Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-24646

Summary
Assigner-hpe
Assigner Org ID-eb103674-0d28-4225-80f8-39fb86215de0
Published At-19 Oct, 2020 | 17:34
Updated At-04 Aug, 2024 | 15:19
Rejected At-
Credits

A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:hpe
Assigner Org ID:eb103674-0d28-4225-80f8-39fb86215de0
Published At:19 Oct, 2020 | 17:34
Updated At:04 Aug, 2024 | 15:19
Rejected At:
▼CVE Numbering Authority (CNA)

A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Affected Products
Vendor
n/a
Product
HPE Intelligent Management Center (iMC)
Versions
Affected
  • Prior to iMC PLAT 7.3 (E0705P07)
Problem Types
TypeCWE IDDescription
textN/Atftpserver stack-based buffer overflow remote code execution
Type: text
CWE ID: N/A
Description: tftpserver stack-based buffer overflow remote code execution
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us
x_refsource_MISC
Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us
x_refsource_MISC
x_transferred
Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-alert@hpe.com
Published At:19 Oct, 2020 | 18:15
Updated At:21 Oct, 2020 | 17:10

A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
HP Inc.
hp
>>intelligent_management_center>>Versions before 7.3(exclusive)
cpe:2.3:a:hp:intelligent_management_center:*:*:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:-:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0501:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0503:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0503p02:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p02:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p04:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p2:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0504p4:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p02:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p03:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p07:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0506p09:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605h02:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605h05:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605p04:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0605p06:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705p02:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705p04:*:*:*:*:*:*
HP Inc.
hp
>>intelligent_management_center>>7.3
cpe:2.3:a:hp:intelligent_management_center:7.3:e0705p06:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_ussecurity-alert@hpe.com
Vendor Advisory
Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04036en_us
Source: security-alert@hpe.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2733Records found
CVE-2024-9419
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-3.37% / 87.08%
||
7 Day CHG~0.00%
Published-30 Oct, 2024 | 17:25
Updated-26 Jan, 2026 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Certain HP Print Products–Potential Remote Code Execution and/or Elevation of Privilege with the HP Smart Universal Printing Driver

Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could potentially lead to Remote Code Execution and/or Elevation of Privilege on the PC.

Action-Not Available
Vendor-HP Inc.
Product-smart_universal_printing_driverHP Smart Universal Printing Driversmart_universal_printing_driver
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-5391
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-0.99% / 76.43%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:56
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack buffer overflow vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-25139
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-7.07% / 91.30%
||
7 Day CHG+1.74%
Published-09 Feb, 2021 | 16:04
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500 chassis. This vulnerability could be remotely exploited by an unauthenticated user to cause a stack based buffer overflow using user supplied input to the `khuploadfile.cgi` CGI ELF. The stack based buffer overflow could lead to Remote Code Execution, Denial of Service, and/or compromise system integrity. **Note:** HPE recommends that customers discontinue the use of the HPE Moonshot Provisioning Manager. The HPE Moonshot Provisioning Manager application is discontinued, no longer supported, is not available to download from the HPE Support Center, and no patch is available.

Action-Not Available
Vendor-n/aHP Inc.
Product-moonshot_provisioning_managerHPE Moonshot Provisioning Manager
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-26508
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-8.3||HIGH
EPSS-0.29% / 52.25%
||
7 Day CHG~0.00%
Published-14 Feb, 2025 | 17:03
Updated-15 Jan, 2026 | 14:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Certain HP LaserJet Pro, HP LaserJet Enterprise, HP LaserJet Managed Printers – Potential Remote Code Execution and Potential Elevation of Privilege

Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.

Action-Not Available
Vendor-HP Inc.
Product-4y279al3u43a499q4f3qa75a7ps96a3sj34a4ra84a7h5w6aj7z12a4ra86ez8z05a4ra88f3pz95a5rc87a5fm77aj8j65a4pz46ab5l48at3u66a49k98aj8a16a5hh52a_firmware74t92a_firmware3sj03a1pv49a5hh59a5hh48vj8j72a4ra87f_firmware499q5f5hh51a_firmwareb5l38a3gy16am0p32az8z07a5zp01az8z12a7ps85a4ra82f5hh67a_firmware4ra84e_firmwarex3a59a7h5w7a49k97avg1w40ay3z63a4ra84f_firmware4pz47a1pv87ad7p70a499q9e7e357a74p27a4ra81e5cm69a5cm59ax3a90a759v0ej7z11a4ra85v4ra83ay3z60aj7z99a499q3e_firmwarel3u42a5rc84a499n1a_firmware6qn30a5cm64a3gy19ax3a89a7ps84az8z08a5hh66a4ra85a499q7f_firmware5hh53a_firmware499q9f6qp98af2a66a3pz75a5qj94aj8j73a49k86aj8j78a499q7acf236aj8a13af2a68a3gn19aj8a04a8pe97a1ps55a4ra86a4ra87a499q5a74p25a_firmware4ra83fg1w46am0p35a58r10a5hh72a_firmware3sj19ax3a62a4pa44a4ra84e4ra80e_firmware5hh64ek0q17ab5l23a3sj13a3gy09a8gs15a2gp26a1pv64a4ra84a_firmware1pu52a8gr96a2gp25a74t92e_firmware6qn37a5hh64a5hh53a4ra83f_firmware1ps54a6bs57a3gy14az8z00ax3a72a4ra86f759v1e8gs00aj8j80a4ra89a_firmwarej8j63aj7z07a8gs27a4ra84f499q5f_firmware74t92f5qj87a5hh65aj7z13a3sj38a7ps86a499r0f_firmware499n4a_firmwarecz245ak0q15a4ra80f_firmwaret3u44a499n0ay3z66a499m6ak0q21a7ps97a5hh73a115p9awe6b73a9rt92a499q7a_firmware58m42ab5l24ax3a74a8pe95a3sj12ab5l49az8z14ax3a75a1pu51ax3a84a2gp23af2a70a4ra80e3sj36a499n6aj7z98aj7z05aj7z14a3sj37a499m7a8gs14a3sj04ab5l54a4ra81f_firmware4ra83a_firmware1pv65a5rc90a5hh64f_firmware759v2e7zu86a4ra81f759v0f_firmware8gs36aa8zq5a4ra82a_firmware3gy03a74p26a_firmware759v2f_firmware8d7l1a7ps87acz244a4ra87f7ps81a7zu79al3u65ax3a87al3u70a8d7l0a_firmware6qn38a3gy20ax3a65a5qj81a74p28ax3a86aj7z09a6bs58a4ra88f_firmwarey3z62a499m9a_firmware5cm68aj8j76a17f27aw3sj11aj8a06a499q4e_firmwarecf367aj8a05a5fm78az8z19j8j64ax3a77a499n0a_firmware4ra82fr_firmwarek0q19a3sj29a499r0a_firmwarej8a11ax3a71a5qk18a499q7f7ps94a3gy17a499r0e_firmwareb5l47a4ra81frf2a67a*a2w76ax3a81al3u66a4ra82f_firmware5cm77a4ra88a_firmware4ra85e_firmware4ra85ef2a69az8z04a4pz45aj7z06a4ra87a_firmware8gs44a5qk20a8gs13aa8zq7acf067a499q4e499m7a_firmware4ra81ag1w47az8z09a3sj33aj8j79a4ra82e_firmware1pv88a5qk15al3u67aa2w75a499q3f499n5a6bs59ax3a92a7pt01a6qn33a499q9e_firmwarez8z01a3gy04a3sj21a499n1a499q9f_firmwarey3z68a499q6em0p36aa8zq6a5rc85acf235a3gy10a499q5fr_firmwaree6b72a5cm63a5cm79az8z010a8gr98ax3a60a4ra80aj7z10az8z18a5qj90a4ra89v7ps83a4pz43at3u55a5hh48a_firmwarez8z02ax3a63a3gx98ag1w46v4y280a7pt00aa91s3a6qp99a3gy12aj8j67a499q6f_firmwarefuturesmart_5l2762ad7p71a49l02a5zn99a4ra83e499q6e_firmwarex3a78a5hh72a499q5e_firmwarex3a69ab5l39al3u57a4ra86f_firmware8pe98a7ps99a8gs50a759v0f759v1e_firmware759v2e_firmware5cm71a5fm76a3qa55a5qk08a499q3a_firmware49k84az8z17a499m8a4ra85v_firmwarem0p39af2a71at3u64a8pe94a5hh67a7ps88aa91s1a4ra85f499q8e_firmware499q5e1pv89aa91s5a4ra86e_firmwarez8z011az8z06acf068a5fm80a5hh48v_firmware6qq00a3gy15a4ra89v_firmwarel3u51a499m9a3sj00afuturesmart_4b5l46a4ra81fr_firmware5rc88a8gs37a499n5a_firmwareb5l50a5zp00a5cm65az5g77a115q0aw499r0f6qq01a3gy18a5cm75a5cm58a1pv66a8gs28a4ra85f_firmwarez8z23a74p26a74p28a_firmware3gy32a5cm76a74p27a_firmware5fm81a4ra81a_firmware5hh64f1pv67a499q7e499q6a_firmware4ra87el3u64a3pz16a74t92f_firmware5fm82a4ra88e5hh51a8gr95ax3a93a3pz35a8gs26aj8a10aj8j74a2gp22a4ra82e5hh66a_firmwarej8j66a5qk13a8d7l2a4ra81e_firmware499q7e_firmwarek0q14aaz8z20ab5l25a49l04al3u56aj8j71a8d7l1a_firmwarez8z22a6qn28afuturesmart_3t3u56a8gs01a499q8aa8zq4a499r0e6qn35a8d7l2a_firmware3sj35a6qn31al3u55a8gs29acf238a499q4f_firmware49l00a6qn36aj7z08a3qa35a3pz56a759v1ff2a80a49k96av499q6f5rc86a7ps82a3sj02a5rc92al2763ag1w47v3sj01a4ra86a_firmware5zn98aj7z03a5qj83ag1w41aj8j70a19gsawy3z64a5hh64a_firmware5qj98a49k90a8gs43a499q8a_firmware5qk02al3u52aa8zq3a5cm78a5cm66ax3a82a74t92a499q9a_firmware5qk03a6qp97aj7z04az8z0ax3a68a5hh48a4ra87e_firmware1pv86at3u43abl27ax3a80a499r0a3pz55a7ps95a3pz15a499q9al3u63a3sj32am0p40a4ra89a499q5fr4ra82fr8gs30a5hh73a_firmware3sj30a499q8f49k99a3gy31af2a79az8z16a8gs25ax3a83a759v1f_firmwarek0q20a7zu81a4ra83e_firmware5cm72a4ra80f8pe96a499q3e499q8e499n6a_firmware8gs12a7zu88a3sj28a499q3a4ra80a_firmwarel3u69a7zu87a9rt91a499q6az8z13a3sj22a499q3f_firmware5hh52a3gy26ay3z61a5rc91a7zu78aa91s7a499n4ak0q22a3gy25ax3a79a4ra82a5rc89a8gr94a5hh59a_firmware4ra85a_firmwarey3z49ab5l26ag1w39aj8a12am0p33a5cm61az5g79a74t92ecf069a7ps98a7zu85a8gr97a499q5a_firmware759v2fcf066a8gr99a5hh65a_firmware4ra88e_firmware8d7l0a5hh64e_firmwarez8z15aa8zq2a499q8f_firmware5cm70a74p25a759v0e_firmwarek0q18a4ra88a5rc83ax3a66a6qn29aj8a17a3sj20a499m6a_firmware499m8a_firmwarey3z65aCertain HP LaserJet Pro, HP LaserJet Enterprise, HP LaserJet Managed Printers
CWE ID-CWE-787
Out-of-bounds Write
CVE-2015-3113
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-92.42% / 99.72%
||
7 Day CHG~0.00%
Published-23 Jun, 2015 | 21:00
Updated-17 Nov, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-04||The impacted product is end-of-life and should be disconnected if still in use.

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.

Action-Not Available
Vendor-n/aSUSERed Hat, Inc.Microsoft CorporationopenSUSEAdobe Inc.HP Inc.Linux Kernel Organization, IncApple Inc.
Product-insight_orchestrationenterprise_linux_serverevergreenwindowsversion_control_agentversion_control_repository_managerlinux_enterprise_workstation_extensionsystem_management_homepageenterprise_linux_eusenterprise_linux_desktopvirtual_connect_enterprise_managerlinux_enterprise_desktopsystems_insight_managerlinux_kernelflash_playerenterprise_linux_workstationopensusemac_os_xn/aFlash Player
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-42395
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.70%
||
7 Day CHG~0.00%
Published-06 Aug, 2024 | 18:56
Updated-12 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the AP Certificate Management Service Accessed by the PAPI Protocol

There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosHPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10instant
CWE ID-CWE-295
Improper Certificate Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-42393
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 64.17%
||
7 Day CHG~0.00%
Published-06 Aug, 2024 | 18:58
Updated-12 Aug, 2024 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI Protocol

There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosHpe Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10instant
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-42394
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.62%
||
7 Day CHG~0.00%
Published-06 Aug, 2024 | 18:57
Updated-12 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI Protocol

There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosHPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10arubaosaruba_networking_instantos
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27973
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-3.83% / 87.87%
||
7 Day CHG~0.00%
Published-28 Apr, 2023 | 16:00
Updated-30 Jan, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution.

Action-Not Available
Vendor-HP Inc.
Product-laserjet_pro_mfp_m478-m479_w1a76a_firmwarelaserjet_pro_m404-m405_w1a51a_firmwarelaserjet_pro_mfp_m478-m479_w1a77a_firmwarelaserjet_pro_m404-m405_w1a51alaserjet_pro_m453-m454_w1y43alaserjet_pro_m404-m405_93m22a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a32a_firmwarelaserjet_pro_m404-m405_w1a56alaserjet_pro_m404-m405_w1a52a_firmwarelaserjet_pro_m304-m305_w1a47alaserjet_pro_m304-m305_w1a48a_firmwarelaserjet_pro_m404-m405_w1a60a_firmwarelaserjet_pro_mfp_m478-m479_w1a75a_firmwarelaserjet_pro_mfp_m478-m479_w1a80a_firmwarelaserjet_pro_m404-m405_w1a56a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38alaserjet_pro_mfp_m428-m429_w1a28a_firmwarelaserjet_pro_mfp_m428-m429_w1a31a_firmwarelaserjet_pro_m404-m405_w1a52alaserjet_pro_m404-m405_w1a63a_firmwarelaserjet_pro_m453-m454_w1y44a_firmwarelaserjet_pro_m453-m454_w1y47a_firmwarelaserjet_pro_mfp_m478-m479_w1a78alaserjet_pro_m404-m405_w1a59alaserjet_pro_m304-m305_w1a66alaserjet_pro_m404-m405_w1a58a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a35alaserjet_pro_mfp_m428-m429_f_w1a29a_firmwarelaserjet_pro_m404-m405_w1a58alaserjet_pro_mfp_m478-m479_w1a79alaserjet_pro_m453-m454_w1y46a_firmwarelaserjet_pro_m453-m454_w1y46alaserjet_pro_mfp_m428-m429_w1a28alaserjet_pro_m304-m305_w1a47a_firmwarelaserjet_pro_m453-m454_w1y40alaserjet_pro_mfp_m428-m429_w1a33a_firmwarelaserjet_pro_m453-m454_w1y43a_firmwarelaserjet_pro_mfp_m428-m429_w1a33alaserjet_pro_m404-m405_w1a53alaserjet_pro_m404-m405_w1a57a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a30alaserjet_pro_mfp_m428-m429_f_w1a29alaserjet_pro_m453-m454_w1y41alaserjet_pro_m453-m454_w1y45alaserjet_pro_mfp_m478-m479_w1a77alaserjet_pro_m304-m305_w1a66a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38a_firmwarelaserjet_pro_mfp_m478-m479_w1a75alaserjet_pro_mfp_m478-m479_w1a82a_firmwarelaserjet_pro_m453-m454_w1y44alaserjet_pro_m453-m454_w1y47alaserjet_pro_m404-m405_w1a53a_firmwarelaserjet_pro_mfp_m478-m479_w1a80alaserjet_pro_m304-m305_w1a48alaserjet_pro_m404-m405_w1a60alaserjet_pro_mfp_m428-m429_w1a31alaserjet_pro_m304-m305_w1a46a_firmwarelaserjet_pro_m304-m305_w1a46alaserjet_pro_mfp_m478-m479_w1a78a_firmwarelaserjet_pro_m404-m405_93m22alaserjet_pro_mfp_m478-m479_w1a76alaserjet_pro_mfp_m478-m479_w1a81a_firmwarelaserjet_pro_m453-m454_w1y40a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a35a_firmwarelaserjet_pro_m404-m405_w1a63alaserjet_pro_m453-m454_w1y41a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a32alaserjet_pro_m453-m454_w1y45a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34alaserjet_pro_mfp_m478-m479_w1a79a_firmwarelaserjet_pro_m404-m405_w1a59a_firmwarelaserjet_pro_m404-m405_w1a57alaserjet_pro_mfp_m428-m429_f_w1a30a_firmwarelaserjet_pro_mfp_m478-m479_w1a82alaserjet_pro_mfp_m428-m429_f_w1a34a_firmwarelaserjet_pro_mfp_m478-m479_w1a81aHP LaserJet Pro
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-3165
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-42.81% / 97.38%
||
7 Day CHG~0.00%
Published-02 Nov, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1208.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2011-3162
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.96% / 97.54%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1296.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protector_for_personal_computersdata_protector_notebook_extensionn/a
CVE-2011-3158
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.96% / 97.54%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1226.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protector_for_personal_computersdata_protector_notebook_extensionn/a
CVE-2017-5791
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-58.61% / 98.16%
||
7 Day CHG~0.00%
Published-13 Oct, 2017 | 02:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_center_platHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-287
Improper Authentication
CVE-2011-4163
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-21.09% / 95.51%
||
7 Day CHG~0.00%
Published-29 Dec, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1213.

Action-Not Available
Vendor-n/aHP Inc.
Product-database_archiving_softwaren/a
CVE-2011-3157
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.96% / 97.54%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1225.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protector_for_personal_computersdata_protector_notebook_extensionn/a
CVE-2011-3167
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-74.93% / 98.83%
||
7 Day CHG~0.00%
Published-02 Nov, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2011-3161
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.96% / 97.54%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1229.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protector_for_personal_computersdata_protector_notebook_extensionn/a
CVE-2011-4161
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-15.99% / 94.60%
||
7 Day CHG~0.00%
Published-01 Dec, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.

Action-Not Available
Vendor-n/aHP Inc.
Product-color_laserjet_enterprise_cp4520color_mfp_cm8060color_laserjet_cm4540color_laserjet_5550color_laserjet_4700laserjet_4240laserjet_4350laserjet_enterprise_500_colorcolor_laserjet_cm4730color_laserjet_4730_mfpcolor_laserjet_3000laserjet_4345_mfplaserjet_p4015color_laserjet_cm3530color_laserjet_cp5525digital_sender_9200claserjet_enterprise_p3015color_laserjet_3800laserjet_m9040laserjet_5200laserjet_p4515color_laserjet_9500color_laserjet_cm6030digital_sender_9250claserjet_p3005laserjet_p4014laserjet_enterprise_m4555color_laserjet_cm6040color_laserjet_cp3505laserjet_9040laserjet_m9050color_laserjet_4730color_laserjet_cp4005color_laserjet_enterprise_cp4525laserjet_enterprise_600laserjet_4250laserjet_9050laserjet_m3035laserjet_m5035color_laserjet_cp6015color_laserjet_cp3525n/a
CVE-2011-4164
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-21.09% / 95.51%
||
7 Day CHG~0.00%
Published-29 Dec, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1214.

Action-Not Available
Vendor-n/aHP Inc.
Product-database_archiving_softwaren/a
CVE-2011-4165
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-21.09% / 95.51%
||
7 Day CHG~0.00%
Published-29 Dec, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1263.

Action-Not Available
Vendor-n/aHP Inc.
Product-database_archiving_softwaren/a
CVE-2011-2331
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-23.86% / 95.88%
||
7 Day CHG~0.00%
Published-02 Jun, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in img.exe in HP Intelligent Management Center (IMC) allows remote attackers to execute arbitrary code via a crafted length value in an a packet that triggers a heap-based buffer overflow, possibly related to an "recv" field.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CVE-2017-5823
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-51.06% / 97.80%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 23:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CVE-2011-1728
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-49.46% / 97.71%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1852
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-46.32% / 97.57%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allow remote attackers to execute arbitrary code via crafted packet content accompanying a (1) DATA or (2) ERROR opcode.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1853
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-15.65% / 94.53%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a (1) large or (2) invalid opcode field, related to a function pointer table.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-1732
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-52.72% / 97.87%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1731
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-44.52% / 97.47%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1850
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-29.84% / 96.52%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the logging functionality in dbman.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via vectors related to a received action.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1735
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-51.70% / 97.83%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1867
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.84% / 97.53%
||
7 Day CHG~0.00%
Published-11 Jul, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in iNodeMngChecker.exe in the User Access Manager (UAM) 5.0 before SP1 E0101P03 and Endpoint Admission Defense (EAD) 5.0 before SP1 E0101P03 components in HP Intelligent Management Center (aka iNode Management Center) allows remote attackers to execute arbitrary code via a 0x0A0BF007 packet.

Action-Not Available
Vendor-n/aHP Inc.
Product-user_access_managerendpoint_admission_defenseintelligent_management_centern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1733
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-49.46% / 97.71%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1541
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-6.14% / 90.60%
||
7 Day CHG~0.00%
Published-29 Apr, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-system_management_homepagen/a
CVE-2011-1865
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-89.16% / 99.52%
||
7 Day CHG~0.00%
Published-01 Jul, 2011 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1866
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-59.10% / 98.18%
||
7 Day CHG~0.00%
Published-01 Jul, 2011 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXEC_CMD functionality.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1849
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-15.65% / 94.53%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-0924
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-13.35% / 94.00%
||
7 Day CHG~0.00%
Published-09 Feb, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omni_chk_ds.sh.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protectorn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-1730
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-49.46% / 97.71%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0921
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.71% / 89.13%
||
7 Day CHG~0.00%
Published-09 Feb, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protectorn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-1729
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-49.46% / 97.71%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1851
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-22.07% / 95.64%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0889
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-36.62% / 97.03%
||
7 Day CHG~0.00%
Published-16 Mar, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA or Radia Notify) 5.11, 7.2, 7.5, 7.8, and 7.9 allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-client_automation_enterprisen/a
CVE-2005-4823
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-7.30% / 91.47%
||
7 Day CHG~0.00%
Published-12 Jan, 2007 | 01:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP Web-enabled Management Software allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-http_servern/a
CVE-2005-3296
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-19.98% / 95.32%
||
7 Day CHG~0.00%
Published-23 Oct, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2011-0268
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-42.82% / 97.38%
||
7 Day CHG~0.00%
Published-13 Jan, 2011 | 18:35
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long text1 parameter.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2005-3277
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-31.75% / 96.68%
||
7 Day CHG~0.00%
Published-21 Oct, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2002-1473.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2011-0263
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-49.38% / 97.71%
||
7 Day CHG~0.00%
Published-13 Jan, 2011 | 18:35
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in ovas.exe in the OVAS service in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) Source Node or (2) Destination Node variable.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0264
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-49.38% / 97.71%
||
7 Day CHG~0.00%
Published-13 Jan, 2011 | 18:35
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long COOKIE variable.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0267
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-78.99% / 99.02%
||
7 Day CHG~0.00%
Published-13 Jan, 2011 | 18:35
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0272
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-36.62% / 97.03%
||
7 Day CHG~0.00%
Published-18 Jan, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, related to the HttpTunnel feature.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnern/a
CVE-2011-0266
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-77.53% / 98.95%
||
7 Day CHG~0.00%
Published-13 Jan, 2011 | 18:35
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long nameParams parameter, a different vulnerability than CVE-2011-0267.2.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 54
  • 55
  • Next
Details not found