| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Certain HP OfficeJet Pro printers may be vulnerable to potential denial of service when the IPP requests are mishandled, failing to establish a TCP connection. |
| Certain HP OfficeJet Pro printers may expose information if Cross‑Origin Resource Sharing (CORS) is misconfigured, potentially allowing unauthorized web origins to access device resource.
CORS is disabled by default on Pro‑class devices and can only be enabled by an administrator through the Embedded Web Server (EWS). Keeping CORS disabled unless explicitly required helps ensure that only trusted solutions can interact with the device. |
| HP System Event Utility might allow denial of service with elevated arbitrary file writes. This potential vulnerability was
remediated with HP System Event Utility version 3.2.16. |
| Teardrop IP denial of service. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Buffer overflow in HP-UX newgrp program. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. |
| Denial of service of inetd on Linux through SYN and RST packets. |
| Buffer overflow in HP-UX cstm program allows local users to gain root privileges. |
| HP Remote Watch allows a remote user to gain root access. |
| HP-UX gwind program allows users to modify arbitrary files. |
| fpkg2swpk in HP-UX allows local users to gain root access. |
| HP ypbind allows attackers with root privileges to modify NIS data. |
| The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). |
