Filtered by vendor Hp
Subscriptions
Filtered by product Hp-ux
Subscriptions
Total
465 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2010-1556 | 3 Hp, Linux, Microsoft | 4 Hp-ux, Systems Insight Manager, Linux Kernel and 1 more | 2024-05-17 | N/A |
Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 Update 1, and 6.0 allows remote attackers to obtain sensitive information and modify data via unknown vectors. | ||||
CVE-2023-47747 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Db2 and 4 more | 2024-03-07 | 6.5 Medium |
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272646. | ||||
CVE-2023-47746 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Db2 and 4 more | 2024-03-07 | 6.5 Medium |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272644. | ||||
CVE-2023-47158 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Db2 and 4 more | 2024-03-07 | 6.5 Medium |
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1 and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270750. | ||||
CVE-2023-27859 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Db2 and 4 more | 2024-03-07 | 6.5 Medium |
IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that overwrites the existing like named jar file in another database. IBM X-Force ID: 249205. | ||||
CVE-2004-0594 | 6 Avaya, Debian, Hp and 3 more | 6 Converged Communications Server, Debian Linux, Hp-ux and 3 more | 2024-02-15 | N/A |
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete. | ||||
CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2024-02-15 | N/A |
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | ||||
CVE-1999-1161 | 1 Hp | 1 Hp-ux | 2024-02-14 | N/A |
Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump. | ||||
CVE-1999-1144 | 1 Hp | 1 Hp-ux | 2024-02-14 | N/A |
Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges. | ||||
CVE-1999-1139 | 1 Hp | 1 Hp-ux | 2024-02-14 | N/A |
Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. | ||||
CVE-1999-1136 | 1 Hp | 2 Hp-ux, Mpe Ix | 2024-02-14 | N/A |
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems. | ||||
CVE-1999-1249 | 1 Hp | 1 Hp-ux | 2024-02-14 | N/A |
movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges. | ||||
CVE-1999-0046 | 10 Bsdi, Debian, Digital and 7 more | 10 Bsd Os, Debian Linux, Ultrix and 7 more | 2024-02-09 | N/A |
Buffer overflow of rlogin program using TERM environmental variable. | ||||
CVE-2002-1337 | 7 Gentoo, Hp, Netbsd and 4 more | 9 Linux, Alphaserver Sc, Hp-ux and 6 more | 2024-02-09 | N/A |
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. | ||||
CVE-2001-0248 | 2 Hp, Sgi | 2 Hp-ux, Irix | 2024-02-02 | 9.8 Critical |
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. | ||||
CVE-2001-0249 | 3 Hp, Oracle, Sgi | 3 Hp-ux, Solaris, Irix | 2024-02-02 | 9.8 Critical |
Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. | ||||
CVE-2004-0940 | 6 Apache, Hp, Openpkg and 3 more | 6 Http Server, Hp-ux, Openpkg and 3 more | 2024-02-02 | 7.8 High |
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. | ||||
CVE-2000-0972 | 1 Hp | 1 Hp-ux | 2024-01-26 | 5.5 Medium |
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates. | ||||
CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2023-12-28 | 7.5 High |
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||||
CVE-2023-50271 | 1 Hp | 2 Hp-ux, System Management Homepage | 2023-12-21 | 7.5 High |
A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information. |