CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-17482
https://notcve.org/view.php?id=CVE-2017-17482
07 Feb 2018 — An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation. • http://www.openvms.org/node/121 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-7880 – HP Security Bulletin HPSBOV03225 1
https://notcve.org/view.php?id=CVE-2014-7880
17 Dec 2014 — Multiple unspecified vulnerabilities in the POP implementation in HP OpenVMS TCP/IP 5.7 before ECO5 allow remote attackers to cause a denial of service via unspecified vectors. Múltiples vulnerabilidades no especificadas en la implementación POP en HP OpenVMS TCP/IP 5.7 anterior a ECO5 permiten a atacantes remotos causar una denegación de servicio a través de vectores no especificados. Potential security vulnerabilities have been identified with HP OpenVMS POP. The vulnerabilities could be exploited remotel... • http://www.securitytracker.com/id/1031387 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-3276
https://notcve.org/view.php?id=CVE-2012-3276
13 Dec 2012 — HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows local users to cause a denial of service via unspecified vectors. HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium y v7.3-2, v8.2, v8.3 y v8.4 en la plataforma Alpha no implementa correctamente el inicio de sesión y el programa ACME_SERVER ACMELOGIN, lo que permite a usuarios locales provocar una denegació... • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03599086 • CWE-16: Configuration •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2012-3277
https://notcve.org/view.php?id=CVE-2012-3277
13 Dec 2012 — HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows remote attackers to cause a denial of service via unspecified vectors. HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium y v7.3-2, v8.2, v8.3 y v8.4 en la plataforma Alpha no implementa correctamente el inicio de sesión y el programa ACME_SERVER ACMELOGIN, lo que permite a atacantes remotos provocar una den... • https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03599086 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2012-2010
https://notcve.org/view.php?id=CVE-2012-2010
18 May 2012 — The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha platform, and 8.3, 8.3-1H1, and 8.4 on the Itanium platform, when the SYS$ACM system service is enabled, allows local users to gain privileges via unspecified vectors. La implementación de ACMELOGIN en HP OpenVMS v8.3 y v8.4 en la plataforma Alpha, y v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium, cuando el servicio del sistema SYS$ACM está activado, permite a usuarios locales conseguir privilegios a través de vectores no especificados. • http://osvdb.org/82015 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2012-0134
https://notcve.org/view.php?id=CVE-2012-0134
19 Apr 2012 — Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64 platform allows local users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP OpenVMS v7.3-2 en la plataforma Alpha, v8.3 y v8.4 en la plataforma Alpha e IA64, y v8.3-1H1 en la plataforma IA64 permite a usuarios locales provocar una denegación de servicio a través de vectores desconocidos. • http://www.securityfocus.com/archive/1/522386 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2011-1378
https://notcve.org/view.php?id=CVE-2011-1378
26 Nov 2011 — IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM group are established, does not properly verify User Authorization File (UAF) data, which allows local users to kill listener processes and the command server via a control command. IBM WebSphere MQ v6.0 en OpenVMS, cuando los derechos por defecto del grupo de MQM están activados, no verifican correctamente el User Authorization File (UAF), que permite a usuarios locales a matar a los procesos de escucha y el servidor de comando a través de... • http://secunia.com/advisories/46837 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2011-3168
https://notcve.org/view.php?id=CVE-2011-3168
07 Nov 2011 — Unspecified vulnerability in the POP and IMAP service implementations in HP TCP/IP Services 5.6 and 5.7 for OpenVMS allows remote attackers to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en las implementaciones de servicios POP e IMAP en HP TCP/IP Services v5.6 y v5.7 para OpenVMS, permite a atacantes remotos obtener información sensible a través de vectores desconocidos • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01908983 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2011-3169
https://notcve.org/view.php?id=CVE-2011-3169
07 Nov 2011 — Unspecified vulnerability in the SMTP service implementation in HP TCP/IP Services 5.6 and 5.7 for OpenVMS allows remote attackers to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en el servicio SMTP en HP TCP/IP Services v5.6 y v5.7 para OpenVMS, permite a atacantes remotos provocar una denegación de servicio a través de vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01915145 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-4110
https://notcve.org/view.php?id=CVE-2010-4110
22 Dec 2010 — Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform on Integrity servers allows local users to gain privileges or cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP OpenVMS v8.3, v8.3-1H1, y v8.4 en la plataforma Itanium en servidores Integrity permite a usuarios locales obtener privilegios o causar una denegación de servicio a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=129243663611240&w=2 •