Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status
NVD contains:

Last updated: 9/21/2014 12:19:52 PM

CVE Publication rate: 29.27

Email List

NVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index
Vulnerability Workload Index: 9.17
About Us
NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security's National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).
CVE-2012-0125

Summary: Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.31 allows local users to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0126.

Published: 3/28/2012 6:54:59 AM

CVSS Severity: 3.3 LOW
CVE-2010-0451

Summary: The installation process for NFS/ONCplus B.11.31_08 and earlier on HP HP-UX B.11.31 changes the NFS_SERVER setting in the nfsconf file, which might allow remote attackers to obtain filesystem access via NFS requests.

Published: 3/29/2010 6:30:00 PM

CVSS Severity: 4.0 MEDIUM
CVE-2008-4413

Summary: Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions.

Published: 11/4/2008 1:29:47 PM

CVSS Severity: 6.2 MEDIUM
CVE-2008-1664

Summary: Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.

Published: 8/8/2008 3:41:00 PM

CVSS Severity: 7.8 HIGH
CVE-2008-1660

Summary: Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors.

Published: 5/21/2008 9:24:00 AM

CVSS Severity: 6.3 MEDIUM
CVE-2008-0713

Summary: Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23, and B.11.31 allows remote authenticated users to cause a denial of service (FTP server outage) via unknown attack vectors.

Published: 5/13/2008 4:20:00 PM

CVSS Severity: 6.8 MEDIUM
CVE-2008-1659

Summary: Unspecified vulnerability in HP LDAP-UX vB.04.10 through vB.04.15 allows local users to gain privileges via unknown vectors.

Published: 5/7/2008 8:20:00 PM

CVSS Severity: 7.2 HIGH
CVE-2007-6425

Summary: Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors.

Published: 1/23/2008 4:00:00 PM

CVSS Severity: 10.0 HIGH
CVE-2007-6419

Summary: Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.

Published: 12/24/2007 3:46:00 PM

CVSS Severity: 7.8 HIGH
CVE-2007-5946

Summary: Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.

Published: 11/13/2007 8:46:00 PM

CVSS Severity: 7.2 HIGH
CVE-2007-5536

Summary: Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.

Published: 10/17/2007 8:17:00 PM

CVSS Severity: 4.9 MEDIUM
CVE-2007-5302

Summary: Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: 10/9/2007 2:17:00 PM

CVSS Severity: 4.3 MEDIUM
CVE-2007-5008

Summary: The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.

Published: 9/20/2007 5:17:00 PM

CVSS Severity: 9.0 HIGH
CVE-2007-4590

Summary: The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.

Published: 8/28/2007 9:17:00 PM

CVSS Severity: 3.3 LOW
CVE-2007-4125

Summary: Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors.

Published: 8/1/2007 12:17:00 PM

CVSS Severity: 7.1 HIGH