7 results (0.009 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Unauthorized escalation of local privileges vulnerability on Micro Focus Operation Agent, affecting all versions prior to versions 12.11. The vulnerability could be exploited to escalate the local privileges and gain root access on the system. Una vulnerabilidad de escalada de privilegios local no autorizada en Micro Focus Operation Agent, que afecta a todas las versiones anteriores a la versión 12.11. La vulnerabilidad podría ser explotada para escalar los privilegios locales y conseguir acceso root en el sistema • https://softwaresupport.softwaregrp.com/doc/KM03709900 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2

Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP Operations Manager (formerly OpenView Communications Broker) before 11.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en HP Operations Agent en HP Operations Manager (anteriormente OpenView Communications Broker) anterior a 11.14 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • https://www.exploit-db.com/exploits/35076 http://www.exploit-db.com/exploits/35076 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472444 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 1

Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors. Vulnerabilidad no especificada en HP Operations Agent 11.00, cuando Glance está utilizado, permite a usuarios locales ganar privilegios a través de vectores desconocidos. It has been identified that binaries that are executed with elevated privileges (SetGID and SetUID programs) in Compaq/HP's Glance for Linux have been compiled in manner that means they searched for libraries in insecure locations. Versions 11.00 and below are affected. • https://www.exploit-db.com/exploits/48000 http://packetstormsecurity.com/files/156206/xglance-bin-Local-Root-Privilege-Escalation.html http://packetstormsecurity.com/files/157528/HP-Performance-Monitoring-xglance-Privilege-Escalation.html http://seclists.org/fulldisclosure/2020/Feb/1 http://secunia.com/advisories/60041 http://www.securitytracker.com/id/1030702 https://exchange.xforce.ibmcloud.com/vulnerabilities/95181 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04394554 ht •

CVSS: 10.0EPSS: 95%CPEs: 13EXPL: 1

Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325. Vulnerabilidad no especificada en HP Agente de Operaciones antes de 3.11.12 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos, también conocido como ZDI-CAN-1325. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Performance Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the coda.exe process which listens on a random TCP port by default. The process trusts a value within a GET request as a size. • https://www.exploit-db.com/exploits/22306 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03397769 •

CVSS: 10.0EPSS: 95%CPEs: 13EXPL: 1

Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326. Vulnerabilidad no especificada en HP Operations Agent antes de v3.11.12 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos, también conocido como ZDI-CAN-1326. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Performance Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the coda.exe process which listens on a random TCP port by default. The process trusts a value within a GET request as a size. • https://www.exploit-db.com/exploits/22305 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03397769 •