Lucene search
K

259 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:8 a.m.9 views

CVE-2010-1973

Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3, 8.2-1, and earlier on the Itanium platform, allows local users to gain privileges or obtain sensitive information via unknown vectors...

6.8CVSS6.5AI score0.00278EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:37 p.m.9 views

CVE-2008-5417

HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the 1 SYS$CRELNM and 2 SYS$DELLNM system services...

2.1CVSS6.8AI score0.00438EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:43 p.m.6 views

CVE-2002-2000

ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows attackers to access data...

2.1CVSS6.8AI score0.00363EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 6:15 p.m.34 views

K17522: NTP vulnerability CVE-2015-7851

Security Advisory Description Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary...

6.5CVSS7AI score0.03942EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 5:13 a.m.5 views

SUSE CVE-2015-7851

Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...

6.5CVSS8AI score0.03942EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 9:6 p.m.20 views

Security Bulletin: IBM Sterling Connect:Direct for OpenVMS. Unencrypted data transfers can occur even when SSL encryption is specified in the security configuration. (CVE-2013-4035)

Abstract Unencrypted data transfers can occur even when SSL encryption is specified in the security configuration. Content VULNERABILITY DETAILS: CVEID: CVE-2013-4035 DESCRIPTION: When Connect:Direct for OpenVMS is the server in a TCP/IP session, and the client requests an unencrypted session, C:...

7.3CVSS7AI score0.00473EPSS
Exploits0Affected Software1
OSV
OSV
added 2020/01/28 5:15 p.m.1 views

DEBIAN-CVE-2015-7851

Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...

6.5CVSS7.2AI score0.03942EPSS
Exploits1References1
NVD
NVD
added 2020/01/28 5:15 p.m.18 views

CVE-2015-7851

Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...

6.5CVSS7.6AI score0.03942EPSS
Exploits1References3
CVE
CVE
added 2020/01/28 4:35 p.m.121 views

CVE-2015-7851

CVE-2015-7851 is a directory traversal vulnerability in ntpd’s save_config path (ntp_control.c) affecting ntpd before 4.2.8p4. The issue arises on systems where directory separators differ (e.g., OpenVMS), allowing remote authenticated users to overwrite arbitrary files via crafted config saves. ...

6.5CVSS7.5AI score0.03942EPSS
Exploits1References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/22 1:29 a.m.52 views

Security Bulletin: Vulnerability in OpenSSL( CVE-2016-0800 ) affect IBM WebSphere MQ on OpenVMS Alpha & Itanium when using HP OpenSSL V1.4 kit

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by HP SSL 1.4 on HP OpenVMS. IBM WebSphere MQ on OpenVMS Alpha & Itanium uses HP SSL and has addressed the applicable CVE CVE-2016-0800 the “DROWN: Decrypting RSA with Obsolete and Weakened...

5.9CVSS1AI score0.82112EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:6 a.m.13 views

Security Bulletin: Vulnerability in OpenSSLaffect IBM WebSphere MQ V6.0 on OpenVMS Alpha and Itanium platforms ( CVE-2016-2183 )

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by HP SSL on HP OpenVMS. IBM WebSphere MQ on OpenVMS Alpha and Itanium uses HP SSL and has addressed the applicable CVE CVE-2016-2183 known as “SWEET32 Birthday attack"...

7.5CVSS6.9AI score0.95707EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:2 a.m.18 views

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM WebSphere MQ (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM WebSphere MQ. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this...

5CVSS1.1AI score0.74006EPSS
Exploits0Affected Software1
Prion
Prion
added 2018/05/01 6:29 p.m.16 views

Code injection

IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the...

4.1CVSS7.1AI score0.00473EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/05/01 6:29 p.m.18 views

CVE-2013-4035

IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the...

7.3CVSS7.3AI score0.00473EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/05/01 6:0 p.m.23 views

CVE-2013-4035

IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the...

7.3AI score0.00473EPSS
Exploits0References2
CVE
CVE
added 2018/05/01 6:0 p.m.45 views

CVE-2013-4035

CVE-2013-4035 affects IBM Sterling Connect:Direct for OpenVMS (versions 3.4.00, 3.4.01, 3.5.00, 3.6.0, 3.6.0.1). When the server is in a TCP/IP session and the client requests an unencrypted session, the product may allow an unencrypted session to proceed even if SSL is configured, exposing data....

7.3CVSS7.2AI score0.00473EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/02/07 3:29 p.m.16 views

Buffer overflow

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is...

4.6CVSS8AI score0.00647EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/02/07 3:29 p.m.3 views

CVE-2017-17482

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is...

7.8CVSS6.1AI score0.00647EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2018/02/07 3:29 p.m.1 views

CVE-2017-17482

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is...

7.8CVSS5.9AI score0.00647EPSS
Exploits0References6
NVD
NVD
added 2018/02/07 3:29 p.m.21 views

CVE-2017-17482

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is...

7.8CVSS8.1AI score0.00647EPSS
Exploits0References3
Rows per page
Query Builder