compaq 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには vendor risk cross-site scripting、バッファオーバーフロー, and vendor risk denial of service があり、vendor surface software deployment and vendor surface production workloads の利用場面で vendor impact session compromise などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2008-0706 | Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password. | [email protected] | 7.2 | 0.05% | 2008-03-31 | 2026-04-23 |
| CVE-2008-0211 | Unspecified vulnerability in the BIOS F.04 through F.11 for the HP Compaq Business Notebook PC allows local users to cause a denial of service via unspecified vectors. | [email protected] | 4.9 | 0.05% | 2008-03-31 | 2026-04-23 |
| CVE-2005-2982 | Cross-site scripting (XSS) vulnerability in CompaqHTTPServer 2.1 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting 404 error page. | [email protected] | 4.3 | 0.30% | 2005-09-20 | 2026-04-16 |
| CVE-2005-0223 | The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4.1 and 1.4.2 for Tru64 UNIX allows remote attackers to cause a denial of service (Java Virtual Machine hang) via object deserialization. | [email protected] | 5.0 | 0.55% | 2005-05-02 | 2026-04-16 |
| CVE-2003-0914 | ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | [email protected] | 4.3 | 29.90% | 2003-12-15 | 2026-04-16 |
| CVE-2003-0724 | ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges. | [email protected] | 7.5 | 0.30% | 2003-10-20 | 2026-04-16 |
| CVE-2003-0688 | The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data. | [email protected] | 5.0 | 1.71% | 2003-10-20 | 2026-04-16 |
| CVE-2003-0694 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | [email protected] | 10.0 | 76.08% | 2003-10-06 | 2026-04-16 |
| CVE-2003-0201 | Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. | [email protected] | 10.0 | 88.43% | 2003-05-05 | 2026-04-16 |
| CVE-2003-0196 | Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | [email protected] | 10.0 | 5.11% | 2003-05-05 | 2026-04-16 |
| CVE-2003-0161 | The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. | [email protected] | 10.0 | 67.90% | 2003-04-02 | 2026-04-16 |
| CVE-2002-1513 | The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges. | [email protected] | 4.6 | 0.27% | 2003-04-02 | 2026-04-16 |
| CVE-2002-2422 | Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 and 4.3.7 allows remote attackers to inject arbitrary web script or HTML via a URL, which inserts the script into the resulting error message. | [email protected] | 4.3 | 0.39% | 2002-12-31 | 2026-04-16 |
| CVE-2002-2071 | Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in (1) telnet, (2) FTP, (3) ypbind, (4) rpc.lockd, (5) snmp, (6) ttdbserverd, and possibly other services via a TCP SYN scan, as demonstrated using nmap. | [email protected] | 5.0 | 6.28% | 2002-12-31 | 2026-04-16 |
| CVE-2002-2004 | portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of packets. | [email protected] | 5.0 | 0.66% | 2002-12-31 | 2026-04-16 |
| CVE-2002-2003 | ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by nmap. | [email protected] | 5.0 | 0.35% | 2002-12-31 | 2026-04-16 |
| CVE-2002-2002 | Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables. | [email protected] | 7.5 | 1.52% | 2002-12-31 | 2026-04-16 |
| CVE-2002-2000 | ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows attackers to access data. | [email protected] | 2.1 | 0.05% | 2002-12-31 | 2026-04-16 |
| CVE-2002-1202 | Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A allows local and remote attackers to read arbitrary files. | [email protected] | 7.5 | 1.40% | 2002-10-28 | 2026-04-16 |
| CVE-2002-1129 | Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument. | [email protected] | 7.2 | 0.35% | 2002-10-04 | 2026-04-16 |