Latest hp hp-ux Vulnerabilities

CVE-2023-50271
HP-UX System Management Homepage, Disclosure of Information
HP System Management Homepage<a.3.2.23.09
HP HP-UX
CVE-2023-42029
IBM CICS TX cross-site scripting
IBM CICS TX Advanced<=10.1
IBM CICS TX Advanced<=11.1
IBM CICS TX Standard<=11.1
IBM TXSeries for Multiplatforms=8.1
IBM TXSeries for Multiplatforms=8.2
IBM TXSeries for Multiplatforms=9.1
and 7 more
CVE-2023-42027
IBM CICS TX cross-site request forgery
IBM TXSeries for Multiplatforms<=8.1
IBM TXSeries for Multiplatforms<=8.2
IBM TXSeries for Multiplatforms<=9.1
IBM TXSeries for Multiplatforms=8.1
IBM TXSeries for Multiplatforms=9.1
IBM AIX
and 7 more
CVE-2023-1995
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-2...
Hitachi Hirdb Server With Additional Function>=09-00<=09-00-2d
Hitachi Hirdb Server With Additional Function>=09-01<=09-01-\/x
Hitachi Hirdb Server With Additional Function>=09-02<=09-02-2f
Hitachi Hirdb Server With Additional Function>=09-03<=09-03-2a
Hitachi Hirdb Server With Additional Function>=09-04<=09-04-2s
Hitachi Hirdb Server With Additional Function>=09-50<=09-50-2k
and 40 more
CVE-2023-33850
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial ...
IBM TXSeries for Multiplatform=8.1
IBM TXSeries for Multiplatform=9.1
IBM AIX
Linux Linux kernel
IBM TXSeries for Multiplatform=8.2
HP HP-UX
and 4 more
CVE-2023-38741
IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type att...
IBM TXSeries for Multiplatform=8.1
IBM TXSeries for Multiplatform=9.1
Linux Linux Kernel
Microsoft Windows
IBM TXSeries for Multiplatform=8.2
HP HP-UX
and 5 more
CVE-2023-28513
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caus...
IBM MQ=9.0.0.0
IBM MQ=9.1.0.0
IBM MQ=9.2.0
IBM MQ=9.2.0
IBM MQ=9.3.0
IBM MQ=9.3.0
and 15 more
CVE-2023-27869
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked logger injectio...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-30448
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253437.
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-30449
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 253439.
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-30447
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253436.
IBM IBM® Db2®<=10.5.0.11
IBM IBM® Db2®<=11.1.4.7
IBM IBM® Db2®<=11.5.x
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
and 5 more
CVE-2023-30445
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253357.
IBM IBM® Db2®<=10.5.0.11
IBM IBM® Db2®<=11.1.4.7
IBM IBM® Db2®<=11.5.x
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
and 5 more
CVE-2023-30431
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow the bu...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-27868
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked class instantia...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-30442
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper usi...
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
Microsoft Windows
and 3 more
CVE-2023-29256
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to an information disclosure due to improper privilege management when certain federation features ...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-30446
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253361 ...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-27867
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code via JNDI Injection. By sending a specially crafted re...
Ibm Db2=10.5.0.11
Ibm Db2=11.1.4.7
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
and 5 more
CVE-2023-30903
HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
HP HP-UX>=11.00<=11.31
CVE-2023-33847
IBM CICS TX does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in...
IBM CICS TX Advanced<=10.1
IBM CICS TX Advanced<=11.1
IBM TXSeries for Multiplatform=8.1
IBM AIX
Linux Linux kernel
IBM TXSeries for Multiplatform>=8.2<8.2.0.2
and 5 more
CVE-2023-33849
IBM CICS TX Advanced could transmit highly sensitive information in query parameters that could be intercepted using man in the middle techniques.
IBM TXSeries for Multiplatforms<=8.1
IBM TXSeries for Multiplatforms<=8.2
IBM TXSeries for Multiplatforms<=9.1
IBM CICS TX=10.1
IBM CICS TX=11.1
IBM CICS TX=11.1
and 6 more
CVE-2023-28950
IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358.
IBM MQ=8.0.0.0
IBM MQ=9.0.0.0
IBM MQ=9.1.0.0
IBM MQ=9.2.0
IBM MQ=9.2.0
IBM MQ=9.3.0
and 7 more
CVE-2023-28514
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398.
IBM MQ=8.0.0.0
IBM MQ=9.0.0.0
IBM MQ=9.1.0
IBM MQ=9.1.0.0
HP HP-UX
IBM AIX
and 8 more
CVE-2023-26283
IBM WebSphere Application Server 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality po...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
IBM i
Ibm Z\/os
and 3 more
CVE-2023-26281
IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296.
IBM HTTP Server<=8.5
IBM HTTP Server=8.5.0.0
HP HP-UX
IBM AIX
Ibm Z\/os
Linux Linux kernel
and 2 more
CVE-2022-43929
IBM Db2 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command.
Ibm Db2=11.1
Ibm Db2=11.1
Ibm Db2=11.1
Ibm Db2=11.5
Ibm Db2=11.5
Ibm Db2=11.5
and 5 more
CVE-2022-43927
IBM Db2 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used.
Ibm Db2=10.5
Ibm Db2=10.5
Ibm Db2=10.5
Ibm Db2=11.1
Ibm Db2=11.1
Ibm Db2=11.1
and 8 more
CVE-2023-23477
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects. IBM X-Force ID: ...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server=8.5
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
and 5 more
CVE-2022-43917
IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the con...
IBM WebSphere Application Server - traditional container<=9.0
IBM WebSphere Application Server - traditional container<=8.5
Ibm Websphere Application Server=8.5
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
and 5 more
CVE-2022-31772
IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335.
IBM MQ=8.0.0.0
IBM MQ=9.0.0.0
IBM MQ=9.1.0
IBM MQ=9.1.0.0
IBM MQ=9.2.0
IBM MQ=9.2.0
and 8 more
CVE-2022-40750
IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functio...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server=8.5
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
and 5 more
CVE-2022-38712
"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Forc...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server<=8.0
Ibm Websphere Application Server<=7.0
Ibm Websphere Application Server>=7.0.0.0<7.0.0.45
Ibm Websphere Application Server>=8.0.0.0<8.0.0.15
and 9 more
CVE-2022-35637
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823.
Ibm Db2=10.5
Ibm Db2=10.5
Ibm Db2=10.5
Ibm Db2=11.1
Ibm Db2=11.1
Ibm Db2=11.1
and 8 more
CVE-2022-22483
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when...
Ibm Db2=9.7.0.0
Ibm Db2=9.7.0.0
Ibm Db2=9.7.0.0
Ibm Db2=10.1
Ibm Db2=10.1
Ibm Db2=10.1
and 14 more
CVE-2022-34336
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server<=8.0
Ibm Websphere Application Server<=7.0
Ibm Websphere Application Server=7.0
Ibm Websphere Application Server=8.0
and 9 more
CVE-2022-34165
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. T...
IBM Security Verify Access Docker<=10.0.X
IBM Security Verify Access<=10.0.X
Ibm Websphere Application Server>=7.0.0.0<=7.0.0.45
Ibm Websphere Application Server>=8.0.0.0<=8.0.0.15
Ibm Websphere Application Server>=8.5.0.0<=8.5.5.22
Ibm Websphere Application Server>=9.0.0.0<=9.0.5.13
and 9 more
CVE-2021-39087
IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to obtain sensitive information due to improper permission controls.
IBM Sterling B2B Integrator<=6.0.0.0 - 6.0.3.5
IBM Sterling B2B Integrator<=6.1.0.0 - 6.1.0.4
IBM Sterling B2B Integrator<=6.1.1.0 - 6.1.1.1
IBM Sterling B2B Integrator>=6.0.0.0<6.0.3.6
IBM Sterling B2B Integrator>=6.1.0.0<6.1.0.5
IBM Sterling B2B Integrator>=6.1.1.0<6.1.1.2
and 5 more
CVE-2021-39086
IBM Sterling File Gateway could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further a...
IBM Sterling File Gateway<=6.0.0.0 - 6.0.3.5
IBM Sterling File Gateway<=6.1.0.0 - 6.1.0.4
IBM Sterling File Gateway<=6.1.1.0 - 6.1.1.1
IBM Sterling File Gateway>=6.0.0.0<6.0.3.6
IBM Sterling File Gateway>=6.1.0.0<6.1.0.5
IBM Sterling File Gateway>=6.1.1.0<6.1.1.2
and 5 more
CVE-2021-39085
IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delet...
IBM Sterling B2B Integrator<=6.0.0.0 - 6.0.3.5
IBM Sterling B2B Integrator<=6.1.0.0 - 6.1.0.4
IBM Sterling B2B Integrator<=6.1.1.0 - 6.1.1.1
IBM Sterling B2B Integrator>=6.0.0.0<6.0.3.6
IBM Sterling B2B Integrator>=6.1.0.0<6.1.0.5
IBM Sterling B2B Integrator>=6.1.1.0<6.1.1.2
and 5 more
CVE-2021-39035
IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended function...
IBM Sterling B2B Integrator<=6.0.0.0 - 6.0.3.5
IBM Sterling B2B Integrator<=6.1.0.0 - 6.1.0.4
IBM Sterling B2B Integrator<=6.1.1.0 - 6.1.1.1
IBM Sterling B2B Integrator>=6.0.0.0<6.0.3.6
IBM Sterling B2B Integrator>=6.1.0.0<6.1.0.5
IBM Sterling B2B Integrator>=6.1.1.0<6.1.1.2
and 5 more
CVE-2022-22477
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended function...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server=8.5
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
and 5 more
CVE-2022-22473
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server<=8.0
Ibm Websphere Application Server<=7.0
Ibm Websphere Application Server>=7.0.0.0<=7.0.0.45
Ibm Websphere Application Server>=8.0.0.0<=8.0.0.15
and 9 more
CVE-2022-28623
Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated modules to resolve thes...
Hpe Icewall Sso Certd=10.0
HP HP-UX
Redhat Enterprise Linux
CVE-2022-22478
IBM Spectrum Protect Client stores user credentials in plain clear text which can be read by a local user.
IBM Spectrum Protect client<=8.1.0.0-8.1.14.0
IBM Spectrum Protect client>=8.1.0.0<=8.1.14.0
Apple macOS
HP HP-UX
IBM AIX
Linux Linux kernel
and 2 more
CVE-2022-22317
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281.
IBM Curam Social Program Management=8.0.0
IBM Curam Social Program Management=8.0.1
HP HP-UX
IBM AIX
Ibm Z\/os
Linux Linux kernel
and 2 more
CVE-2022-22318
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
IBM Curam Social Program Management=8.0.0
IBM Curam Social Program Management=8.0.1
HP HP-UX
IBM AIX
Ibm Z\/os
Linux Linux kernel
and 2 more
CVE-2022-22310
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain...
IBM WebSphere Application Server Liberty<=21.0.0.10 - 21.0.0.12
Ibm Websphere Application Server>=21.0.0.10<=21.0.0.12
Apple macOS
HP HP-UX
IBM AIX
IBM i
and 4 more
CVE-2021-39048
IBM Spectrum Protect Client is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service.
IBM Spectrum Protect Backup-Archive Client<=8.1.0.0-8.1.12.0 on AIX, Linux, and Solaris platforms7.1.0.0-7.1.8.10 on AIX, Linux, Solaris, and HP-UX platforms
Ibm Spectrum Protect For Space Management<=8.1.0.0-8.1.12.0 on AIX and Linux platforms7.1.0.0-7.1.8.10 on AIX and Linux platforms
IBM Spectrum Protect Backup-Archive Client>=8.1.0.0<=8.1.12.0
IBM AIX
Linux Linux kernel
Oracle Solaris
and 4 more
CVE-2021-20373
IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restricti...
Ibm Db2=9.7
Ibm Db2=10.1
Ibm Db2=10.5
Ibm Db2=11.1
Ibm Db2=11.5
HP HP-UX
and 4 more
CVE-2021-38931
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) is vulnerable to an information disclosure as a result of a connected user having indirect read access to a table where they are not a...
Ibm Db2=11.1
IBM IBM® Db2®=11.5
HP HP-UX
IBM AIX
Linux Linux kernel
Microsoft Windows
and 2 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203