Total
466 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0266 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
| Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges. | |||||
| CVE-2002-0677 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2024-02-28 | 7.5 HIGH | N/A |
| CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. | |||||
| CVE-1999-0325 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
| vhe_u_mnt program in HP-UX allows local users to create root files through symlinks. | |||||
| CVE-1999-0014 | 3 Cde, Hp, Ibm | 4 Cde, Hp-ux, Vvos and 1 more | 2024-02-28 | 7.2 HIGH | N/A |
| Unauthorized privileged access or denial of service via dtappgather program in CDE. | |||||
| CVE-2000-0468 | 1 Hp | 1 Hp-ux | 2024-02-28 | 4.6 MEDIUM | N/A |
| man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. | |||||
| CVE-2004-1328 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
| Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges. | |||||
| CVE-1999-0312 | 1 Hp | 1 Hp-ux | 2024-02-28 | 5.0 MEDIUM | N/A |
| HP ypbind allows attackers with root privileges to modify NIS data. | |||||
| CVE-1999-0097 | 3 Hp, Ibm, Sun | 4 Hp-ux, Aix, Solaris and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
| The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). | |||||
| CVE-2004-0594 | 6 Avaya, Debian, Hp and 3 more | 6 Converged Communications Server, Debian Linux, Hp-ux and 3 more | 2024-02-28 | 5.1 MEDIUM | N/A |
| The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete. | |||||
| CVE-2000-1134 | 7 Caldera, Conectiva, Hp and 4 more | 9 Openlinux, Openlinux Edesktop, Openlinux Eserver and 6 more | 2024-02-28 | 7.2 HIGH | N/A |
| Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. | |||||
| CVE-2000-0699 | 1 Hp | 1 Hp-ux | 2024-02-28 | 10.0 HIGH | N/A |
| Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command. | |||||
| CVE-1999-1248 | 1 Hp | 1 Hp-ux | 2024-02-28 | 4.6 MEDIUM | N/A |
| Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges. | |||||
| CVE-2001-0772 | 1 Hp | 1 Hp-ux | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges. | |||||
| CVE-2003-0694 | 11 Apple, Compaq, Freebsd and 8 more | 18 Mac Os X, Mac Os X Server, Tru64 and 15 more | 2024-02-28 | 10.0 HIGH | N/A |
| The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | |||||
| CVE-2003-1358 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
| rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. | |||||
| CVE-2001-0978 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.5 HIGH | N/A |
| login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program. | |||||
| CVE-1999-0696 | 2 Hp, Sun | 3 Hp-ux, Solaris, Sunos | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). | |||||
| CVE-1999-0311 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
| fpkg2swpk in HP-UX allows local users to gain root access. | |||||
| CVE-2000-0083 | 1 Hp | 1 Hp-ux | 2024-02-28 | 4.6 MEDIUM | N/A |
| HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. | |||||
| CVE-1999-0308 | 1 Hp | 1 Hp-ux | 2024-02-28 | 4.6 MEDIUM | N/A |
| HP-UX gwind program allows users to modify arbitrary files. | |||||