HP : Security Vulnerabilities, CVEs, CVSS score between 2 and 2.99
Unspecified vulnerability in HP Capture and Route Software (HPCR) 1.3 before Patch 7, 1.3 FP1 before Patch 1, and 1.4 before Patch 1 allows remote authenticated users to obtain sensitive information via unknown vectors.
Max CVSS
2.7
EPSS Score
0.09%
Published
2015-04-27
Updated
2016-12-03
Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.
Max CVSS
2.1
EPSS Score
0.07%
Published
1996-08-15
Updated
2018-10-30
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
Max CVSS
2.1
EPSS Score
88.08%
Published
1997-08-01
Updated
2022-11-14
nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information.
Max CVSS
2.1
EPSS Score
0.04%
Published
1996-06-07
Updated
2018-05-03
Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service.
Max CVSS
2.1
EPSS Score
0.04%
Published
1996-12-24
Updated
2017-12-19
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost.
Max CVSS
2.1
EPSS Score
0.04%
Published
1997-03-05
Updated
2016-10-18
Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-10-20
Updated
2008-09-05
Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via a symlink attack on the tool_stat.txt log file.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-02-12
Updated
2008-09-05
Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-02-12
Updated
2017-10-10
Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-03-26
Updated
2017-10-10
pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-06-27
Updated
2017-10-10
Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-12-06
Updated
2017-10-11
The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to cause a denial of service.
Max CVSS
2.1
EPSS Score
0.06%
Published
2001-09-13
Updated
2017-12-19
Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 and Series 800 allows local users to cause a denial of service ("system availability") via text editors such as (1) e, (2) ex, (3) vi, (4) edit, (5) view, and (6) vedit.
Max CVSS
2.1
EPSS Score
0.05%
Published
2001-02-16
Updated
2017-07-11
setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-12-31
Updated
2017-10-12
Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.
Max CVSS
2.1
EPSS Score
0.05%
Published
2002-06-18
Updated
2017-10-11
Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-08-12
Updated
2017-10-11
Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data.
Max CVSS
2.1
EPSS Score
0.05%
Published
2002-10-04
Updated
2008-09-05
ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."
Max CVSS
2.1
EPSS Score
0.04%
Published
2003-04-11
Updated
2017-10-11
Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.
Max CVSS
2.1
EPSS Score
0.05%
Published
2002-08-30
Updated
2017-07-11
HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-12-31
Updated
2017-07-11
Unknown vulnerability in HP Process Resource Manager (PRM) C.02.01[.01] and earlier, as used by HP-UX Workload Manager (WLM), allows local users to corrupt data files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-08-10
Updated
2017-07-11
Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter.
Max CVSS
2.1
EPSS Score
92.35%
Published
2004-03-24
Updated
2017-07-11
Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-05-02
Updated
2017-07-11
Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-03-09
Updated
2017-07-11