Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status
NVD contains:

Last updated: 9/30/2014 2:15:22 PM

CVE Publication rate: 38.5

Email List

NVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index
Vulnerability Workload Index: 11
About Us
NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security's National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).
CVE-2012-0126

Summary: Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attackers to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0125.

Published: 3/28/2012 6:54:59 AM

CVSS Severity: 5.8 MEDIUM
CVE-2008-4413

Summary: Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions.

Published: 11/4/2008 1:29:47 PM

CVSS Severity: 6.2 MEDIUM
CVE-2008-1664

Summary: Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.

Published: 8/8/2008 3:41:00 PM

CVSS Severity: 7.8 HIGH
CVE-2008-1660

Summary: Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors.

Published: 5/21/2008 9:24:00 AM

CVSS Severity: 6.3 MEDIUM
CVE-2008-0713

Summary: Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23, and B.11.31 allows remote authenticated users to cause a denial of service (FTP server outage) via unknown attack vectors.

Published: 5/13/2008 4:20:00 PM

CVSS Severity: 6.8 MEDIUM
CVE-2008-1659

Summary: Unspecified vulnerability in HP LDAP-UX vB.04.10 through vB.04.15 allows local users to gain privileges via unknown vectors.

Published: 5/7/2008 8:20:00 PM

CVSS Severity: 7.2 HIGH
CVE-2008-0707

Summary: HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B.11.11 and B.11.23 allows local users to gain privileges via unspecified vectors.

Published: 3/19/2008 8:44:00 PM

CVSS Severity: 7.2 HIGH
CVE-2008-0212

Summary: ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access.

Published: 2/6/2008 4:00:00 PM

CVSS Severity: 7.8 HIGH
CVE-2007-6419

Summary: Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.

Published: 12/24/2007 3:46:00 PM

CVSS Severity: 7.8 HIGH
CVE-2007-6195

Summary: Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.

Published: 12/14/2007 8:46:00 PM

CVSS Severity: 10.0 HIGH
CVE-2007-5946

Summary: Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.

Published: 11/13/2007 8:46:00 PM

CVSS Severity: 7.2 HIGH
CVE-2007-5536

Summary: Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.

Published: 10/17/2007 8:17:00 PM

CVSS Severity: 4.9 MEDIUM
CVE-2007-5302

Summary: Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: 10/9/2007 2:17:00 PM

CVSS Severity: 4.3 MEDIUM
CVE-2007-5008

Summary: The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.

Published: 9/20/2007 5:17:00 PM

CVSS Severity: 9.0 HIGH
CVE-2007-4590

Summary: The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.

Published: 8/28/2007 9:17:00 PM

CVSS Severity: 3.3 LOW
CVE-2007-4179

Summary: Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. NOTE: this is probably different from CVE-2007-0916, but this is not certain due to lack of vendor details.

Published: 8/7/2007 9:17:00 PM

CVSS Severity: 1.5 LOW
CVE-2007-4125

Summary: Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors.

Published: 8/1/2007 12:17:00 PM

CVSS Severity: 7.1 HIGH
CVE-2007-2351

Summary: Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX B.11.11 and B.11.23 allows local users to execute arbitrary code via unspecified vectors.

Published: 4/30/2007 6:19:00 PM

CVSS Severity: 7.2 HIGH
CVE-2007-2246

Summary: Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434.

Published: 4/25/2007 12:19:00 PM

CVSS Severity: 7.8 HIGH
CVE-2007-1727

Summary: Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors.

Published: 3/28/2007 6:19:00 AM

CVSS Severity: 6.5 MEDIUM