Hp-ux

This hub aggregates every CVE we track for Hp-ux, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Hp-ux.

• CVE-2023-30903HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6. 5.5Jun 16, 2023
• CVE-2018-5741Update policies krb5-subdomain and ms-subdomain do not enforce controls promised in their documentation6.5Jan 16, 2019
• CVE-2018-5740A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named7.5Jan 16, 2019
• CVE-2016-2776buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of servi...7.5Sep 28, 2016
• CVE-2016-2775ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon cra...5.9Jul 19, 2016
• CVE-2015-2126Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.7.2Jul 6, 2015
• CVE-2015-4000The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to...3.7May 21, 2015
• CVE-2014-7879HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via un...8.5Dec 10, 2014
• CVE-2014-7877Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.4.9Oct 30, 2014
• CVE-2014-7874Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authen...6.8Oct 19, 2014
• CVE-2014-2490Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Ho...9.3Jul 17, 2014
• CVE-2013-6209Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.4.3Mar 14, 2014
• CVE-2013-6200Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors.6.2Mar 11, 2014
• CVE-2013-4854The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows re...7.8Jul 26, 2013
• CVE-2012-0507Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to...KEV9.8Jun 7, 2012