Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-5452

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-23 Oct, 2006 | 17:00
Updated At-07 Aug, 2024 | 19:48
Rejected At-
Credits

Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:23 Oct, 2006 | 17:00
Updated At:07 Aug, 2024 | 19:48
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175
vdb-entry
signature
x_refsource_OVAL
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
vendor-advisory
x_refsource_HP
http://securitytracker.com/id?1017083
vdb-entry
x_refsource_SECTRACK
http://www.securityfocus.com/bid/20580
vdb-entry
x_refsource_BID
http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt
x_refsource_MISC
http://securitytracker.com/id?1017098
vdb-entry
x_refsource_SECTRACK
http://securitytracker.com/id?1017099
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/22528
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/4140
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/22451
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/4139
vdb-entry
x_refsource_VUPEN
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
vendor-advisory
x_refsource_HP
https://exchange.xforce.ibmcloud.com/vulnerabilities/29644
vdb-entry
x_refsource_XF
http://www.securityfocus.com/archive/1/449321/100/0/threaded
vendor-advisory
x_refsource_HP
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://securitytracker.com/id?1017083
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.securityfocus.com/bid/20580
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt
Resource:
x_refsource_MISC
Hyperlink: http://securitytracker.com/id?1017098
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://securitytracker.com/id?1017099
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/22528
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/4140
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/22451
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/4139
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/29644
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.securityfocus.com/archive/1/449321/100/0/threaded
Resource:
vendor-advisory
x_refsource_HP
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
vendor-advisory
x_refsource_HP
x_transferred
http://securitytracker.com/id?1017083
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.securityfocus.com/bid/20580
vdb-entry
x_refsource_BID
x_transferred
http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt
x_refsource_MISC
x_transferred
http://securitytracker.com/id?1017098
vdb-entry
x_refsource_SECTRACK
x_transferred
http://securitytracker.com/id?1017099
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/22528
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2006/4140
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/22451
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2006/4139
vdb-entry
x_refsource_VUPEN
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
vendor-advisory
x_refsource_HP
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/29644
vdb-entry
x_refsource_XF
x_transferred
http://www.securityfocus.com/archive/1/449321/100/0/threaded
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://securitytracker.com/id?1017083
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.securityfocus.com/bid/20580
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://securitytracker.com/id?1017098
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://securitytracker.com/id?1017099
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/22528
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/4140
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/22451
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/4139
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/29644
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/449321/100/0/threaded
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:23 Oct, 2006 | 17:07
Updated At:17 Oct, 2018 | 21:42

Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
HP Inc.
hp
>>hp-ux>>11.00
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.4
cpe:2.3:o:hp:hp-ux:11.4:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.11
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.22
cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>11.23
cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*
HP Inc.
hp
>>tru64>>4.0f
cpe:2.3:o:hp:tru64:4.0f:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>4.0f
cpe:2.3:o:hp:tru64:4.0f:pk8:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>4.0g
cpe:2.3:o:hp:tru64:4.0g:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>4.0g
cpe:2.3:o:hp:tru64:4.0g:pk4:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.0a
cpe:2.3:o:hp:tru64:5.0a:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.1
cpe:2.3:o:hp:tru64:5.1:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.1a
cpe:2.3:o:hp:tru64:5.1a:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.1a
cpe:2.3:o:hp:tru64:5.1a:pk6:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.1af
cpe:2.3:o:hp:tru64:5.1af:*:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.1b
cpe:2.3:o:hp:tru64:5.1b:pk1:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.1b2
cpe:2.3:o:hp:tru64:5.1b2:pk4:*:*:*:*:*:*
HP Inc.
hp
>>tru64>>5.1b3
cpe:2.3:o:hp:tru64:5.1b3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091cve@mitre.org
N/A
http://secunia.com/advisories/22451cve@mitre.org
N/A
http://secunia.com/advisories/22528cve@mitre.org
N/A
http://securitytracker.com/id?1017083cve@mitre.org
N/A
http://securitytracker.com/id?1017098cve@mitre.org
Patch
http://securitytracker.com/id?1017099cve@mitre.org
Patch
http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txtcve@mitre.org
Vendor Advisory
http://www.securityfocus.com/archive/1/449321/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/20580cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/4139cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/4140cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/29644cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175cve@mitre.org
N/A
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/22451
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/22528
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securitytracker.com/id?1017083
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securitytracker.com/id?1017098
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://securitytracker.com/id?1017099
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txt
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/449321/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/20580
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/4139
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/4140
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/29644
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5175
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

0Records found
CVE-2015-5442
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.64%
||
7 Day CHG~0.00%
Published-29 Sep, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-software_updaten/a
CVE-2007-2275
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 28.26%
||
7 Day CHG~0.00%
Published-25 Apr, 2007 | 20:00
Updated-07 Aug, 2024 | 13:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP StorageWorks Command View Advanced Edition for XP before 5.6.0-01, XP Replication Monitor before 5.6.0-01, and XP Tiered Storage Manager before 5.5.0-02 allows local users to access other accounts via unspecified vectors during registration or addition of new users.

Action-Not Available
Vendor-n/aHP Inc.
Product-storageworks_tiered_storage_managerstorageworks_replication_monitorstorageworks_command_viewn/a
CVE-2000-0730
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.71%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0688
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.12% / 32.09%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0447
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.12% / 30.93%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local users can gain privileges using the debug utility in the MPE/iX operating system.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpe_ixn/a
CVE-1999-0326
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.12% / 30.96%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in HP-UX mediainit program.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0308
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.13% / 33.26%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP-UX gwind program allows users to modify arbitrary files.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2015-5426
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 29.05%
||
7 Day CHG~0.00%
Published-16 Sep, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP LoadRunner Controller before 12.50 allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2756.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnern/a
CVE-2002-1473
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-17.34% / 94.79%
||
7 Day CHG~0.00%
Published-18 Mar, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2019-18912
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.87%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 14:55
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified for certain HP printers and MFPs with Troy solutions. For affected printers with FutureSmart Firmware bundle version 4.9 or 4.9.0.1 the potential vulnerability may cause instability in the solution.

Action-Not Available
Vendor-n/aHP Inc.
Product-laserjet_enterprise_m607_k0q15alaserjet_enterprise_mfp_m527_f2a77alaserjet_enterprise_m609_k0q20alaserjet_enterprise_m507_1pv87alaserjet_enterprise_m806_cz245alaserjet_enterprise_m609_k0q22alaserjet_enterprise_m608_k0q19alaserjet_enterprise_m507_1pv89alaserjet_enterprise_m607_k0q14alaserjet_enterprise_m806_cz244alaserjet_enterprise_mfp_m528_1pv64alaserjet_enterprise_mfp_m528_1pv65alaserjet_enterprise_mfp_m527_f2a76alaserjet_enterprise_mfp_m527_f2a81alaserjet_enterprise_flow_mfp_m527_f2a78vfuturesmart_4laserjet_enterprise_mfp_m528_1pv67alaserjet_enterprise_m608_k0q18alaserjet_enterprise_flow_mfp_m527_f2a79alaserjet_enterprise_flow_mfp_m527_f2a80alaserjet_enterprise_m609_k0q21alaserjet_enterprise_m507_1pv86alaserjet_enterprise_m608_k0q17aHP LaserJet Enterprise Printers
CVE-2019-18916
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.26%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 13:58
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified for HP LaserJet Solution Software (for certain HP LaserJet Printers) which may lead to unauthorized elevation of privilege on the client.

Action-Not Available
Vendor-n/aHP Inc.
Product-color_laserjet_pro_mfp_m277_b3q11acolor_laserjet_pro_mfp_m277_b3q17a_firmwarecolor_laserjet_pro_mfp_m277_b3q11a_firmwarecolor_laserjet_pro_mfp_m277_b3q10a_firmwarecolor_laserjet_pro_mfp_m277_b3q11vcolor_laserjet_pro_mfp_m277_b3q11v_firmwarecolor_laserjet_pro_mfp_m277_b3q17acolor_laserjet_pro_mfp_m277_b3q10v_firmwarecolor_laserjet_pro_mfp_m277_b3q10acolor_laserjet_pro_mfp_m277_b3q10vHP Color LaserJet Pro MFP M277 printers
CWE ID-CWE-269
Improper Privilege Management
CVE-2002-1608
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.15% / 36.10%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2019-18619
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.36%
||
7 Day CHG~0.00%
Published-22 Jul, 2020 | 13:15
Updated-05 Aug, 2024 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to execute arbitrary code in the enclave (that can compromise confidentiality of enclave data) via APIs that accept invalid pointers.

Action-Not Available
Vendor-synapticsn/aHP Inc.Lenovo Group Limited
Product-thinkpad_t480_firmwarethinkpad_t470_\(20hx\)thinkpad_p50_firmwarethinkpad_x1_carbon_firmwareenvy_x360_-_15t-dr100_firmwarethinkpad_25thinkpad_e580_firmwarethinkpad_e490thinkpad_e590_firmwareenvy_17m-bw0xxx_firmwareenvy_13-aq0xxxenvy_17-bw0xxx_firmwarethinkpad_t490thinkpad_t470s_\(20jx\)_firmwarethinkpad_t570\(20jx\)_firmwarethinkpad_x280_firmwarethinkpad_p73_firmwarethinkpad_t590thinkpad_p53envy_15-dr0xxx_x360envy_15m-dr0xxx_x360_\(validity_fps\)thinkpad_p72_firmwarethinkpad_x1_tabletenvy_-_17t-ce000_firmwarethinkpad_p52thinkpad_l480thinkpad_p70thinkpad_x1_carbon_\(20hx\)thinkpad_x390_firmwarethinkpad_r490_firmwareenvy_x360_-_15t-dr100_\(validity_fps\)pavilion_x360_-_14t-cd000_firmwarethinkpad_t570_\(20hx\)_firmwarethinkpad_x270envy_15-dr1xxx_x360_\(validity_fps\)envy_x360_-_15t-dr100thankpad_a485_firmwarethinkpad_t460penvy_13-aq1xxxthinkpad_p1envy_-_17t-ce100thinkpad_l580_firmwareenvy_-_17t-bw000envy_15-dr0xxx_x360_\(validity_fps\)pavilion_x360_14t-dh000thinkpad_x1_tablet_firmwarespectre_x360_firmwarethinkpad_x280thinkpad_x390envy_17-ce0xxx_firmwarepavilion_14-cd2xxx_x360pavilion_x360_14t-dh000_firmwarethinkpad_yoga_370envy_-_13t-ah100_firmwareenvy_17m-bw0xxxthinkpad_s3_firmwareenvy_13-ah0xxx_firmwareenvy_x360_-_15t-cn000_firmwarethinkpad_p71_\(20hx\)_firmwarethinkpad_t470s_\(20hx\)thinkpad_t490_firmwarethinkpad_x390_yoga_firmwareenvy_x360_-_15t-dr000thinkpad_r590_firmwareenvy_15-cn1xxx_x360thinkpad_t580thinkpad_t590_firmwarethinkpad_x1_yoga_firmwarethinkpad_t570\(20jx\)thinkpad_x1_extremethinkpad_x1_yogathinkpad_e485_firmwareenvy_x360_-_15t-cn000envy_13-ah1xxx_firmwarepavilion_14-cd1xxx_x360thinkpad_x1_carbonthinkpad_p1_gen_2_firmwarethinkpad_t460p_firmwarethinkpad_p51s_\(20kx\)pavilion_15thinkpad_p52s_firmwarethinkpad_r490envy_15-dr1xxx_x360_firmwarethinkpad_p51s_\(20hx\)envy_15-cn0xxx_x360_firmwareenvy_-_13t-aq100envy_13-aq0xxx_firmwareenvy_13-ah0xxxthinkpad_a275_firmwarethinkpad_e585pavilion_14m-dh0xxx_x360pavilion_15_firmwarethinkpad_x1_carbon_\(20kx\)envy_17m-ce1xxx_firmwareenvy_17-ce1xxxthinkpad_e590thinkpad_x1_yoga_3rd_genthinkpad_x380_yoga_firmwareenvy_15m-dr1xxx_x360_\(validity_fps\)envy_-_17t-bw000_firmwarepavilion_14-cd1xxx_x360_firmwarethinkpad_e490sthinkpad_t470_\(20jx\)thinkpad_p1_firmwarethinkpad_p51s_\(20jx\)envy_x360_-_15t-dr100_\(validity_fps\)_firmwarethinkpad_x1_carbon_\(20kx\)_firmwarethinkpad_x1_yoga_4th_genpavilion_14-cd2xxx_x360_firmwarethinkpad_t570_\(20hx\)thinkpad_p52_firmwarepavilion_x360_-_14t-cd000thinkpad_t470s_\(20hx\)_firmwareenvy_15-dr1xxx_x360_\(validity_fps\)_firmwarethinkpad_t470_\(20hx\)_firmwarethinkpad_t580_firmwarethinkpad_a275thinkpad_e485thinkpad_x380_yogathinkpad_l480_firmwarethinkpad_yoga_s1_firmwarethinkpad_p53sthinkpad_t480sthankpad_a485envy_15m-dr0xxx_x360thinkpad_p71_\(20hx\)envy_x360_-_15t-dr000_\(validity_fps\)_firmwarethinkpad_x1_extreme_2nd_firmwarethinkpad_p51_firmwarevfs75xxthinkpad_t460spavilion_x360_-_15t-dq000_firmwarethinkpad_x390_yogaenvy_13-aq1xxx_firmwarethinkpad_t25_\(20k7\)_firmwarepavilion_x360_-_15t-dq000pavilion_14-dh0xxx_x360pavilion_x360_14t-cd100_firmwareenvy_-_13t-aq100_firmwarepavilion_14m-dh0xxx_x360_firmwarethinkpad_p43sthinkpad_x1_yoga_4th_gen_firmwarethinkpad_x1_extreme_firmwarethinkpad_x1_yoga_3rd_gen_firmwareenvy_15m-cn0xxx_x360_firmwarepavilion_14m-cd0xxx_x360thinkpad_p51s_\(20kx\)_firmwarethankpad_a475_firmwarethinkpad_t490s_firmwarethinkpad_p51s_\(20hx\)_firmwarepavilion_x360_-_15t-dq100pavilion_14m-cd0xxx_x360_firmwarethinkpad_25_firmwarepavilion_14-dh0xxx_x360_firmwarespectre_x360thinkpad_l580thinkpad_p50thinkpad_r590envy_15-dr0xxx_x360_firmwarethinkpad_e580envy_17-bw0xxxenvy_15m-dr1xxx_x360_firmwareenvy_17-ce0xxxenvy_13-ah1xxxpavilion_x360_-_15t-dq100_firmwareenvy_15-dr0xxx_x360_\(validity_fps\)_firmwarethinkpad_x1_tablet_\(20jx\)thinkpad_e490s_firmwareenvy_15m-dr0xxx_x360_firmwarethinkpad_x1_yoga_\(20jx\)thinkpad_p1_gen_2envy_15-dr1xxx_x360thinkpad_t470p_firmwarethinkpad_e480_firmwareenvy_15m-dr1xxx_x360envy_17m-ce1xxxthinkpad_e490_firmwarethinkpad_p70_firmwarethinkpad_s1_3rd_firmwarethinkpad_t460s_firmwareenvy_x360_-_15t-dr000_\(validity_fps\)thinkpad_x1_tablet_\(20jx\)_firmwareenvy_17m-ce0xxx_firmwarethinkpad_p53_firmwarepavilion_x360_14t-cd100thinkpad_x270_firmwareenvy_-_17t-ce100_firmwarethankpad_a475thinkpad_t25_\(20k7\)envy_15m-cn0xxx_x360envy_x360_-_15t-dr000_firmwarevfs75xx_firmwareenvy_15-cn1xxx_x360_firmwarethinkpad_s1_3rdenvy_17-ce1xxx_firmwarethinkpad_e480thinkpad_t480s_firmwarethinkpad_p51thinkpad_yoga_260thinkpad_s3envy_15-cn0xxx_x360thinkpad_t470_\(20jx\)_firmwarethinkpad_e585_firmwarethinkpad_t490sthinkpad_p73thinkpad_p72envy_17m-ce0xxxthinkpad_t470pthinkpad_x1_yoga_\(20jx\)_firmwarethinkpad_yoga_260_firmwarethinkpad_yoga_s1envy_15m-dr0xxx_x360_\(validity_fps\)_firmwarethinkpad_t470s_\(20jx\)thinkpad_yoga_370_firmwareenvy_15m-dr1xxx_x360_\(validity_fps\)_firmwarethinkpad_p53s_firmwareenvy_-_17t-ce000thinkpad_p51s_\(20jx\)_firmwarethinkpad_t480envy_-_13t-ah100thinkpad_x1_extreme_2ndthinkpad_p52sthinkpad_p43s_firmwarethinkpad_x1_carbon_\(20hx\)_firmwaren/a
CWE ID-CWE-763
Release of Invalid Pointer or Reference
CVE-2019-18910
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.88% / 74.41%
||
7 Day CHG~0.00%
Published-22 Nov, 2019 | 21:23
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.

Action-Not Available
Vendor-HPHP Inc.
Product-thinproThinPro Linux
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2000-0755
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.71%
||
7 Day CHG~0.00%
Published-21 Sep, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2015-3318
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.06% / 18.31%
||
7 Day CHG~0.00%
Published-17 Jun, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aCA Technologies (Broadcom Inc.)Linux Kernel Organization, IncIBM CorporationOracle CorporationHP Inc.
Product-universal_job_management_agentnsm_job_management_optionsolarislinux_kernelclient_automationhp-uxnetwork_and_systems_managementvirtual_assurance_for_infrastructure_managersworkload_automation_aeaixn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-16286
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.24% / 47.25%
||
7 Day CHG~0.00%
Published-22 Nov, 2019 | 21:49
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.

Action-Not Available
Vendor-HPHP Inc.
Product-thinpro_linuxThinPro Linux
CWE ID-CWE-287
Improper Authentication
CVE-1999-1238
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.05% / 15.97%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2015-3317
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.06% / 18.31%
||
7 Day CHG~0.00%
Published-17 Jun, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aCA Technologies (Broadcom Inc.)Linux Kernel Organization, IncIBM CorporationOracle CorporationHP Inc.
Product-universal_job_management_agentnsm_job_management_optionsolarislinux_kernelclient_automationhp-uxnetwork_and_systems_managementvirtual_assurance_for_infrastructure_managersworkload_automation_aeaixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2002-1611
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.14% / 33.90%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2015-3316
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 21.31%
||
7 Day CHG~0.00%
Published-17 Jun, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.

Action-Not Available
Vendor-n/aCA Technologies (Broadcom Inc.)Linux Kernel Organization, IncBroadcom Inc.IBM CorporationOracle CorporationHP Inc.
Product-universal_job_management_agentnsm_job_management_optionsolarislinux_kernelclient_automationhp-uxnetwork_and_systems_managementvirtual_assurance_for_infrastructure_managersworkload_automation_aeaixn/a
CVE-2007-0394
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 27.13%
||
7 Day CHG~0.00%
Published-19 Jan, 2007 | 23:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2021-3440
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.87%
||
7 Day CHG~0.00%
Published-01 Nov, 2021 | 13:14
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Print and Scan Doctor, an application within the HP Smart App for Windows, is potentially vulnerable to local elevation of privilege.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp_smartHP Print and Scan Doctor, an application within the HP Smart App for Windows
CVE-2021-3438
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-1.68% / 81.40%
||
7 Day CHG~0.00%
Published-20 May, 2021 | 13:32
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege.

Action-Not Available
Vendor-n/aSamsungHP Inc.
Product-proxpress_sl-c3060_ss211alaserjet_mfp_m438_8af44aproxpress_sl-c3010_ss210jxpress_sl-m2826_ss344aproxpress_sl-m3870_ss377aproxpress_sl-m4020_ss383yxpress_sl-m2621_ss325asf-760_ss199aproxpress_sl-m3375fd_ss368fmultixpress_sl-m5360_ss403ascx-5637_ss182ascx-4833_ss181axpress_sl-m2885_ss359aclx-3305_ss095aml-5510_ss152acolor_laser_mfp_170_4zb96alaser_mfp_130_4zb90ascx-5737_sw045axpress_sl-m2020_ss272acolor_laser_mfp_170_6hu08aproxpress_sl-c4010_ss216sxpress_sl-m2625_ss326alaserjet_mfp_m443_8af72axpress_sl-m2825_ss342axpress_sl-m2676_ss337axpress_sl-m2875_ss353ascx-3405_sv943ascx-3405_sw314aproxpress_sl-m3375fd_ss369cxpress_sl-c480_ss255ascx-3401_ss158aproxpress_sl-m3820_ss372csf-760_ss196ascx-4650_sb983acolor_laser_mfp_170_6hu09aml-3750_ss138alaser_100_4zb81axpress_sl-c1860_ss205axpress_sl-m2070_ss297amultixpress_clx-9301_ss007axpress_sl-m2875_ss352aml-5510_sv897aproxpress_sl-c3060_ss213fmultixpress_clx-9301_sw179aproxpress_sl-m4075_ss394aproxpress_sl-c4010_ss216bml-6510_ss154amultixpress_sl-x7500_ss055alaser_mfp_130_4zb84aproxpress_sl-c3010_ss210flaserjet_mfp_m440_8af46alaser_408_7uq75alaser_mfp_130_4zb91aproxpress_sl-m4580_ss402aproxpress_sl-c4010_ss216fproxpress_sl-c4010_ss216kclp-365_ss066aproxpress_sl-m3375fd_ss369dproxpress_sl-c4010_ss216vproxpress_sl-m3875_ss382amultixpress_scx-8128_ss018amultixpress_sl-k7500_ss040aclx-3305_ss096asf-760_ss197ascx-3401_ss157aproxpress_sl-m3325_ss367aml-6510_sv901aproxpress_sl-m4024_ss385axpress_sl-m2676_ss338ascx-3401_sv393aclp-680_ss075axpress_sl-c480_ss254aproxpress_sl-c3060_ss213dmultixpress_sl-k7500_ss039axpress_sl-m2880_ss358aproxpress_sl-m3820_ss373wproxpress_sl-c3060_ss211lclp-775_ss079aproxpress_sl-c4010_ss216eproxpress_sl-c3060_ss213gxpress_sl-m2820_ss339aproxpress_sl-m3370_ss378ascx-3400_sv938alaserjet_mfp_m42625_8af52axpress_sl-m2675_sw112aproxpress_sl-c4060_ss218alaser_mfp_130_4zb82amultixpress_sl-k7600_ss042aproxpress_sl-m4530_ss398dproxpress_sl-m4025_ss387aml-5017_ss148aclx-3300_ss088aproxpress_sl-c3010_ss210hscx-4021_ss165aproxpress_sl-c4012_ss217aproxpress_sl-m3321_ss366aproxpress_sl-c4010_ss216pproxpress_sl-m3320nd_ss365amultixpress_sl-x4300_ss049axpress_sl-m2620_ss324aproxpress_sl-c4010_ss216dscx-4521_ss168aproxpress_sl-m3820_ss373dproxpress_sl-c3010_ss210aproxpress_sl-c3010_ss210gproxpress_sl-c3060_ss211nproxpress_sl-m3820_ss373sproxpress_sl-m4072_ss391acolor_laser_150_4zb95aclp-680_ss076aclx-3305_ss094aproxpress_sl-m3820_ss371bsf-760_ss195amultixpress_sl-x7600_ss058aproxpress_sl-m4070_ss390cmultixpress_scx-8230_ss021aproxpress_sl-m3820_ss373uscx-5639_st676alaser_100_4zb79ascx-3405_ss162aproxpress_sl-c3010_ss201claserjet_mfp_m42523_7ab26axpress_sl-m2620_ss322alaser_mfp_432_7uq76amultixpress_scx-8128_ss020axpress_sl-m2625_ss327aproxpress_sl-m4025_ss386alaserjet_mfp_m442_8af71axpress_sl-m2821_ss341aproxpress_sl-m4020_ss383cproxpress_sl-m3820_ss373qlaserjet_mfp_m438_8af45axpress_sl-m2675_ss336aproxpress_sl-m3820_ss373lxpress_sl-m2876_ss355axpress_sl-m2070_ss294aproxpress_sl-m3825_ss375aproxpress_sl-m4070_ss389jlaser_mfp_130_4zb87amultixpress_sl-x4220_ss047aclx-6260_ss105aproxpress_sl-c4062_ss219alaserjet_mfp_m72625-m72630_2zn50aproxpress_sl-m4075_ss393aproxpress_sl-m3875_ss380amultixpress_sl-x7600_ss059aproxpress_sl-c3060_ss211eproxpress_sl-m3820_ss373mproxpress_sl-c3060_ss211pml-6510_sv899cmultixpress_sl-k7400_ss038ascx-3405_sw313ascx-5737_ss183axpress_sl-m2871_ss350amultixpress_sl-x7500_ss056aml-5015_ss147axpress_sl-m2875_ss354aclp-775_ss078aproxpress_sl-m3820_ss373jproxpress_sl-c4010_ss216jproxpress_sl-m3375fd_ss369elaserjet_mfp_m436_w7u01amultixpress_scx-8240_ss022alaser_mfp_130_6hu10amultixpress_sl-m4370_ss396axpress_sl-m2825_ss343ascx-3400_ss155ascx-4521_sv968aclx-6260_ss106axpress_sl-m2626_ss328ascx-4521_sv967aproxpress_sl-m3870_ss378ascx-5635_sw041amultixpress_clx-9301_sw152ascx-4655_ss174aproxpress_sl-m3820_ss373tproxpress_sl-c3060_ss211qproxpress_sl-c3060_ss211dproxpress_sl-m4530_ss397escx-4650_ss171ascx-3406_ss164alaser_mfp_130_4zb85axpress_sl-m2671_ss333axpress_sl-m2620_ss323amultixpress_sl-k4250_ss030ascx-4655_sv989amultixpress_sl-x4250_ss048aproxpress_sl-c3010_ss210kxpress_sl-m2870_ss349aproxpress_sl-m4560_ss400aproxpress_sl-c3010_ss210eproxpress_sl-c3010_ss210mproxpress_sl-c4010_ss216claserjet_mfp_m437_7zb19aproxpress_sl-m3820_ss373gproxpress_sl-c3060_ss211mlaser_mfp_130_4zb83aproxpress_sl-c3060_ss211gproxpress_sl-c3060_ss211cxpress_sl-m2070_ss295axpress_sl-m2070_ss298aproxpress_sl-c3060_s221bxpress_sl-m2070_ss293aproxpress_sl-m3820_ss373fproxpress_sl-c3060_ss213axpress_sl-c430_ss229aclp-560_sv611ascx-3400_ss156aclp-560_sv612alaser_mfp_130_4zb86ascx-4835_sw020ascx-3405_ss161axpress_sl-c480_ss257amultixpress_sl-k4300_ss032amultixpress_sl-m5370_sw121alaserjet_mfp_m42625_8af50aproxpress_sl-m4080_ss395amultixpress_clx-9251_sv719aproxpress_sl-m3820_ss373aclp-360_ss062amultixpress_sl-m4370_sw117aproxpress_sl-c3060_ss211hscx-3405_ss159acolor_laser_150_4zb94aproxpress_sl-m3820_ss373nproxpress_sl-c3060_ss211flaser_mfp_130_5ue15alaserjet_mfp_m433_1vr14aclp-366_ss068aclx-3305_ss093ascx-3405_ss163aproxpress_sl-m4560_ss399aproxpress_sl-m3375fd_ss369bproxpress_sl-m4020_ss383kproxpress_sl-m3820_ss371aproxpress_sl-m3875_ss381aclp-368_sv601aproxpress_sl-m3820_ss371dlaserjet_mfp_m439_7zb22ascx-4833_sw019aclx-6260_ss108aproxpress_sl-m3820_ss373pml-6510_sv900aproxpress_sl-c4010_ss216hml-5010_ss145amultixpress_sl-m5370_ss404aclp-365_sw139ascx-4521_sv530ascx-5637_sw043amultixpress_sl-k4250_ss031aml-4510_ss141aproxpress_sl-m3820_ss373vproxpress_sl-m4020_4pt87amultixpress_clx-9251_ss005ascx-5635_sw093axpress_sl-m2876_ss357ascx-5635_sw040amultixpress_sl-k3250_ss027eproxpress_sl-c3010_ss210plaserjet_mfp_m440_8af48ascx-4835_sw021aproxpress_sl-m4030_ss388aproxpress_sl-c3010_ss209alaser_100_4zb80aproxpress_sl-c3060_ss213hproxpress_sl-c4010_ss216qxpress_sl-m2820_ss340ascx-3406_sw127axpress_sl-m2676_sw113alaserjet_mfp_m42523_7zb72aml-5012_ss146aproxpress_sl-c3060_ss213blaserjet_mfp_m437_7zb20amultixpress_sl-k2200_ss025axpress_sl-m2835_ss346axpress_sl-m2670_ss331amultixpress_sl-k3300_ss028aproxpress_sl-c4010_ss216mmultixpress_sl-x7400_ss054alaserjet_mfp_m439_7zb23aproxpress_sl-m3820_ss373hproxpress_sl-m3820_ss373zxpress_sl-m2626_ss329ascx-4650_ss172axpress_sl-m2671_ss332aproxpress_sl-c4010_ss216zproxpress_sl-m3825_ss376aproxpress_sl-m3820_ss373bml-6510_ss153amultixpress_sl-x3280_ss044ascx-5737_sw046aclx-6260_ss107aproxpress_sl-c3060_ss211jlaserjet_mfp_m439_7zb24alaserjet_mfp_m436_w7u02ascx-4521_sw129aclx-3300_sv677alaserjet_mfp_m440_8af47aproxpress_sl-c4010_ss215acolor_laser_mfp_170_4zb97aproxpress_sl-c3060_ss211kmultixpress_sl-k2200_ss024aclx-6260_sw177alaser_mfp_130_4zb88aml-5510_sv898aproxpress_sl-m3820_ss373cxpress_sl-m2876_ss356amultixpress_sl-x3220nr_ss043eclp-366_sv600alaser_mfp_130_6hu11axpress_sl-c480_ss256amultixpress_scx-8128_sw172ascx-4655_sv988alaserjet_mfp_m42523_7zb25ascx-3406_sv946ascx-4521_ss167axpress_sl-m2670_ss330aproxpress_sl-m3375fd_ss369amultixpress_scx-8128_ss019aproxpress_sl-c4010_ss216nproxpress_sl-c4010_ss216gproxpress_sl-m3820_ss373eproxpress_sl-m4020_ss383xproxpress_sl-m4075_ss392aproxpress_sl-c4010_ss216llaserjet_mfp_m436_2ky38ascx-3405_ss160axpress_sl-m2070_ss296aproxpress_sl-c4010_ss216uproxpress_sl-m3825_ss374alaserjet_mfp_m42625_8af49alaser_mfp_130_4zb93aproxpress_sl-m3820_ss371cmultixpress_sl-x7400_ss053asf-760_ss198aclp-365_ss067alaser_100_5ue14axpress_sl-m2675_ss335alaser_mfp_130_9vv52aproxpress_sl-m4020_4pt7blaser_mfp_130_6hu12amultixpress_sl-k7400_ss037aproxpress_sl-c3060_ss213cmultixpress_scx-8240_st717alaser_mfp_130_4zb92aproxpress_sl-m3820_ss373kscx-4833_ss180axpress_sl-c430_ss230ascx-4521_sv966aproxpress_sl-m3875_ss379alaser_mfp_130_4zb89alaserjet_mfp_m42625_8af51aproxpress_sl-m4020_ss383lproxpress_sl-m3820_ss375bproxpress_sl-c3010_ss210lmultixpress_sl-k7600_ss041aml-4512_ss142axpress_sl-m2675_ss334aml-5510_ss151amultixpress_scx-8240_sw185alaserjet_mfp_m437_7zb21ascx-3406_sv298aproxpress_sl-c4010_ss216tproxpress_sl-c3010_ss210bxpress_sl-m3015_ss360axpress_sl-m2870_ss348alaser_100_209u7aml-5510_ss150alaserjet_mfp_m438_8af43alaserjet_mfp_m72625-m72630_2zn49aproxpress_sl-m4530_ss397gxpress_sl-m2875_ss351aproxpress_sl-m4580_ss401aproxpress_sl-c3060_ss213escx-4521_sv969aml-5510_ss149aproxpress_sl-c3010_ss210dscx-3406_sv945amultixpress_sl-k4350_ss033aproxpress_sl-c4010_ss216ascx-3406_sv947axpress_sl-m2020_ss271aCertain HP LaserJet products and Samsung product printers, see Security Bulletin
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2006-5557
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.61% / 68.78%
||
7 Day CHG~0.00%
Published-27 Oct, 2006 | 16:00
Updated-07 Aug, 2024 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2017-8951
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.40% / 60.10%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-sitescopeSiteScope
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2006-5556
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.21% / 43.94%
||
7 Day CHG~0.00%
Published-27 Oct, 2006 | 16:00
Updated-07 Aug, 2024 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2017-8985
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-0.09% / 26.25%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE XP Storage using Hitachi Global Link Manager (HGLM) has a local authenticated information disclosure vulnerability in HGLM version HGLM 6.3.0-00 to 8.5.2-00.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-xp_storage_hitachi_global_link_managerXP Storage using HGLM
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2014-7301
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.12% / 32.48%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 17:23
Updated-06 Aug, 2024 | 12:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading /etc/odapw.

Action-Not Available
Vendor-n/aHP Inc.
Product-sgi_tempon/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2014-2639
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.28% / 51.02%
||
7 Day CHG~0.00%
Published-28 Sep, 2014 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP MPIO Device Specific Module Manager before 4.02.00 allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpio_device_specific_module_managern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2014-2631
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.36% / 57.05%
||
7 Day CHG~0.00%
Published-12 Aug, 2014 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Application Lifecycle Management (aka Quality Center) 11.5x and 12.0x allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2138.

Action-Not Available
Vendor-n/aHP Inc.
Product-application_lifecycle_managementn/a
CVE-2021-29202
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 21.56%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 13:24
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.

Action-Not Available
Vendor-n/aHP Inc.
Product-proliant_dl360_gen10_serverproliant_dl325_gen10_plus_serverproliant_dl385_gen10_serverproliant_dl580_gen10_serverproliant_dl560_gen10_serverproliant_xl270d_gen10_serverproliant_bl460c_gen10_server_bladesimplivity_2600proliant_dl385_gen10_plus_serverintegrated_lights-out_4proliant_xl170r_gen10_serverproliant_ml350_gen10_serverproliant_dl120_gen10_serverproliant_dl380_gen10_serverproliant_xl450_gen10_serversimplivity_380_gen10_gproliant_ml30_gen10_serverproliant_xl230k_gen10_serverproliant_xl190r_gen10_serverproliant_ml110_gen10_serverintegrated_lights-out_5simplivity_380_gen9proliant_dl160_gen10_serversimplivity_380_gen10proliant_dl180_gen10_serverproliant_dl325_gen10_serverproliant_dl20_gen10_serversimplivity_325simplivity_380_gen10_hHPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2006-1248
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.99%
||
7 Day CHG~0.00%
Published-17 Mar, 2006 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2013-2339
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.64%
||
7 Day CHG~0.00%
Published-29 Jun, 2013 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-t610_plus_flexible_thin_clientt5565z_smart_clientt510_flexible_thin_clientt410_all-in-one_smart_zero_clientsmart_zero_coret610_flexible_thin_clientt410_smart_zero_clientn/a
CVE-2021-20515
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.88%
||
7 Day CHG~0.00%
Published-30 Apr, 2021 | 15:45
Updated-16 Sep, 2024 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local privileged user could overflow a buffer and execute arbitrary code on the system or cause a denial of service condition. IBM X-Force ID: 198366.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelhp-uxwindowsaixinformix_dynamic_serverInformix Dynamic Server
CWE ID-CWE-787
Out-of-bounds Write
CVE-2005-1433
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 30.08%
||
7 Day CHG~0.00%
Published-03 May, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unknown vulnjerabilities HP OpenView Event Correlation Services (OV ECS) 3.32 and 3.33 allow attackers to cause a denial of service or execute arbitrary code.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_event_correlation_servicesn/a
CVE-2005-0547
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.37% / 58.25%
||
7 Day CHG~0.00%
Published-25 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files."

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-0458
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.71%
||
7 Day CHG~0.00%
Published-17 Jul, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-nonstop_seeview_server_gatewayn/a
CVE-2002-1797
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.25% / 48.44%
||
7 Day CHG~0.00%
Published-28 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 8150 does not properly enforce access control restrictions, which could allow local users to add, delete, or modify any services hosted by the ChaiServer.

Action-Not Available
Vendor-n/aHP Inc.
Product-chaivmn/a
CVE-2002-1796
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.25%
||
7 Day CHG~0.00%
Published-28 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.

Action-Not Available
Vendor-n/aHP Inc.
Product-chaivm_ezloaderlaserjet_8150laserjet_4550laserjet_4100laserjet_4500n/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2002-0993
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 29.07%
||
7 Day CHG~0.00%
Published-31 Aug, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files.

Action-Not Available
Vendor-n/aHP Inc.
Product-instant_supportn/a
CVE-2002-1439
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 29.07%
||
7 Day CHG~0.00%
Published-18 Mar, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files.

Action-Not Available
Vendor-n/aHP Inc.
Product-virtualvaultvvosn/a
CVE-2002-1607
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.15% / 36.10%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
CVE-2001-1509
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 28.90%
||
7 Day CHG~0.00%
Published-14 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2002-0279
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.13% / 33.27%
||
7 Day CHG~0.00%
Published-03 May, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2001-0607
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 20.46%
||
7 Day CHG~0.00%
Published-27 Jul, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2001-0379
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 29.73%
||
7 Day CHG~0.00%
Published-18 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2001-0278
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.71%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpe_ixn/a
CVE-2000-1057
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 21.83%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2000-1031
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.42% / 60.90%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64hp-uxn/a
Details not found