| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28.
This issue affects Hitachi Virtual Storage Platform One Block 23/24/26/28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00. |
| Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6, including 9.3.x and 8.3.x, do not restrict Groovy scripts in new PRPT reports published by users, allowing insertion of arbitrary scripts and leading to a RCE. |
| Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management Partner 1/IT Desktop Management - Manager on Windows, JP1/NETM/DM Manager on Windows, JP1/NETM/DM Client on Windows, Job Management Partner 1/Software Distribution Manager on Windows, Job Management Partner 1/Software Distribution Client on Windows.This issue affects JP1/IT Desktop Management 2 - Manager: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; JP1/IT Desktop Management 2 - Operations Director: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; Job Management Partner 1/IT Desktop Management 2 - Manager: from 10-50 through 10-50-11; JP1/IT Desktop Management - Manager: from 09-50 through 10-10-16; Job Management Partner 1/IT Desktop Management - Manager: from 09-50 through 10-10-16; JP1/NETM/DM Manager: from 09-00 through 10-20-02; JP1/NETM/DM Client: from 09-00 through 10-20-02; Job Management Partner 1/Software Distribution Manager: from 09-00 through 09-51-13; Job Management Partner 1/Software Distribution Client: from 09-00 through 09-51-13. |
| Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management Partner 1/IT Desktop Management - Manager on Windows, JP1/NETM/DM Manager on Windows, JP1/NETM/DM Client on Windows, Job Management Partner 1/Software Distribution Manager on Windows, Job Management Partner 1/Software Distribution Client on Windows.This issue affects JP1/IT Desktop Management 2 - Manager: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; JP1/IT Desktop Management 2 - Operations Director: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; Job Management Partner 1/IT Desktop Management 2 - Manager: from 10-50 through 10-50-11; JP1/IT Desktop Management - Manager: from 09-50 through 10-10-16; Job Management Partner 1/IT Desktop Management - Manager: from 09-50 through 10-10-16; JP1/NETM/DM Manager: from 09-00 through 10-20-02; JP1/NETM/DM Client: from 09-00 through 10-20-02; Job Management Partner 1/Software Distribution Manager: from 09-00 through 09-51-13; Job Management Partner 1/Software Distribution Client: from 09-00 through 09-51-13. |
| Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, and GlobalLink Availability Manager before 20070528 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. |
| Unspecified vulnerability in Hitachi TP1/Server Base before 03-05-/P, 05-00-x before 05-00-/G, 05-01-x before 05-01-/A, and 05-02-x before 05-02-/C on HP-UX 11.0 through 11i v3 allows attackers to cause a denial of service by sending certain data to a port. |
| Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information. |
| Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| Unspecified vulnerability in Hitachi TP1/NET/OSI-TP-Extended on HI-UX/WE2 before 20070213, and on HP-UX before 20070314, allows remote attackers to cause a denial of service via certain data to a port. |
| Unspecified vulnerability in the Map I/O Service (xpwmap) in Hitachi XP/W on HI-UX/WE2 before 20070319, and XP/W on HP-UX before 20070405, allows remote attackers to cause a denial of service via certain data to the service port. |
| Multiple memory leaks in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B44-A121 before 02-10-/V on HP-UX, allow remote attackers to cause a denial of service (memory consumption) via invalid LDAP requests. |
| Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager, and Tuning Manager allows local users to obtain authentication information via unspecified vectors. |
| Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before 20070706 allows remote attackers to cause a denial of service (daemon crash) via a certain request. |
| SQL injection vulnerability in Job Management Partner 1/NETM/DM (JP1/NETM/DM) Manager on Windows before 20070413 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard and Professional; uCosminexus Service Architect; Electronic Form Workflow Standard Set, Professional Library Set, and Developer Client Set; and uCosminexus ERP Integrator, does not properly manage session information, which has an unspecified impact related to "unintended other requests." |
| Unspecified vulnerability in Hitachi JP1/HIBUN Advanced Edition Management Server and Log Server before 20070124 allows remote attackers to cause a denial of service (application stop) via unexpected data. |
| Hitachi TP1/LiNK 05-00 through 05-03-/F, 03-04 through 03-06-/K, and 03-00 through 03-03-/H; and TP1/Server Base 05-00 through 05-00-/M, 03-01-E through 03-01-FD, 03-01 through 03-01-DB, and 05-03; allow attackers to cause a denial of service (process crash) via invalid data to an OpenTP1 port. |
| Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps. |
| Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior. |
| Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B44-A121 before 02-10-/V on HP-UX, allows remote attackers to execute arbitrary code via crafted LDAP requests. |
