Every CVE whose affected-product data names Hp Openvms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2008-5120 — CVSS 10.0 (critical): Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote attackers to…
CVE-2017-17482 — CVSS 7.8 (high): An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL…
CVE-2007-0139 — CVSS 7.5 (high): Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in…
CVE-2008-3947 — CVSS 7.2 (high): DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line.
CVE-2008-4052 — CVSS 7.2 (high): Stack-based buffer overflow in SMGSHR.EXE in OpenVMS for Integrity Servers 8.2-1, 8.3, and 8.3-1H1 and OpenVMS ALPHA 7.3-2, 8.2, and 8.3…
CVE-2012-2010 — CVSS 6.9 (medium): The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha platform, and 8.3, 8.3-1H1, and 8.4 on the Itanium platform, when the…
CVE-2010-1973 — CVSS 6.8 (medium): Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3…
CVE-2010-4110 — CVSS 5.7 (medium): Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform on Integrity servers allows local users to gain…
CVE-2007-3730 — CVSS 5.0 (medium): The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 does not log the source IP address or attempted…
CVE-2007-5241 — CVSS 5.0 (medium): Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the…
CVE-2006-3686 — CVSS 5.0 (medium): Unspecified vulnerability in [SYSEXE]SMPUTIL.EXE in HP OpenVMS 7.3-2 allows local users and "remote users" to cause a denial of service…
CVE-2007-3729 — CVSS 5.0 (medium): The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or…
CVE-2012-3277 — CVSS 5.0 (medium): HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the…
CVE-2007-2998 — CVSS 4.9 (medium): The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS…
CVE-2008-3946 — CVSS 4.9 (medium): The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan…
CVE-2007-2468 — CVSS 4.9 (medium): Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 allows local users to cause a denial of service (crash) via…
CVE-2012-0134 — CVSS 4.9 (medium): Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64…
CVE-2008-3940 — CVSS 4.4 (medium): Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format…
CVE-2007-5242 — CVSS 4.3 (medium): Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a…
CVE-2005-0652 — CVSS 2.1 (low): Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files.
CVE-2012-3276 — CVSS 2.1 (low): HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the…
CVE-2010-2612 — CVSS 2.1 (low): Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3; and OpenVMS for Integrity Servers 8.3…