| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| HP CDE program includes the current directory in root's PATH variable. |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. |
| Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). |
| The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization. |
| Denial of service in HP-UX SharedX recserv program. |
| HP Secure Web Console uses weak encryption. |
| HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation. |
| Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option. |
| HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). |
| HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging. |
| HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100. |
| Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges. |
| Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument. |
| Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh). |
| HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users. |
| Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. |
| Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4994 and PHSS_5438. |
| Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems. |
| Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. |
| Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges. |
