Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-39298

Summary
Assigner-AMD
Assigner Org ID-b58fc414-a1e4-4f92-9d70-1add41838648
Published At-16 Feb, 2022 | 16:38
Updated At-04 Aug, 2024 | 02:06
Rejected At-
Credits

A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:AMD
Assigner Org ID:b58fc414-a1e4-4f92-9d70-1add41838648
Published At:16 Feb, 2022 | 16:38
Updated At:04 Aug, 2024 | 02:06
Rejected At:
â–¼CVE Numbering Authority (CNA)

A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.

Affected Products
Vendor
Advanced Micro Devices, Inc.AMD
Product
2nd Gen EPYC
Package Name
AGESA
Platforms
  • x86
Default Status
unaffected
Versions
Affected
  • Various
Vendor
Advanced Micro Devices, Inc.AMD
Product
3rd Gen EPYC
Package Name
AGESA
Platforms
  • x86
Default Status
unaffected
Versions
Affected
  • various
Vendor
Advanced Micro Devices, Inc.AMD
Product
Ryzen 2000 Series
Package Name
AGESA
Platforms
  • x86
Default Status
unaffected
Versions
Affected
  • various
Vendor
Advanced Micro Devices, Inc.AMD
Product
Ryzen 3000 Series
Package Name
AGESA
Platforms
  • x86
Default Status
unaffected
Versions
Affected
  • Various
Vendor
Advanced Micro Devices, Inc.AMD
Product
Ryzen 5000 Series
Package Name
AGESA
Platforms
  • x86
Default Status
unaffected
Versions
Affected
  • various
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032
vendor-advisory
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027
N/A
Hyperlink: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032
Resource:
vendor-advisory
Hyperlink: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032
vendor-advisory
x_transferred
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027
x_transferred
Hyperlink: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032
Resource:
vendor-advisory
x_transferred
Hyperlink: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027
Resource:
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@amd.com
Published At:16 Feb, 2022 | 17:15
Updated At:24 Feb, 2026 | 18:23

A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
HP Inc.
hp
>>z1_entry_tower_g5_workstation_firmware>>Versions before 02.12.00(exclusive)
cpe:2.3:o:hp:z1_entry_tower_g5_workstation_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>z1_entry_tower_g5_workstation>>-
cpe:2.3:h:hp:z1_entry_tower_g5_workstation:-:*:*:*:*:*:*:*
HP Inc.
hp
>>z1_entry_tower_g6_workstation_firmware>>Versions before 02.10.00(exclusive)
cpe:2.3:o:hp:z1_entry_tower_g6_workstation_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>z1_entry_tower_g6_workstation>>-
cpe:2.3:h:hp:z1_entry_tower_g6_workstation:-:*:*:*:*:*:*:*
HP Inc.
hp
>>z1_g8_tower_desktop_pc_firmware>>Versions before 02.07.00(exclusive)
cpe:2.3:o:hp:z1_g8_tower_desktop_pc_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>z1_g8_tower_desktop_pc>>-
cpe:2.3:h:hp:z1_g8_tower_desktop_pc:-:*:*:*:*:*:*:*
HP Inc.
hp
>>z4_g4_workstation_\(core-x\)_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z4_g4_workstation_\(core-x\)_firmware:*:*:*:*:*:linux_kernel:*:*
HP Inc.
hp
>>z4_g4_workstation_\(core-x\)_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z4_g4_workstation_\(core-x\)_firmware:*:*:*:*:*:windows_10:*:*
HP Inc.
hp
>>z4_g4_workstation_\(core-x\)_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z4_g4_workstation_\(core-x\)_firmware:*:*:*:*:*:windows_7:*:*
HP Inc.
hp
>>z4_g4_workstation_\(core-x\)>>-
cpe:2.3:h:hp:z4_g4_workstation_\(core-x\):-:*:*:*:*:*:*:*
HP Inc.
hp
>>z4_g4_workstation_\(xeon_w\)_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z4_g4_workstation_\(xeon_w\)_firmware:*:*:*:*:*:linux_kernel:*:*
HP Inc.
hp
>>z4_g4_workstation_\(xeon_w\)_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z4_g4_workstation_\(xeon_w\)_firmware:*:*:*:*:*:windows_10:*:*
HP Inc.
hp
>>z4_g4_workstation_\(xeon_w\)_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z4_g4_workstation_\(xeon_w\)_firmware:*:*:*:*:*:windows_7:*:*
HP Inc.
hp
>>z4_g4_workstation_\(xeon_w\)>>-
cpe:2.3:h:hp:z4_g4_workstation_\(xeon_w\):-:*:*:*:*:*:*:*
HP Inc.
hp
>>z6_g4_workstation_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z6_g4_workstation_firmware:*:*:*:*:*:linux_kernel:*:*
HP Inc.
hp
>>z6_g4_workstation_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z6_g4_workstation_firmware:*:*:*:*:*:windows_10:*:*
HP Inc.
hp
>>z6_g4_workstation_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z6_g4_workstation_firmware:*:*:*:*:*:windows_7:*:*
HP Inc.
hp
>>z6_g4_workstation>>-
cpe:2.3:h:hp:z6_g4_workstation:-:*:*:*:*:*:*:*
HP Inc.
hp
>>z8_g4_workstation_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z8_g4_workstation_firmware:*:*:*:*:*:linux_kernel:*:*
HP Inc.
hp
>>z8_g4_workstation_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z8_g4_workstation_firmware:*:*:*:*:*:windows_10:*:*
HP Inc.
hp
>>z8_g4_workstation_firmware>>Versions before 02.75(exclusive)
cpe:2.3:o:hp:z8_g4_workstation_firmware:*:*:*:*:*:windows_7:*:*
HP Inc.
hp
>>z8_g4_workstation>>-
cpe:2.3:h:hp:z8_g4_workstation:-:*:*:*:*:*:*:*
HP Inc.
hp
>>engage_flex_mini_retail_system_firmware>>Versions before 02.10.00(exclusive)
cpe:2.3:o:hp:engage_flex_mini_retail_system_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>engage_flex_mini_retail_system>>-
cpe:2.3:h:hp:engage_flex_mini_retail_system:-:*:*:*:*:*:*:*
HP Inc.
hp
>>mp9_g4_retail_system_firmware>>Versions before 02.18.00(exclusive)
cpe:2.3:o:hp:mp9_g4_retail_system_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>mp9_g4_retail_system>>-
cpe:2.3:h:hp:mp9_g4_retail_system:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_dragonfly_firmware>>Versions before 01.12.00(exclusive)
cpe:2.3:o:hp:elite_dragonfly_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_dragonfly>>-
cpe:2.3:h:hp:elite_dragonfly:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_dragonfly_g2_firmware>>Versions before 01.08.00(exclusive)
cpe:2.3:o:hp:elite_dragonfly_g2_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_dragonfly_g2>>-
cpe:2.3:h:hp:elite_dragonfly_g2:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_dragonfly_max_firmware>>Versions before 01.08.00(exclusive)
cpe:2.3:o:hp:elite_dragonfly_max_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_dragonfly_max>>-
cpe:2.3:h:hp:elite_dragonfly_max:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_x2_1013_g3_firmware>>Versions before 01.19.00(exclusive)
cpe:2.3:o:hp:elite_x2_1013_g3_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_x2_1013_g3>>-
cpe:2.3:h:hp:elite_x2_1013_g3:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_x2_g4_firmware>>Versions before 01.12.00(exclusive)
cpe:2.3:o:hp:elite_x2_g4_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_x2_g4>>-
cpe:2.3:h:hp:elite_x2_g4:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_x2_g8_tablet_firmware>>Versions before 01.08.00(exclusive)
cpe:2.3:o:hp:elite_x2_g8_tablet_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elite_x2_g8_tablet>>-
cpe:2.3:h:hp:elite_x2_g8_tablet:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_1050_g1_firmware>>Versions before 01.19.00(exclusive)
cpe:2.3:o:hp:elitebook_1050_g1_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_1050_g1>>-
cpe:2.3:h:hp:elitebook_1050_g1:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_830_g5_firmware>>Versions before 01.19.00(exclusive)
cpe:2.3:o:hp:elitebook_830_g5_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_830_g5>>-
cpe:2.3:h:hp:elitebook_830_g5:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_830_g6_firmware>>Versions before 01.12.00(exclusive)
cpe:2.3:o:hp:elitebook_830_g6_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_830_g6>>-
cpe:2.3:h:hp:elitebook_830_g6:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_830_g7_firmware>>Versions before 01.08.00(exclusive)
cpe:2.3:o:hp:elitebook_830_g7_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_830_g7>>-
cpe:2.3:h:hp:elitebook_830_g7:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_830_g8_firmware>>Versions before 01.08.00(exclusive)
cpe:2.3:o:hp:elitebook_830_g8_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_830_g8>>-
cpe:2.3:h:hp:elitebook_830_g8:-:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_836_g5_firmware>>Versions before 01.19.00(exclusive)
cpe:2.3:o:hp:elitebook_836_g5_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>elitebook_836_g5>>-
cpe:2.3:h:hp:elitebook_836_g5:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027psirt@amd.com
N/A
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032psirt@amd.com
N/A
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027
Source: psirt@amd.com
Resource: N/A
Hyperlink: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032
Source: psirt@amd.com
Resource: N/A
Hyperlink: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1027
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

178Records found
CVE-2003-0061
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.76%
||
7 Day CHG~0.00%
Published-15 Apr, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-1098
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.42% / 62.21%
||
7 Day CHG~0.00%
Published-11 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-0840
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.44% / 63.36%
||
7 Day CHG~0.00%
Published-09 Oct, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2002-1615
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.11% / 29.81%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxtru64n/a
CVE-2002-2363
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.24% / 47.46%
||
7 Day CHG~0.00%
Published-29 Oct, 2007 | 19:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2002-1616
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.34% / 57.14%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64n/a
CVE-2002-1612
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.68% / 71.61%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxtru64n/a
CVE-2002-1614
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.99% / 76.95%
||
7 Day CHG~0.00%
Published-25 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxtru64n/a
CVE-2002-0678
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.43% / 62.57%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

Action-Not Available
Vendor-compaqxi_graphicsn/aHP Inc.IBM CorporationSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)The MITRE Corporation (Caldera)
Product-sunosdextopirixsolaristru64hp-uxunixwareaixopenunixn/a
CVE-2001-1198
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.17% / 38.75%
||
7 Day CHG~0.00%
Published-15 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2001-0551
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.11% / 29.77%
||
7 Day CHG~0.00%
Published-18 Feb, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2001-0266
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.62%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2001-0267
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.24%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-mpe_ixn/a
CVE-2001-0085
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.68%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to cause a denial of service and possibly execute arbitrary commands.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2001-0976
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.04%
||
7 Day CHG~0.00%
Published-02 Feb, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment variables.

Action-Not Available
Vendor-n/aHP Inc.
Product-process_resource_managern/a
CVE-2000-1028
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.20% / 42.41%
||
7 Day CHG~0.00%
Published-29 Nov, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2000-1134
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.18% / 39.26%
||
7 Day CHG~0.00%
Published-19 Dec, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

Action-Not Available
Vendor-conectivaimmunixn/aHP Inc.Mandriva (Mandrakesoft)Red Hat, Inc.The MITRE Corporation (Caldera)SUSE
Product-linuxopenlinuxmandrake_linuxsuse_linuxopenlinux_eserverhp-uxopenlinux_edesktopimmunixn/a
CVE-2000-0801
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.84%
||
7 Day CHG~0.00%
Published-21 Sep, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2015-6862
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.47% / 64.48%
||
7 Day CHG~0.00%
Published-08 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-ucmdb_browsern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-284
Improper Access Control
CVE-1999-1089
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.11%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1161
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.26%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2000-0078
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.62%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1134
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.24%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1146
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.04%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1088
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.04%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0022
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.19% / 40.59%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

Action-Not Available
Vendor-bsdin/absdiHP Inc.IBM CorporationSilicon Graphics, Inc.FreeBSD FoundationSun Microsystems (Oracle Corporation)
Product-sunosirixsolarisbsd_osfreebsdhp-uxaixn/afreebsdbsd_ossolarissunoshp-uxaixirix
CWE ID-CWE-125
Out-of-bounds Read
CVE-1999-0040
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.18% / 39.70%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

Action-Not Available
Vendor-bsdin/aHP Inc.IBM CorporationSilicon Graphics, Inc.NEC CorporationFreeBSD FoundationSun Microsystems (Oracle Corporation)
Product-up-ux_vsunosirixsolarisbsd_osfreebsdhp-uxaixasl_ux_4800ews-ux_vn/a
CVE-1999-0318
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.11% / 30.11%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.

Action-Not Available
Vendor-n/aHP Inc.Sun Microsystems (Oracle Corporation)IBM CorporationRed Hat, Inc.
Product-sunoslinuxsolarishp-uxaixn/a
CVE-1999-0131
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.10% / 26.53%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

Action-Not Available
Vendor-scoeric_allmanbsdidigitaln/aHP Inc.IBM CorporationFreeBSD FoundationRed Hat, Inc.
Product-openserverlinuxsendmailbsd_osinternet_faststartfreebsdhp-uxaixosf_1n/a
CVE-1999-0311
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.62%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

fpkg2swpk in HP-UX allows local users to gain root access.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0050
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.05% / 77.58%
||
7 Day CHG+0.12%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP-UX newgrp program.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0435
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.62%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0127
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.62%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0309
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.62%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP-UX vgdisplay program gives root access to local users.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0336
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.36%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in mstm in HP-UX allows local users to gain root access.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0324
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.62%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ppl program in HP-UX allows local users to create root files through symlinks.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2015-6860
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.05% / 14.06%
||
7 Day CHG~0.00%
Published-05 Jan, 2016 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6859.

Action-Not Available
Vendor-n/aHP Inc.
Product-j9639aj9821aj9824aj8700aj9263aj9533aj9643aj9823aj9532aj8715bj9265aj9573aj9472aj9311aj9640aj9866aj9868aj8697aj9587aj9451aj9447aj8992aj9641aj8715aj9826aj9471aj8692aj9576aj9584aj9452aj9851aj9091aj8693aj8699aj9850aj9586aj9825aj9638aj9575aj9475aj9310aj9448aj9574aj9642aj9588aj8698aj9540aj9264aj9470aj9585aj9473aj9822anetwork_switch_softwarej9539an/a
CVE-2008-3947
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.24%
||
7 Day CHG~0.00%
Published-05 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 10:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line.

Action-Not Available
Vendor-n/aHP Inc.
Product-openvmsn/a
CWE ID-CWE-20
Improper Input Validation
CVE-1999-1115
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.93% / 76.17%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh).

Action-Not Available
Vendor-n/aHP Inc.
Product-apollo_domain_osn/a
CVE-1999-1145
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.24%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0962
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.36%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1135
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.62%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4994 and PHSS_5438.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2015-6030
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.2||HIGH
EPSS-0.13% / 32.26%
||
7 Day CHG~0.00%
Published-04 Nov, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access.

Action-Not Available
Vendor-n/aHP Inc.Micro Focus International Limited
Product-arcsight_command_centerarcsight_connector_appliancearcsight_management_centerarcsight_connectorsarcsight_expressarcsight_loggerarcsight_enterprise_security_managern/a
CVE-1999-0014
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-3.16% / 86.94%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthorized privileged access or denial of service via dtappgather program in CDE.

Action-Not Available
Vendor-cden/aIBM CorporationHP Inc.
Product-cdehp-uxvvosaixn/a
CVE-2015-6857
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-2.30% / 84.75%
||
7 Day CHG~0.00%
Published-26 Nov, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.

Action-Not Available
Vendor-n/aHP Inc.
Product-performance_centerloadrunnern/a
CVE-2015-5402
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.2||HIGH
EPSS-0.38% / 59.41%
||
7 Day CHG~0.00%
Published-27 Aug, 2015 | 01:50
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows local users to gain privileges, and consequently obtain sensitive information, modify data, or cause a denial of service, via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-matrix_operating_environmentsystems_insight_managern/a
CVE-1999-0307
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.36%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP-UX cstm program allows local users to gain root privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2015-2124
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.2||HIGH
EPSS-0.07% / 20.18%
||
7 Day CHG~0.00%
Published-05 Jun, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-smart_zero_corethinpro_linuxn/a
CVE-2015-2126
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.2||HIGH
EPSS-0.05% / 13.80%
||
7 Day CHG~0.00%
Published-06 Jul, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-0306
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.32% / 79.93%
||
7 Day CHG-0.10%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

buffer overflow in HP xlock program.

Action-Not Available
Vendor-n/aHP Inc.
Product-vvosn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found