| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. |
| stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs. |
| Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service. |
| HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so. |
| Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service. |
| Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors. |
| Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. |
| Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. |
| Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument. |
| Vulnerability in HP-UX mediainit program. |
| fpkg2swpk in HP-UX allows local users to gain root access. |
| Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code. |
| HP-UX gwind program allows users to modify arbitrary files. |
| HP Remote Watch allows a remote user to gain root access. |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
| swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access. |
| pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| Buffer overflow in HP-UX newgrp program. |
| The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. |
| HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption. |
