk_800_g6_desktop_mini_pcprodesk_400_g7_small_form_factor_pcprobook_650_g7prodesk_400_g7_microtower_pc_firmwareprodesk_600_g6_microtower_pc_firmwareelitedesk_805_g6_desktop_mini_pcprobook_x360_11_g4_education_edition_firmwareelite_x2_g8_tablet_firmwareeliteone_1000_g2_34-in_curved_all-in-one_business_pcelite_dragonfly_firmwareelitedesk_800_95w_g4_desktop_mini_pc_firmwareprobook_440_g6_firmwareelitebook_x360_830_g6_firmwareelitebook_840_g8_firmwareelitebook_830_g6_firmwareelitebook_850_g7zhan_66_pro_g3_22_all-in-one_pcelitedesk_805_g6_small_form_factor_pc_firmwareelitebook_x360_1040_g5_firmwareelitedesk_800_g6_tower_pc_firmwarezhan_66_pro_g1_firmwareprobook_x360_11_g5_education_edition_firmwarezbook_firefly_14_g8probook_430_g5probook_430_g7_firmwareelitedesk_800_g6_desktop_mini_pc_firmwareelite_x2_g4_firmwarezbook_power_g7_firmwarezhan_66_pro_13_g2_firmwarezbook_power_15_g8zbook_firefly_14_g8_firmwareelitebook_x360_830_g7_firmwareelite_dragonfly_g2_firmwareelitebook_850_g7_firmwareelitebook_x360_1030_g3_firmwareproone_600_g6_22_all-in-one_pceliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmwareelitedesk_800_g4_workstation_edition_firmwarezhan_66_pro_g3_22_all-in-one_pc_firmwareeliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmwareelitebook_840_g6_healthcare_editioneliteone_1000_g2_23.8-in_all-in-one_business_pcelitebook_840_aero_g8probook_450_g5_firmwarezhan_66_pro_15_g2_firmwarezhan_66_pro_14_g4_firmwarezbook_firefly_15_g7eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pcprodesk_480_g6_microtower_pcz8_g4_workstationzbook_14u_g5eliteone_800_g8_24_all-in-one_pc_firmwareelitedesk_805_g8_desktop_mini_pc_firmwareprodesk_400_g4_desktop_mini_pcelitebook_x360_1030_g8_firmwareprobook_640_g8zhan_66_pro_g1z4_g4_workstation_\(core-x\)mp9_g4_retail_system_firmwareelitebook_840_g7elitebook_840r_g4elitedesk_800_g4_tower_pc_firmwareelitebook_1050_g1prodesk_400_g7_small_form_factor_pc_firmwareengage_flex_mini_retail_systemprodesk_400_g5_desktop_mini_pcelitebook_850_g5z1_g8_tower_desktop_pczbook_power_g7probook_440_g7_firmwareelitedesk_880_g8_tower_pcproone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmwareelitebook_x360_1040_g6_firmwareproone_600_g5_21.5-in_all-in-one_business_pc_firmwareelitebook_x360_1030_g4_firmwareelitedesk_800_g8_small_form_factor_pczhan_66_pro_14_g3_firmwarezbook_15u_g5_firmwareelitedesk_805_g8_desktop_mini_pcprobook_x360_11_g5_education_editionprobook_440_g8_firmwareelitedesk_800_35w_g4_desktop_mini_pc_firmwareelitebook_830_g5_firmwarezbook_15_g6_firmwareelitedesk_800_g5_tower_pc_firmwareelitebook_840r_g4_firmwareprodesk_405_g8_small_form_factor_pc_firmwareprodesk_480_g7_pci_microtower_pcprodesk_480_g5_microtower_pc_firmwareelitedesk_800_65w_g4_desktop_mini_pc_firmwarezbook_create_g7_firmwareprodesk_400_g5_desktop_mini_pc_firmwareprodesk_400_g6_small_form_factor_pcBUSINESS NOTEBOOK PCS BIOS; BUSINESS DESKTOP PCS BIOS; RETAIL POINT-OF-SALE SYSTEMS BIOS; WORKSTATIONS BIOS
CVE-2007-2553
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.37% / 58.09%
||
7 Day CHG~0.00%
Published-09 May, 2007 | 17:00
Updated-07 Aug, 2024 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64n/a
CVE-1999-1139
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 13.75%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1247
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.07%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2007-1086
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.31%
||
7 Day CHG~0.00%
Published-23 Feb, 2007 | 22:00
Updated-07 Aug, 2024 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access."

Action-Not Available
Vendor-n/aMicrosoft CorporationHP Inc.Sun Microsystems (Oracle Corporation)IBM CorporationLinux Kernel Organization, Inc
Product-solarislinux_kernelwindows_xphp-uxaixdb2_universal_databasen/a
CVE-2002-1613
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 25.14%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2007-0819
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.77%
||
7 Day CHG~0.00%
Published-08 Feb, 2007 | 18:00
Updated-07 Aug, 2024 | 12:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified bin\ovtrcsvc.exe for the HP Open View Shared Trace Service.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_node_managern/a
CVE-2006-6418
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.19% / 41.24%
||
7 Day CHG~0.00%
Published-10 Dec, 2006 | 11:00
Updated-07 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-2351
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.21% / 43.61%
||
7 Day CHG~0.00%
Published-30 Apr, 2007 | 22:00
Updated-07 Aug, 2024 | 13:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX B.11.11 and B.11.23 allows local users to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-power_manager_remote_agenthp-uxn/a
CVE-1999-0050
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.34% / 55.86%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP-UX newgrp program.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2006-3335
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.11%
||
7 Day CHG~0.00%
Published-03 Jul, 2006 | 01:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2006-2574
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.11%
||
7 Day CHG~0.00%
Published-24 May, 2006 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2014-2646
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.36%
||
7 Day CHG~0.00%
Published-10 Oct, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Network Automation 9.10 and 9.20 allows local users to bypass intended access restrictions via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_automationn/a
CVE-2014-7303
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.57%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 17:23
Updated-06 Aug, 2024 | 12:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading etc/dbdump.db.

Action-Not Available
Vendor-n/aHP Inc.
Product-sgi_tempon/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2014-7302
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.95%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 17:23
Updated-06 Aug, 2024 | 12:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to change the permissions of arbitrary files by executing /opt/sgi/sgimc/bin/vx.

Action-Not Available
Vendor-n/aHP Inc.
Product-sgi_tempon/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2001-0267
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.93%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpe_ixn/a
CVE-2000-1134
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.18% / 39.53%
||
7 Day CHG~0.00%
Published-19 Dec, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

Action-Not Available
Vendor-conectivaimmunixn/aThe MITRE Corporation (Caldera)HP Inc.SUSERed Hat, Inc.Mandriva (Mandrakesoft)
Product-hp-uximmunixsuse_linuxlinuxopenlinux_edesktopopenlinux_eserveropenlinuxmandrake_linuxn/a
CVE-2001-0266
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.83%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2000-1028
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.20% / 42.61%
||
7 Day CHG~0.00%
Published-29 Nov, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2000-0801
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.78%
||
7 Day CHG~0.00%
Published-21 Sep, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2000-0077
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.19% / 40.76%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2000-0005
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.83%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP-UX aserver program allows local users to gain privileges via a symlink attack.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxaserver9000n/a
CVE-2004-1764
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 23.23%
||
7 Day CHG~0.00%
Published-10 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2004-1328
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.59%
||
7 Day CHG~0.00%
Published-06 Jan, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2012-5218
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.36%
||
7 Day CHG~0.00%
Published-24 Apr, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP ElitePad 900 PCs with BIOS F.0x before F.01 Update 1.0.0.8 do not enable the Secure Boot feature, which allows local users to bypass intended BIOS restrictions and boot unintended operating systems via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-elitepadn/a
CVE-2003-1358
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.19% / 41.13%
||
7 Day CHG~0.00%
Published-17 Oct, 2007 | 01:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-1461
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.25% / 48.34%
||
7 Day CHG~0.00%
Published-23 Oct, 2007 | 01:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473).

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2003-1097
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.37% / 58.25%
||
7 Day CHG~0.00%
Published-11 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2020-7207
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.8||MEDIUM
EPSS-0.06% / 17.60%
||
7 Day CHG~0.00%
Published-05 Nov, 2020 | 20:14
Updated-04 Aug, 2024 | 09:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will not address this issue in the impacted Gen 10 servers listed. HPE recommends using appropriate physical security methods as a compensating control to disallow an attacker from having physical access to the server main circuit board.

Action-Not Available
Vendor-n/aHP Inc.
Product-proliant_bl460c_gen10_firmwareproliant_dl560_gen10_firmwareproliant_dl120_gen10proliant_dl380_gen10_firmwareapollo_2000proliant_xl170r_gen10_firmwareproliant_ml110_gen10_firmwaresynergy_660_gen10proliant_xl190r_gen10proliant_e910proliant_dl180_gen10_firmwareproliant_dl360_gen10_firmwareproliant_dl360_gen10apollo_4200_gen10synergy_660_gen10_firmwaresynergy_480_gen10proliant_dl580_gen10_firmwareproliant_dl380_gen10proliant_xl230k_gen10apollo_4500proliant_xl270d_gen10_firmwareproliant_dl560_gen10proliant_dl160_gen10proliant_xl230k_gen10_firmwareproliant_xl450_gen10_firmwareproliant_ml350_gen10_firmwareproliant_dl580_gen10proliant_dl120_gen10_firmwareproliant_xl450_gen10proliant_ml110_gen10proliant_xl170r_gen10apollo_2000_firmwareproliant_ml350_gen10proliant_dl180_gen10proliant_e910_firmwareapollo_4200_gen10_firmwareproliant_bl460c_gen10proliant_xl270d_gen10apollo_4500_firmwaresynergy_480_gen10_firmwareproliant_dl160_gen10_firmwareproliant_xl190r_gen10_firmwareHPE ProLiant BL460c Gen10 Server Blade; HPE ProLiant DL360 Gen10 Server; HPE ProLiant DL380 Gen10 Server; HPE ProLiant DL560 Gen10 Server; HPE ProLiant DL580 Gen10 Server; HPE ProLiant ML110 Gen10 Server; HPE ProLiant XL230k Gen10 Server; HPE Synergy 480 Gen10 Compute Module; HPE Synergy 660 Gen10 Compute Module; HPE ProLiant DL180 Gen10 Server; HPE ProLiant DL160 Gen10 Server; HPE ProLiant DL120 Gen10 Server; HPE ProLiant XL190r Gen10 Server; HPE ProLiant ML350 Gen10 Server; HPE ProLiant XL170r Gen10 Server; HPE Apollo 2000 System; HPE Apollo 4500 System; HPE ProLiant XL270d Gen10 Server; HPE Apollo 4200 Gen10 Server; HPE ProLiant e910 Server Blade; HPE ProLiant XL450 Gen10 Server; HPE ProLiant XL230k Gen10 Server - bad oid
CVE-2012-5220
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.36%
||
7 Day CHG~0.00%
Published-26 Apr, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2003-1375
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.20% / 42.44%
||
7 Day CHG~0.00%
Published-19 Oct, 2007 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2003-0221
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 20.21%
||
7 Day CHG~0.00%
Published-29 Apr, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64n/a
CVE-2002-2363
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.22% / 44.15%
||
7 Day CHG+0.18%
Published-29 Oct, 2007 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-0089
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.28% / 51.01%
||
7 Day CHG~0.00%
Published-18 Nov, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-0061
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 23.25%
||
7 Day CHG~0.00%
Published-15 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-0333
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.21% / 42.78%
||
7 Day CHG~0.00%
Published-23 May, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2002-1406
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.38%
||
7 Day CHG~0.00%
Published-18 Mar, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2002-1618
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 24.13%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxjfsn/a
CVE-2002-1614
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.90% / 74.70%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2002-1616
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.30% / 52.95%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64n/a
CVE-2002-1612
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 23.23%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2000-0702
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.25% / 47.80%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2002-0678
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.43% / 61.68%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

Action-Not Available
Vendor-xi_graphicscompaqn/aThe MITRE Corporation (Caldera)HP Inc.IBM CorporationSun Microsystems (Oracle Corporation)Silicon Graphics, Inc.
Product-tru64dextophp-uxaixsolarisirixunixwaresunosopenunixn/a
CVE-2002-0991
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.86% / 74.05%
||
7 Day CHG~0.00%
Published-31 Aug, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.

Action-Not Available
Vendor-n/aHP Inc.
Product-cifs-9000_servern/a
CVE-2004-2693
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.03% / 8.13%
||
7 Day CHG~0.00%
Published-06 Oct, 2007 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2001-1181
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.28%
||
7 Day CHG~0.00%
Published-15 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found