| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in mstm in HP-UX allows local users to gain root access. |
| Buffer overflow in NIS+, in Sun's rpc.nisd program. |
| Unauthorized privileged access or denial of service via dtappgather program in CDE. |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
| MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. |
| stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs. |
| Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. |
| Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data. |
| HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions. |
| OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. |
| Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840. |
| Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors. |
| Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet. |
| Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors. |
| Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors. |
| Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors. |
| Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. |
| Unspecified vulnerability in HP OpenView Storage Data Protector 5.1 and 5.5 allows remote attackers to execute arbitrary code via unknown vectors. |
| HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when "Trust by Certificates" is not enabled, allows remote attackers to bypass authentication via a crafted URL. |
| /sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service. |
