U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
There are 28 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2014-7879

HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors.

Published: December 10, 2014; 4:59:13 PM -0500
V3.x:(not available)
V2.0: 8.5 HIGH
CVE-2014-7874

Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Published: October 18, 2014; 9:55:21 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2014-2490

Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

Published: July 17, 2014; 1:10:14 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-6209

Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.

Published: March 14, 2014; 6:55:05 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2013-6200

Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors.

Published: March 11, 2014; 9:01:04 AM -0400
V3.x:(not available)
V2.0: 6.2 MEDIUM
CVE-2013-5870

Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.

Published: January 15, 2014; 11:11:04 AM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2014-0418

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0424.

Published: January 15, 2014; 11:08:10 AM -0500
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2014-0382

Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect availability via unknown vectors related to JavaFX.

Published: January 15, 2014; 11:08:07 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2013-5906

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905.

Published: January 15, 2014; 11:08:06 AM -0500
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2013-5904

Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Published: January 15, 2014; 11:08:06 AM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-5895

Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX.

Published: January 15, 2014; 11:08:06 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-0131

Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: April 05, 2012; 9:55:01 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2011-4159

Unspecified vulnerability in System Administration Manager (SAM) in EMS before A.04.20.11.04_01 on HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.

Published: November 18, 2011; 10:58:55 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-2398

Unspecified vulnerability in the dynamic loader in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges or cause a denial of service via unknown vectors.

Published: July 11, 2011; 4:55:01 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-0891

Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors.

Published: April 04, 2011; 8:27:56 AM -0400
V3.x:(not available)
V2.0: 4.4 MEDIUM
CVE-2010-4108

HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors.

Published: December 08, 2010; 1:00:04 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-2712

Unspecified vulnerability in Software Distributor (sd) in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.

Published: August 30, 2010; 5:00:12 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-1039

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

Published: May 20, 2010; 1:30:01 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-0452

Multiple cross-site scripting (XSS) vulnerabilities in HP Project and Portfolio Management Center (PPMC, formerly Mercury IT Governance) 7.1 through SP10 and 7.5 through SP3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: March 29, 2010; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2009-2679

Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.

Published: October 05, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH