CVSS: 6.8EPSS: 1%CPEs: 13EXPL: 0CVE-2011-0896
https://notcve.org/view.php?id=CVE-2011-0896
Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on HP-UX B.11.31 allows remote authenticated users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP NFS/ONCplus B.11.31.10 y anteriores en HP-UX B.11.31 permite a usuarios remotos autenticados generar una denegación de servicio mediante vectores desconocidos. • http://marc.info/?l=bugtraq&m=130270782702556&w=2 http://secunia.com/advisories/44096 http://securityreason.com/securityalert/8201 http://www.securityfocus.com/bid/47325 http://www.securitytracker.com/id?1025326 http://www.vupen.com/english/advisories/2011/0935 https://exchange.xforce.ibmcloud.com/vulnerabilities/66689 •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2011-0891
https://notcve.org/view.php?id=CVE-2011-0891
Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en el conjunto de archivos OS-Core.CORE2-KRN en HP HP-UX vB.11.23 y vB.11.31, permite a usuarios locales provocar una denegación de servicio a través de vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02753287 http://www.securitytracker.com/id?1025279 •
CVSS: 6.9EPSS: 0%CPEs: 10EXPL: 0CVE-2011-0343
https://notcve.org/view.php?id=CVE-2011-0343
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files. Balabit syslog-ng v2.0, v3.0, v3.1, v3.2 OSE y PE, cuando se ejecutan en FreeBSD o HP-UX, no realiza adecuadamente las operaciones de conversión, esto provoca que syslog-ng emplee un valor por defecto de -1 para crear archivos de registro (log) con permisos no seguros (07777), lo que permite a usuarios locales leer y escribir en estos archivos de registro. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608491 http://www.securityfocus.com/archive/1/515955/100/0/threaded http://www.securityfocus.com/bid/45988 https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-4108
https://notcve.org/view.php?id=CVE-2010-4108
HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors. HP HP-UX B.11.11, B.11.23 y B.11.31 no soporta de manera adecuada los procesos en hilo, lo que permite a atacantes remotos autenticados provocar una denegación de servicio a través de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02586517 http://secunia.com/advisories/42499 http://www.securityfocus.com/bid/45219 http://www.vupen.com/english/advisories/2010/3130 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11945 •
CVSS: 4.3EPSS: 1%CPEs: 15EXPL: 0CVE-2010-3994
https://notcve.org/view.php?id=CVE-2010-3994
Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en HP Version Control Repository Manager (VCRM) anterior a v6.2 permite a los atacantes remotos inyectar código web o HTML a través de vectores no especificados. • http://marc.info/?l=bugtraq&m=128811016023086&w=2 http://osvdb.org/68907 http://secunia.com/advisories/41998 http://securitytracker.com/id?1024644 http://www.securityfocus.com/bid/44431 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •