Filtered by vendor Hp
Subscriptions
Filtered by product Hp-ux
Subscriptions
Total
479 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1136 | 1 Hp | 2 Hp-ux, Mpe Ix | 2025-04-03 | N/A |
| Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems. | ||||
| CVE-2000-0251 | 1 Hp | 2 Hp-ux, Vvos | 2025-04-03 | N/A |
| HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses. | ||||
| CVE-2000-0966 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows local users to gain privileges. | ||||
| CVE-2001-1182 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges. | ||||
| CVE-2001-1509 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges. | ||||
| CVE-2001-1564 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space. | ||||
| CVE-2002-0679 | 6 Caldera, Compaq, Hp and 3 more | 8 Openunix, Unixware, Tru64 and 5 more | 2025-04-03 | N/A |
| Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. | ||||
| CVE-2002-1317 | 4 Hp, Sgi, Sun and 1 more | 5 Hp-ux, Irix, Solaris and 2 more | 2025-04-03 | N/A |
| Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | ||||
| CVE-2002-1615 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | N/A |
| Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader. | ||||
| CVE-2002-2270 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | ||||
| CVE-2003-0064 | 4 Hp, Ibm, Sgi and 1 more | 5 Hp-ux, Aix, Irix and 2 more | 2025-04-03 | N/A |
| The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0196 | 6 Compaq, Hp, Redhat and 3 more | 9 Tru64, Cifs-9000 Server, Hp-ux and 6 more | 2025-04-03 | N/A |
| Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | ||||
| CVE-2003-1358 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. | ||||
| CVE-2003-1437 | 6 Bea, Hp, Ibm and 3 more | 8 Weblogic Server, Hp-ux, Aix and 5 more | 2025-04-03 | N/A |
| BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. | ||||
| CVE-2004-1029 | 5 Conectiva, Gentoo, Hp and 2 more | 8 Linux, Linux, Hp-ux and 5 more | 2025-04-03 | N/A |
| The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. | ||||
| CVE-2005-4316 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. | ||||
| CVE-2006-1248 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended. | ||||
| CVE-2003-0201 | 7 Apple, Compaq, Hp and 4 more | 10 Mac Os X, Tru64, Cifs-9000 Server and 7 more | 2025-04-03 | N/A |
| Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. | ||||
| CVE-2003-0333 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085. | ||||
| CVE-2003-0694 | 12 Apple, Compaq, Freebsd and 9 more | 20 Mac Os X, Mac Os X Server, Tru64 and 17 more | 2025-04-03 | N/A |
| The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | ||||