Page 10 of 84 results (0.014 seconds)

CVSS: 6.4EPSS: 1%CPEs: 4EXPL: 0

HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption. • http://marc.info/?l=bugtraq&m=112420609211136&w=2 http://marc.info/?l=bugtraq&m=112422597529112&w=2 http://secunia.com/advisories/16456 http://securitytracker.com/id?1014711 https://exchange.xforce.ibmcloud.com/vulnerabilities/21857 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5775 •

CVSS: 7.5EPSS: 25%CPEs: 15EXPL: 0

Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. • http://marc.info/?l=bugtraq&m=110797179710695&w=2 http://secunia.com/advisories/13608 http://securitytracker.com/id?1012650 http://www.idefense.com/application/poi/display?id=175&type=vulnerabilities&flashstatus=false http://www.kb.cert.org/vuls/id/647438 http://www.securityfocus.com/bid/12077 https://exchange.xforce.ibmcloud.com/vulnerabilities/18636 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701 •

CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0

Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges. • http://marc.info/?l=bugtraq&m=110384155209555&w=2 http://www.ciac.org/ciac/bulletins/p-085.shtml http://www.securityfocus.com/bid/12098 https://exchange.xforce.ibmcloud.com/vulnerabilities/18674 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5435 •

CVSS: 9.3EPSS: 19%CPEs: 157EXPL: 1

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. • https://www.exploit-db.com/exploits/24763 http://jouko.iki.fi/adv/javaplugin.html http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html http://secunia.com/advisories/13271 http://secunia.com/advisories/29035 http://securityreason.com/securityalert/61 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1 http://sunsolve.sun.co • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 3

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. • https://www.exploit-db.com/exploits/587 https://www.exploit-db.com/exploits/24694 http://marc.info/?l=bugtraq&m=109906660225051&w=2 http://secunia.com/advisories/12898 http://secunia.com/advisories/19073 http://securitytracker.com/id?1011783 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1 http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://www.apacheweek.com/features/security-13 http://www.debian.org/security/2004/dsa-594 http:/& • CWE-131: Incorrect Calculation of Buffer Size •