Vulnerabilities > HP > HP UX
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-12-10 | CVE-2014-7879 | Improper Authentication vulnerability in HP Hp-Ux B.11.11/B.11.23/B.11.31 HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors. | 8.5 |
| 2014-10-30 | CVE-2014-7877 | Local Denial Of Service vulnerability in HP Hp-Ux B.11.31 Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors. | 4.9 |
| 2014-10-19 | CVE-2014-7874 | Cross-Site Request Forgery (CSRF) vulnerability in HP Hp-Ux and System Management Homepage Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2014-08-26 | CVE-2013-6335 | Improper Preservation of Permissions vulnerability in IBM Tivoli Storage Manager The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations. | 3.3 |
| 2014-07-17 | CVE-2014-2490 | Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | 9.3 |
| 2014-04-19 | CVE-2013-6219 | Local Unauthorized Access vulnerability in HP Hp-Ux Whitelisting A.01.02 Unspecified vulnerability in HP HP-UX Whitelisting (aka WLI) before A.01.02.02 on HP-UX B.11.31 allows local users to bypass intended access restrictions via unknown vectors. | 3.8 |
| 2014-03-14 | CVE-2013-6209 | Remote Denial of Service vulnerability in HP-UX Running NFS Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service via unknown vectors. network hp | 4.3 |
| 2014-03-11 | CVE-2013-6200 | Unspecified vulnerability in HP Hp-Ux B.11.23/B.11.31 Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors. | 6.2 |
| 2013-07-29 | CVE-2013-4854 | Remote Denial of Service vulnerability in ISC BIND 9 DNS RDATA Handling The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. | 7.8 |
| 2013-01-21 | CVE-2012-2291 | Permissions, Privileges, and Access Controls vulnerability in EMC Avamar and Avamar Plugin EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack. | 7.2 |