Vulnerabilities > HP > HP UX > b.11.31
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-07-19 | CVE-2016-2775 | Improper Input Validation vulnerability in multiple products ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol. | 5.9 |
2015-05-21 | CVE-2015-4000 | Cryptographic Issues vulnerability in multiple products The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. | 3.7 |
2014-12-10 | CVE-2014-7879 | Improper Authentication vulnerability in HP Hp-Ux B.11.11/B.11.23/B.11.31 HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors. | 8.5 |
2014-10-30 | CVE-2014-7877 | Local Denial Of Service vulnerability in HP Hp-Ux B.11.31 Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors. | 4.9 |
2014-10-19 | CVE-2014-7874 | Cross-Site Request Forgery (CSRF) vulnerability in HP Hp-Ux and System Management Homepage Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2014-07-17 | CVE-2014-2490 | Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | 9.3 |
2014-04-19 | CVE-2013-6219 | Local Unauthorized Access vulnerability in HP Hp-Ux Whitelisting A.01.02 Unspecified vulnerability in HP HP-UX Whitelisting (aka WLI) before A.01.02.02 on HP-UX B.11.31 allows local users to bypass intended access restrictions via unknown vectors. | 3.8 |
2014-03-11 | CVE-2013-6200 | Unspecified vulnerability in HP Hp-Ux B.11.23/B.11.31 Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors. | 6.2 |
2013-07-29 | CVE-2013-4854 | Remote Denial of Service vulnerability in ISC BIND 9 DNS RDATA Handling The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. | 7.8 |
2011-11-19 | CVE-2011-4159 | Unspecified vulnerability in HP Event Monitoring Service A.04.20.11.04 Unspecified vulnerability in System Administration Manager (SAM) in EMS before A.04.20.11.04_01 on HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors. | 6.8 |