CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-17482
https://notcve.org/view.php?id=CVE-2017-17482
07 Feb 2018 — An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation. • http://www.openvms.org/node/121 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-3276
https://notcve.org/view.php?id=CVE-2012-3276
13 Dec 2012 — HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows local users to cause a denial of service via unspecified vectors. HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium y v7.3-2, v8.2, v8.3 y v8.4 en la plataforma Alpha no implementa correctamente el inicio de sesión y el programa ACME_SERVER ACMELOGIN, lo que permite a usuarios locales provocar una denegació... • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03599086 • CWE-16: Configuration •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2012-3277
https://notcve.org/view.php?id=CVE-2012-3277
13 Dec 2012 — HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows remote attackers to cause a denial of service via unspecified vectors. HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium y v7.3-2, v8.2, v8.3 y v8.4 en la plataforma Alpha no implementa correctamente el inicio de sesión y el programa ACME_SERVER ACMELOGIN, lo que permite a atacantes remotos provocar una den... • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03599086 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2012-0134
https://notcve.org/view.php?id=CVE-2012-0134
19 Apr 2012 — Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64 platform allows local users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP OpenVMS v7.3-2 en la plataforma Alpha, v8.3 y v8.4 en la plataforma Alpha e IA64, y v8.3-1H1 en la plataforma IA64 permite a usuarios locales provocar una denegación de servicio a través de vectores desconocidos. • http://www.securityfocus.com/archive/1/522386 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2010-1973
https://notcve.org/view.php?id=CVE-2010-1973
22 Jul 2010 — Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3, 8.2-1, and earlier on the Itanium platform, allows local users to gain privileges or obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en Auditing subsystem de HP OpenVMS v8.3, 8.2, 7.3-2 y anteriores en la plataforma ALPHA y 8.3-1H1, 8.3, 8.2-1 y anteriores en la plataforma Itanium; permite a usuarios locales ganar privilegios u obtener infor... • http://marc.info/?l=bugtraq&m=127905660900687&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2010-2612
https://notcve.org/view.php?id=CVE-2010-2612
01 Jul 2010 — Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3; and OpenVMS for Integrity Servers 8.3 AND 8.3-1H1; allows local users to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en la característica de auditoría de HP OpenVMS en los servidores OpenVMS ALPHA v7.3-2, v8.2, y v8.3, y OpenVMS for Integrity v8,3 y v8.3-1H1; permite a usuarios locales obtener información sensible a través de vectores desconocidos. • ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/VMS732_SYS_MUP-V1900.txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2008-4052
https://notcve.org/view.php?id=CVE-2008-4052
11 Sep 2008 — Stack-based buffer overflow in SMGSHR.EXE in OpenVMS for Integrity Servers 8.2-1, 8.3, and 8.3-1H1 and OpenVMS ALPHA 7.3-2, 8.2, and 8.3 allows local users to cause a denial of service (crash) or gain privileges via unspecified vectors. Desbordamiento de búfer basado en pila en el archivo SMGSHR.EXE en OpenVMS para Integrity Servers 8.2-1, 8.3, y 8.3-1H1 y OpenVMS ALPHA 7.3-2, 8.2, y 8.3 que permite a los usuarios locales causar una denegación de servicios (caída) o aumentar privilegios a través de vectores... • http://mail.openvms.org:8100/Lists/alerts/Message/832.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5241
https://notcve.org/view.php?id=CVE-2007-5241
06 Oct 2007 — Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All" command, which overwrites a Non-Paged Pool Packet. Desbordamiento de búfer en NET$CSMACD.EXE en HP OpenVMS 8.3 y anteriores permite a usuarios locales provocar denegación de servicio (caida de maquina) a través de comando "MCR MCL SHOW CSMA-CD Port * All", el cual sobrescribe Non-Paged Pool Packet. • http://mail.openvms.org:8100/Lists/alerts/Message/582.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5242
https://notcve.org/view.php?id=CVE-2007-5242
06 Oct 2007 — Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after receipt of the first buffer segment." Vulnerabilidad no especificada en (1) SYS$EI1000.EXE y (2) SYS$EI1000_MON.EXE en HP OpenVMS 8.3 y anteriores permite a atacantes remotos provocar denegación de servicio (caida de maquina) a través... • http://mail.openvms.org:8100/Lists/alerts/Message/582.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2007-0139
https://notcve.org/view.php?id=CVE-2007-0139
09 Jan 2007 — Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to (1) [SYSEXE]CTF$UI.EXE, (2) [SYSMSG]CTF$MESSAGES.EXE, (3) [SYSHLP]CTF$HELP.HLB, and (4) [SYSMGR]CTF$STARTUP.COM. Vulnerabilidad no especificada en la característica DECnet-Plus 7.3-2 en DECnet/OSI 7.3-2 para OpenVMS ALPHA, y... • ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIMUP01-V0703-2.txt •