Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2004-0492

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-23 Jun, 2004 | 04:00
Updated At-08 Aug, 2024 | 00:17
Rejected At-
Credits

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:23 Jun, 2004 | 04:00
Updated At:08 Aug, 2024 | 00:17
Rejected At:
▼CVE Numbering Authority (CNA)

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://marc.info/?l=bugtraq&m=108711172710140&w=2
mailing-list
x_refsource_BUGTRAQ
https://bugzilla.fedora.us/show_bug.cgi?id=1737
vendor-advisory
x_refsource_FEDORA
http://rhn.redhat.com/errata/RHSA-2004-245.html
vendor-advisory
x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=130497311408250&w=2
vendor-advisory
x_refsource_HP
http://www.guninski.com/modproxy1.html
x_refsource_MISC
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
vendor-advisory
x_refsource_SUNALERT
http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
mailing-list
x_refsource_FULLDISC
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
vdb-entry
signature
x_refsource_OVAL
http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
vendor-advisory
x_refsource_MANDRAKE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
vdb-entry
signature
x_refsource_OVAL
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
vendor-advisory
x_refsource_SUNALERT
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
vendor-advisory
x_refsource_SGI
http://www.debian.org/security/2004/dsa-525
vendor-advisory
x_refsource_DEBIAN
http://marc.info/?l=bugtraq&m=130497311408250&w=2
vendor-advisory
x_refsource_HP
http://www.kb.cert.org/vuls/id/541310
third-party-advisory
x_refsource_CERT-VN
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
vendor-advisory
x_refsource_SUNALERT
http://secunia.com/advisories/11841
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
vdb-entry
x_refsource_XF
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
Hyperlink: http://marc.info/?l=bugtraq&m=108711172710140&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: https://bugzilla.fedora.us/show_bug.cgi?id=1737
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://rhn.redhat.com/errata/RHSA-2004-245.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://marc.info/?l=bugtraq&m=130497311408250&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.guninski.com/modproxy1.html
Resource:
x_refsource_MISC
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
Resource:
vendor-advisory
x_refsource_MANDRAKE
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://www.debian.org/security/2004/dsa-525
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://marc.info/?l=bugtraq&m=130497311408250&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.kb.cert.org/vuls/id/541310
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://secunia.com/advisories/11841
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
Resource:
vdb-entry
x_refsource_XF
Hyperlink: https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://marc.info/?l=bugtraq&m=108711172710140&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
https://bugzilla.fedora.us/show_bug.cgi?id=1737
vendor-advisory
x_refsource_FEDORA
x_transferred
http://rhn.redhat.com/errata/RHSA-2004-245.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://marc.info/?l=bugtraq&m=130497311408250&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://www.guninski.com/modproxy1.html
x_refsource_MISC
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
mailing-list
x_refsource_FULLDISC
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
vendor-advisory
x_refsource_MANDRAKE
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
vendor-advisory
x_refsource_SGI
x_transferred
http://www.debian.org/security/2004/dsa-525
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://marc.info/?l=bugtraq&m=130497311408250&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://www.kb.cert.org/vuls/id/541310
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://secunia.com/advisories/11841
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
vdb-entry
x_refsource_XF
x_transferred
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
x_transferred
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
x_transferred
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
x_transferred
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
x_transferred
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
x_transferred
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
x_transferred
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=108711172710140&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: https://bugzilla.fedora.us/show_bug.cgi?id=1737
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2004-245.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=130497311408250&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.guninski.com/modproxy1.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
Resource:
vendor-advisory
x_refsource_MANDRAKE
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://www.debian.org/security/2004/dsa-525
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=130497311408250&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/541310
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://secunia.com/advisories/11841
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:06 Aug, 2004 | 04:00
Updated At:03 Apr, 2025 | 01:03

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
The Apache Software Foundation
apache
>>http_server>>1.3.26
cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*
The Apache Software Foundation
apache
>>http_server>>1.3.27
cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*
The Apache Software Foundation
apache
>>http_server>>1.3.28
cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*
The Apache Software Foundation
apache
>>http_server>>1.3.29
cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*
The Apache Software Foundation
apache
>>http_server>>1.3.31
cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*
HP Inc.
hp
>>virtualvault>>11.0.4
cpe:2.3:a:hp:virtualvault:11.0.4:*:*:*:*:*:*:*
HP Inc.
hp
>>webproxy>>2.0
cpe:2.3:a:hp:webproxy:2.0:*:*:*:*:*:*:*
HP Inc.
hp
>>webproxy>>2.1
cpe:2.3:a:hp:webproxy:2.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>http_server>>1.3.26
cpe:2.3:a:ibm:http_server:1.3.26:*:*:*:*:*:*:*
IBM Corporation
ibm
>>http_server>>1.3.26.1
cpe:2.3:a:ibm:http_server:1.3.26.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>http_server>>1.3.26.2
cpe:2.3:a:ibm:http_server:1.3.26.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>http_server>>1.3.28
cpe:2.3:a:ibm:http_server:1.3.28:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>propack>>2.4
cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*
HP Inc.
hp
>>vvos>>11.04
cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>*
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>3.4
cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>3.5
cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Apache
Last Modified : 2008-07-02T00:00:00

Fixed in Apache HTTP Server 1.3.32: http://httpd.apache.org/security/vulnerabilities_13.html

References
HyperlinkSourceResource
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asccve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=108711172710140&w=2cve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=130497311408250&w=2cve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=130497311408250&w=2cve@mitre.org
N/A
http://rhn.redhat.com/errata/RHSA-2004-245.htmlcve@mitre.org
Patch
Vendor Advisory
http://seclists.org/lists/fulldisclosure/2004/Jun/0296.htmlcve@mitre.org
N/A
http://secunia.com/advisories/11841cve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1cve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1cve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1cve@mitre.org
N/A
http://www.debian.org/security/2004/dsa-525cve@mitre.org
Patch
Vendor Advisory
http://www.guninski.com/modproxy1.htmlcve@mitre.org
N/A
http://www.kb.cert.org/vuls/id/541310cve@mitre.org
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2004:065cve@mitre.org
N/A
https://bugzilla.fedora.us/show_bug.cgi?id=1737cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/16387cve@mitre.org
N/A
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3Ecve@mitre.org
N/A
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3Ecve@mitre.org
N/A
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3Ecve@mitre.org
N/A
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3Ecve@mitre.org
N/A
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3Ecve@mitre.org
N/A
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3Ecve@mitre.org
N/A
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3Ecve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863cve@mitre.org
N/A
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.ascaf854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=108711172710140&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=130497311408250&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=130497311408250&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2004-245.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://seclists.org/lists/fulldisclosure/2004/Jun/0296.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/11841af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2004/dsa-525af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.guninski.com/modproxy1.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kb.cert.org/vuls/id/541310af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2004:065af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.fedora.us/show_bug.cgi?id=1737af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/16387af854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3Eaf854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3Eaf854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3Eaf854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3Eaf854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3Eaf854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3Eaf854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3Eaf854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=108711172710140&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=130497311408250&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=130497311408250&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2004-245.html
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/11841
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2004/dsa-525
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.guninski.com/modproxy1.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/541310
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://bugzilla.fedora.us/show_bug.cgi?id=1737
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=108711172710140&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=130497311408250&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=130497311408250&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2004-245.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/11841
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2004/dsa-525
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.guninski.com/modproxy1.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/541310
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2004:065
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.fedora.us/show_bug.cgi?id=1737
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/16387
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

741Records found
CVE-2017-8954
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2007-1916
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-9.37% / 92.47%
||
7 Day CHG~0.00%
Published-10 Apr, 2007 | 23:00
Updated-07 Aug, 2024 | 13:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Action-Not Available
Vendor-n/aMicrosoft CorporationSAP SEApple Inc.Siemens AGSun Microsystems (Oracle Corporation)IBM CorporationLinux Kernel Organization, IncHP Inc.
Product-os_400windows_serversolarislinux_kernelracfhp-uxtru64reliant_unixmacosrfc_libraryaixn/a
CVE-2020-24652
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-2.83% / 85.66%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:36
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A addvsiinterfaceinfo expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2020-24651
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-2.83% / 85.66%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:36
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A syslogtempletselectwin expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2007-1675
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-46.66% / 97.58%
||
7 Day CHG~0.00%
Published-28 Mar, 2007 | 21:00
Updated-07 Aug, 2024 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service via a long username.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_dominon/a
CVE-2017-8976
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-moonshot_provisioning_manager_applianceMoonshot Provisioning Manager Appliance
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8948
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-10.61% / 92.99%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Bypass Security Restriction vulnerability in HPE Network Node Manager i (NNMi) Software versions v10.0x, v10.1x, v10.2x was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-network_node_manager_iNetwork Node Manager i (NNMi) Software
CVE-2017-8957
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 04:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2007-1093
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-12.59% / 93.71%
||
7 Day CHG~0.00%
Published-26 Feb, 2007 | 17:00
Updated-07 Aug, 2024 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior.

Action-Not Available
Vendor-n/aHP Inc.Sun Microsystems (Oracle Corporation)Hitachi, Ltd.Microsoft Corporation
Product-cm2-network_node_manager_250solarispa-riscjp1-cm2-network_node_manager_starter_250hp-uxjp1-cm2-network_node_managerjp1-cm2-network_node_manager_starterhi_ux_we2ipfilterjp1-cm2-network_node_manager_250cm2-network_node_managerall_windowsn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2003-0575
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.45% / 87.07%
||
7 Day CHG~0.00%
Published-01 Aug, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2017-5821
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-47.52% / 97.62%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CVE-2007-0446
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-63.75% / 98.35%
||
7 Day CHG~0.00%
Published-08 Feb, 2007 | 23:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long server_ip_name field to TCP port 54345, which triggers the overflow in mchan.dll.

Action-Not Available
Vendor-n/aHP Inc.
Product-mercury_performance_center_agentmercury_monitor_over_firewallmercury_loadrunner_agentn/a
CVE-2007-0915
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.15% / 86.37%
||
7 Day CHG~0.00%
Published-14 Feb, 2007 | 02:00
Updated-07 Aug, 2024 | 12:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2007-0980
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.19% / 83.71%
||
7 Day CHG~0.00%
Published-16 Feb, 2007 | 01:00
Updated-07 Aug, 2024 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors.

Action-Not Available
Vendor-n/aSUSEHP Inc.Red Hat, Inc.
Product-suse_united_linuxenterprise_linuxserviceguard_for_linuxsuse_linuxn/a
CVE-2007-1365
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-38.72% / 97.15%
||
7 Day CHG~0.00%
Published-10 Mar, 2007 | 21:00
Updated-07 Aug, 2024 | 12:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CVE-2020-1946
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-2.01% / 82.96%
||
7 Day CHG~0.00%
Published-25 Mar, 2021 | 09:20
Updated-13 Feb, 2025 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache SpamAssassin has an OS Command Injection vulnerability

In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3rd party .cf files from trusted places.

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectThe Apache Software Foundation
Product-debian_linuxspamassassinfedoraApache SpamAssassin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2002-1621
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-26.37% / 96.12%
||
7 Day CHG~0.00%
Published-26 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2015-3113
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-92.58% / 99.73%
||
7 Day CHG~0.00%
Published-23 Jun, 2015 | 21:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-04||The impacted product is end-of-life and should be disconnected if still in use.

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.

Action-Not Available
Vendor-n/aHP Inc.Microsoft CorporationRed Hat, Inc.Adobe Inc.SUSEApple Inc.Linux Kernel Organization, IncopenSUSE
Product-enterprise_linux_serversystems_insight_managersystem_management_homepagelinux_kernellinux_enterprise_workstation_extensionenterprise_linux_eusevergreenlinux_enterprise_desktopflash_playerversion_control_repository_manageropensuseenterprise_linux_desktopinsight_orchestrationwindowsenterprise_linux_workstationversion_control_agentvirtual_connect_enterprise_managermac_os_xn/aFlash Player
CWE ID-CWE-787
Out-of-bounds Write
CVE-2006-6636
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.66% / 81.31%
||
7 Day CHG~0.00%
Published-19 Dec, 2006 | 20:00
Updated-07 Aug, 2024 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Utility Classes for IBM WebSphere Application Server (WAS) before 5.1.1.13 and 6.x before 6.0.2.17 has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CVE-2008-2221
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.01% / 76.25%
||
7 Day CHG~0.00%
Published-14 May, 2008 | 18:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java plugin in IBM WebSphere Application Server 5.0.2 allows untrusted applets to gain privileges via unknown attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CVE-2002-0639
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-30.29% / 96.53%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2014-7876
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-25.21% / 95.98%
||
7 Day CHG~0.00%
Published-31 Mar, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-integrated_lights-out_chassis_management_firmwareintegrated_lights-out_4_firmwareintegrated_lights-out_2_firmwaren/a
CVE-2015-1920
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-18.39% / 94.98%
||
7 Day CHG~0.00%
Published-20 May, 2015 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, and 8.5 before 8.5.5.6 allows remote attackers to execute arbitrary code by sending crafted instructions in a management-port session.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CWE ID-CWE-284
Improper Access Control
CVE-2002-0640
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-61.12% / 98.25%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CVE-2006-6836
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.56% / 67.39%
||
7 Day CHG~0.00%
Published-01 Jan, 2007 | 23:00
Updated-16 Sep, 2024 | 17:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 have unspecified impact and attack vectors, related to ASN.1 parsing.

Action-Not Available
Vendor-n/aIBM Corporation
Product-os_400n/a
CVE-2014-7890
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-30.08% / 96.50%
||
7 Day CHG~0.00%
Published-09 Mar, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSToneIndicator.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2510.

Action-Not Available
Vendor-n/aHP Inc.
Product-pos_keyboard_fk221aapos_keyboard_with_msr_fk218aaole_point_of_sale_drivern/a
CVE-2006-7198
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.09% / 77.10%
||
7 Day CHG~0.00%
Published-30 Apr, 2007 | 22:00
Updated-07 Aug, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 5.1.1.14, and WAS for z/OS 601 before 6.0.2.13, has unknown impact and attack vectors, related to a "Potential security exposure," aka PK26123.

Action-Not Available
Vendor-n/aIBM Corporation
Product-racfwebsphere_application_servern/a
CVE-2015-1938
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-14.34% / 94.16%
||
7 Day CHG~0.00%
Published-30 Jun, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1986.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_storage_manager_fastbackn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2015-1902
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-34.02% / 96.82%
||
7 Day CHG~0.00%
Published-20 May, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSMLA.

Action-Not Available
Vendor-n/aIBM Corporation
Product-dominon/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1896
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-33.88% / 96.81%
||
7 Day CHG~0.00%
Published-25 May, 2015 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 allows remote attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_storage_manager_fastbackn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1986
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-25.03% / 95.96%
||
7 Day CHG~0.00%
Published-30 Jun, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1938.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_storage_manager_fastbackn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2015-1949
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-14.37% / 94.16%
||
7 Day CHG~0.00%
Published-30 Jun, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands with SYSTEM privileges via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_storage_manager_fastbackn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2015-1903
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-34.02% / 96.82%
||
7 Day CHG~0.00%
Published-20 May, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSN3Y.

Action-Not Available
Vendor-n/aIBM Corporation
Product-dominon/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-2113
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-22.82% / 95.67%
||
7 Day CHG~0.00%
Published-14 Apr, 2015 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-t5740et610t5740t820t510t520t620easy_toolst5540n/a
CVE-2015-0135
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-32.38% / 96.69%
||
7 Day CHG~0.00%
Published-21 Apr, 2015 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafted GIF image, aka SPR KLYH9T7NT9.

Action-Not Available
Vendor-n/aIBM Corporation
Product-dominon/a
CVE-2015-0235
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-10||HIGH
EPSS-85.84% / 99.34%
||
7 Day CHG~0.00%
Published-28 Jan, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Action-Not Available
Vendor-n/aGNURed Hat, Inc.The PHP GroupApple Inc.IBM CorporationDebian GNU/LinuxOracle Corporation
Product-communications_eagle_lnp_application_processorcommunications_session_border_controllercommunications_webrtc_session_controllerphpdebian_linuxlinuxvirtualizationcommunications_eagle_application_processorexalogic_infrastructurecommunications_lsmscommunications_application_session_controllervm_virtualboxpureapplication_systemsecurity_access_manager_for_enterprise_single_sign-oncommunications_policy_managementglibcmac_os_xcommunications_user_data_repositoryn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2006-5855
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-65.26% / 98.41%
||
7 Day CHG~0.00%
Published-06 Dec, 2006 | 19:00
Updated-07 Aug, 2024 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_storage_managern/a
CVE-2015-0198
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-1.72% / 81.62%
||
7 Day CHG~0.00%
Published-24 Mar, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-general_parallel_file_systemn/a
CWE ID-CWE-287
Improper Authentication
CVE-2006-5558
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.35% / 86.81%
||
7 Day CHG~0.00%
Published-27 Oct, 2006 | 16:00
Updated-07 Aug, 2024 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2015-0134
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-24.11% / 95.85%
||
7 Day CHG+4.86%
Published-06 Apr, 2015 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before 8.5.1 FP5 IF3, 8.5.2 before FP4 IF3, 8.5.3 before FP6 IF6, 9.0 before IF7, and 9.0.1 before FP2 IF3 allows remote attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-dominon/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-0117
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-17.51% / 94.82%
||
7 Day CHG+3.83%
Published-06 Apr, 2015 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The LDAP Server in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, aka SPR KLYH9SLRGM.

Action-Not Available
Vendor-n/aIBM Corporation
Product-dominon/a
CVE-2006-6136
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.21% / 78.19%
||
7 Day CHG~0.00%
Published-28 Nov, 2006 | 02:00
Updated-07 Aug, 2024 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CVE-2006-5323
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.66% / 70.01%
||
7 Day CHG~0.00%
Published-17 Oct, 2006 | 17:00
Updated-07 Aug, 2024 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a "possible security exposure," aka PK29360.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CVE-2017-8947
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-66.25% / 98.46%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE UCMDB version v10.10, v10.11, v10.20, v10.21, v10.22, v10.30, v10.31 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-ucmdb_configuration_managerUCMDB
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2017-8981
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-17.05% / 94.73%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2014-7888
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-30.08% / 96.50%
||
7 Day CHG~0.00%
Published-09 Mar, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMICR.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2512.

Action-Not Available
Vendor-n/aHP Inc.
Product-ole_point_of_sale_driverpusb_thermal_receipt_printer_fk224aahybrid_pos_printer_with_micr_us_fk184aavalue_serial\/usb_receipt_printer_f7m66aaserialusb_thermal_receipt_printer_bm476aapusb_thermal_receipt_printer_f7m67aan/a
CVE-2014-7893
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-30.08% / 96.50%
||
7 Day CHG~0.00%
Published-09 Mar, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCheckScanner.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2507.

Action-Not Available
Vendor-n/aHP Inc.
Product-ole_point_of_sale_driverpusb_thermal_receipt_printer_fk224aahybrid_pos_printer_with_micr_us_fk184aavalue_serial\/usb_receipt_printer_f7m66aaserialusb_thermal_receipt_printer_bm476aapusb_thermal_receipt_printer_f7m67aan/a
CVE-2017-5638
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-94.27% / 99.93%
||
7 Day CHG~0.00%
Published-11 Mar, 2017 | 02:11
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

Action-Not Available
Vendor-NetApp, Inc.HP Inc.Lenovo Group LimitedAruba NetworksIBM CorporationThe Apache Software FoundationOracle Corporation
Product-strutsstorwize_v7000storage_v5030weblogic_serverstorwize_v3500_firmwareclearpass_policy_manageroncommand_balancestorage_v5030_firmwarestorwize_v7000_firmwarestorwize_v5000storwize_v3500storwize_v5000_firmwareserver_automationApache StrutsStruts
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2014-7892
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-28.81% / 96.38%
||
7 Day CHG~0.00%
Published-09 Mar, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMSR.ocx for Mini MSR magnetic stripe readers, Retail Integrated Dual-Head MSR magnetic stripe readers, Integrated Single Head MSR w/o SRED magnetic stripe readers, Integrated Single Head w/o MSR SRED magnetic stripe readers, RP7 Single Head MSR w/o SRED magnetic stripe readers, POS keyboards, and POS keyboards with MSR, aka ZDI-CAN-2508.

Action-Not Available
Vendor-n/aHP Inc.
Product-integrated_single_head_msr_w\/o_sred_j1a33aaole_point_of_sale_driverintegrated_single_head_w\/o_msr_sred_j1a34aaretail_integrated_dual-head_msr_qz673aamini_msr_fk186aarp7_single_head_msr_w\/o_sred_k1k15aapos_keyboard_fk221aapos_keyboard_with_msr_fk218aan/a
CVE-2014-7889
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-28.81% / 96.38%
||
7 Day CHG~0.00%
Published-09 Mar, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSLineDisplay.ocx for Retail RP7 VFD Customer Display monitors, Retail Integrated 2x20 Display monitors, Retail Integrated 2x20 Complex monitors, POS Pole Display monitors, Graphical POS Pole Display monitors, and LCD Pole Display monitors, aka ZDI-CAN-2511.

Action-Not Available
Vendor-n/aHP Inc.
Product-pos_pole_display_fk225aalcd_pole_display_f7a93aaole_point_of_sale_driverretail_rp7_vfd_customer_display_qz701aaretail_integrated_2x20_complex_g7g29aaretail_integrated_2x20_display_g6u79aagraphical_pos_pole_display_qz704aan/a
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 14
  • 15
  • Next
Details not found