Vulnerabilities (CVE)

Filtered by vendor Hp Subscribe
Filtered by product Hp-ux
Total 407 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38949 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2021-11-17 2.1 LOW 5.5 MEDIUM
IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 211403.
CVE-2016-9795 6 Broadcom, Ca, Hp and 3 more 10 Ca Workload Automation Ae, Client Automation, Systemedge and 7 more 2021-11-09 7.2 HIGH 7.8 HIGH
The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.
CVE-2004-0079 23 4d, Apple, Avaya and 20 more 66 Webstar, Mac Os X, Mac Os X Server and 63 more 2021-11-08 5.0 MEDIUM N/A
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVE-2004-0081 23 4d, Apple, Avaya and 20 more 66 Webstar, Mac Os X, Mac Os X Server and 63 more 2021-11-08 5.0 MEDIUM N/A
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVE-2004-0112 23 4d, Apple, Avaya and 20 more 65 Webstar, Mac Os X, Mac Os X Server and 62 more 2021-11-08 5.0 MEDIUM N/A
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVE-2007-1915 7 Apple, Hp, Ibm and 4 more 10 Macos, Hp-ux, Tru64 and 7 more 2021-09-22 7.5 HIGH N/A
Buffer overflow in the RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
CVE-2007-1918 8 Apple, Hp, Ibm and 5 more 11 Macos, Hp-ux, Tru64 and 8 more 2021-09-22 5.0 MEDIUM N/A
The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
CVE-2007-1916 8 Apple, Hp, Ibm and 5 more 11 Macos, Hp-ux, Tru64 and 8 more 2021-09-22 10.0 HIGH N/A
Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
CVE-2007-1913 8 Apple, Hp, Ibm and 5 more 11 Macos, Hp-ux, Tru64 and 8 more 2021-09-22 5.0 MEDIUM N/A
The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
CVE-1999-0524 9 Apple, Cisco, Hp and 6 more 12 Mac Os X, Macos, Ios and 9 more 2021-09-22 0.0 LOW N/A
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVE-2007-1917 8 Apple, Hp, Ibm and 5 more 11 Macos, Hp-ux, Tru64 and 8 more 2021-09-22 10.0 HIGH N/A
Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
CVE-2021-29703 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2021-09-20 5.0 MEDIUM 7.5 HIGH
Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200659.
CVE-2021-20579 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2021-09-20 3.5 LOW 6.5 MEDIUM
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL function to obtain sensitive information when AUTO_REVAL is set to DEFFERED_FORCE. IBM X-Force ID: 199283.
CVE-2021-29777 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2021-09-20 4.0 MEDIUM 6.5 MEDIUM
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of srevice IBM X-Force ID: 203031.
CVE-2021-29728 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, Linux On Zseries and 5 more 2021-09-02 4.0 MEDIUM 4.9 MEDIUM
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 201160.
CVE-2021-29723 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, Linux On Zseries and 5 more 2021-09-02 5.0 MEDIUM 7.5 HIGH
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100.
CVE-2021-29722 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, Linux On Zseries and 5 more 2021-09-02 5.0 MEDIUM 7.5 HIGH
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201095.
CVE-2021-29736 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2021-08-05 6.5 MEDIUM 8.8 HIGH
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to gain elevated privileges on the system. IBM X-Force ID: 201300.
CVE-2021-20560 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Sterling Connect Direct User Interface and 3 more 2021-08-04 4.9 MEDIUM 5.4 MEDIUM
IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 199229.
CVE-2020-4299 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, I and 4 more 2021-07-21 4.0 MEDIUM 4.3 MEDIUM
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 could expose sensitive information to a user through a specially crafted HTTP request. IBM X-Force ID: 176606.