Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
HpHp-ux

111 matches found

CVE
CVEadded 2000/02/04 5:0 a.m.710 views

CVE-1999-0517

An SNMP community name is the default (e.g. public), null, or missing.

7.5CVSS6.7AI score0.92333EPSS
CVE
CVEadded 2019/01/16 8:29 p.m.706 views

CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to...

7.5CVSS7.6AI score0.69522EPSS
CVE
CVEadded 2016/09/28 10:59 a.m.454 views

CVE-2016-2776

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

7.8CVSS6.4AI score0.90734EPSS
CVE
CVEadded 2013/07/29 1:59 p.m.441 views

CVE-2013-4854

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with...

7.8CVSS5.6AI score0.70184EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.423 views

CVE-1999-0502

A Unix account has a default, null, blank, or missing password.

7.5CVSS6.4AI score0.35822EPSS
CVE
CVEadded 2005/03/25 5:0 a.m.297 views

CVE-2002-1614

Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.

7.2CVSS7.8AI score0.00899EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.142 views

CVE-2004-0826

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.

7.5CVSS7.7AI score0.02995EPSS
CVE
CVEadded 2005/02/09 5:0 a.m.120 views

CVE-2004-0940

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

7.8CVSS8AI score0.04161EPSS
CVE
CVEadded 2004/11/23 5:0 a.m.108 views

CVE-2004-0079

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

7.5CVSS7.1AI score0.02058EPSS
CVE
CVEadded 2003/03/25 5:0 a.m.89 views

CVE-2003-0028

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a differ...

7.5CVSS9.8AI score0.56051EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.84 views

CVE-2002-1317

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

7.5CVSS8AI score0.42484EPSS
CVE
CVEadded 2003/10/06 4:0 a.m.72 views

CVE-2003-0681

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

7.5CVSS6.8AI score0.12435EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.71 views

CVE-1999-0138

The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.

7.2CVSS7.4AI score0.00095EPSS
CVE
CVEadded 2002/07/23 4:0 a.m.68 views

CVE-2002-0677

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

7.5CVSS6.8AI score0.19026EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.65 views

CVE-1999-0014

Unauthorized privileged access or denial of service via dtappgather program in CDE.

7.2CVSS7.4AI score0.0086EPSS
CVE
CVEadded 2005/03/25 5:0 a.m.63 views

CVE-2002-1615

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.

7.2CVSS7.9AI score0.00091EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.61 views

CVE-1999-0022

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

7.8CVSS7.4AI score0.00254EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.61 views

CVE-2002-0678

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

7.2CVSS6.2AI score0.0043EPSS
CVE
CVEadded 2008/08/08 7:41 p.m.57 views

CVE-2008-1664

Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.

7.8CVSS6.6AI score0.02728EPSS
CVE
CVEadded 2015/07/06 2:59 p.m.55 views

CVE-2015-2126

Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.

7.2CVSS6.6AI score0.00046EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.54 views

CVE-1999-0131

Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

7.2CVSS6.8AI score0.00096EPSS
CVE
CVEadded 2001/01/09 5:0 a.m.54 views

CVE-2000-1134

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

7.2CVSS6.2AI score0.00177EPSS
CVE
CVEadded 2008/12/11 3:30 p.m.54 views

CVE-2008-4418

Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.

7.8CVSS6.3AI score0.03052EPSS
CVE
CVEadded 2000/12/20 5:0 a.m.53 views

CVE-1999-0307

Buffer overflow in HP-UX cstm program allows local users to gain root privileges.

7.2CVSS7.2AI score0.0007EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.53 views

CVE-1999-0690

HP CDE program includes the current directory in root's PATH variable.

7.2CVSS7AI score0.00052EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.53 views

CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary...

7.5CVSS7.2AI score0.00871EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.51 views

CVE-2001-0085

Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to cause a denial of service and possibly execute arbitrary commands.

7.2CVSS7.3AI score0.00051EPSS
CVE
CVEadded 2006/03/25 12:6 a.m.51 views

CVE-2006-1389

Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

7.8CVSS6.5AI score0.07825EPSS
CVE
CVEadded 2006/07/03 1:5 a.m.51 views

CVE-2006-3335

Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.4AI score0.00061EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.50 views

CVE-2001-0668

Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.

7.5CVSS7.6AI score0.01763EPSS
CVE
CVEadded 2005/03/10 5:0 a.m.50 views

CVE-2004-1764

Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.

7.2CVSS6.8AI score0.00076EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.49 views

CVE-1999-0040

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

7.2CVSS7.9AI score0.003EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.49 views

CVE-1999-0130

Local users can start Sendmail in daemon mode and gain root privileges.

7.2CVSS7AI score0.00886EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.49 views

CVE-1999-0435

MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM.

7.2CVSS6.6AI score0.00079EPSS
CVE
CVEadded 2002/03/15 5:0 a.m.49 views

CVE-2001-1198

RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.

7.2CVSS7AI score0.00047EPSS
CVE
CVEadded 2006/04/11 12:2 a.m.49 views

CVE-2006-1689

Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain unspecified access.

7.2CVSS6.5AI score0.00053EPSS
CVE
CVEadded 2007/08/01 4:17 p.m.49 views

CVE-2007-4125

Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors.

7.1CVSS6.6AI score0.00667EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.47 views

CVE-1999-0050

Buffer overflow in HP-UX newgrp program.

7.2CVSS7.7AI score0.00337EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.47 views

CVE-1999-0057

Vacation program allows command execution by remote users through a sendmail command.

7.5CVSS7.1AI score0.02856EPSS
CVE
CVEadded 2005/01/06 5:0 a.m.46 views

CVE-2004-1332

Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.

7.5CVSS9.9AI score0.11894EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.45 views

CVE-1999-0333

HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.

7.5CVSS7.3AI score0.01336EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.45 views

CVE-2000-0077

The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.

7.2CVSS7AI score0.00187EPSS
CVE
CVEadded 2005/03/25 5:0 a.m.45 views

CVE-2002-1605

Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.

7.5CVSS8.1AI score0.27592EPSS
CVE
CVEadded 2007/11/14 1:46 a.m.45 views

CVE-2007-5946

Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.

7.2CVSS6.1AI score0.00053EPSS
CVE
CVEadded 2009/10/05 6:30 p.m.45 views

CVE-2009-2679

Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.

7.8CVSS6.3AI score0.01399EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.44 views

CVE-1999-0127

swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access.

7.2CVSS7.7AI score0.0006EPSS
CVE
CVEadded 2007/10/29 7:0 p.m.44 views

CVE-2002-2363

VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.

7.2CVSS7AI score0.00036EPSS
CVE
CVEadded 2007/10/06 8:0 p.m.44 views

CVE-2004-2693

HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.

7.2CVSS7AI score0.00034EPSS
CVE
CVEadded 2007/12/24 8:46 p.m.44 views

CVE-2007-6419

Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.

7.8CVSS6.5AI score0.02777EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.43 views

CVE-1999-0324

ppl program in HP-UX allows local users to create root files through symlinks.

7.2CVSS7.1AI score0.0006EPSS
Total number of security vulnerabilities111