Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openvms vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2017-17482
An issue exists in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug ...
Hp Openvms
4.9
CVSSv2
CVE-2008-3946
The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file.
Hp Openvms 5
4.6
CVSSv2
CVE-1999-1315
Vulnerabilities in DECnet/OSI for OpenVMS prior to 5.8 on DEC Alpha AXP and VAX/VMS systems allow local users to gain privileges or cause a denial of service.
Dec Dec Openvms
4.4
CVSSv2
CVE-2008-3940
Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file.
Hp Openvms 5
7.2
CVSSv2
CVE-2008-3947
DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line.
Hp Openvms 8.3
4.9
CVSSv2
CVE-2007-2998
The Pascal run-time library (PAS$RTL.EXE) prior to 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE prior to 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service (system crash) via certain ...
Hp Openvms 8.3
7.5
CVSSv2
CVE-1999-1324
VAXstations running Open VMS 5.3 up to and including 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for malicious users to conduct brute force password gu...
Hp Openvms Vax
10
CVSSv2
CVE-2008-5120
Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote malicious users to execute arbitrary code via a long request string.
Hp Openvms 8.3
1 EDB exploit
5
CVSSv2
CVE-2007-3729
The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote malicious users to enumerate valid POP usernames.
Hp Openvms 8.3
5
CVSSv2
CVE-2007-3730
The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 does not log the source IP address or attempted username for login attempts, which might help remote malicious users to avoid identification.
Hp Openvms 8.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »