Filtered by vendor Hp
Subscribe
Total
2513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-5423 | 1 Hp | 1 Keyview | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2884.
|
|||||
| CVE-2014-2649 | 2 Hp, Linux | 2 Operations Manager, Kernel | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP Operations Manager 9.20 on UNIX allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2014-7896 | 1 Hp | 4 Xp7 Global Link Manager Software, Xp P9000 Device Manager, Xp P9000 Replication Manager and 1 more | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before 7.6.1-06, and HP XP7 Global Link Manager Software (aka HGLM) 6.x through 8.x before 8.1.2-00, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2013-6212 | 1 Hp | 1 Database And Middleware Automation | 2025-04-12 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2016-4389 | 1 Hp | 1 Keyview | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
|
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-4390.
|
|||||
| CVE-2014-2638 | 1 Hp | 1 Sprinter | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2344.
|
|||||
| CVE-2014-7878 | 1 Hp | 1 Helion Cloud Development Platform | 2025-04-12 | 10.0 HIGH | N/A |
|
The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.
|
|||||
| CVE-2014-7890 | 1 Hp | 3 Ole Point Of Sale Driver, Pos Keyboard Fk221aa, Pos Keyboard With Msr Fk218aa | 2025-04-12 | 10.0 HIGH | N/A |
|
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSToneIndicator.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2510.
|
|||||
| CVE-2016-4372 | 1 Hp | 6 Intelligent Management Center Application Performance Manager, Intelligent Management Center Branch Intelligent Management System, Intelligent Management Center Endpoint Admission Defense and 3 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
|
HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM before 7.2 E0401P04, iMC NTA before 7.2 E0401P01, iMC BIMS before 7.2 E0402P02, and iMC UAM_TAM before 7.2 E0405P05 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
|
|||||
| CVE-2015-5428 | 1 Hp | 1 Matrix Operating Environment | 2025-04-12 | 7.5 HIGH | N/A |
|
HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5429.
|
|||||
| CVE-2015-6858 | 1 Hp | 1 Insight Management | 2025-04-12 | 4.3 MEDIUM | 3.7 LOW |
|
HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensitive information via unspecified vectors.
|
|||||
| CVE-2013-6201 | 1 Hp | 1 Security Management System | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP Security Management System 3.3.0, 3.5.0 before patch 1, and 3.6.0 before patch 2 allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2016-3710 | 7 Canonical, Citrix, Debian and 4 more | 15 Ubuntu Linux, Xenserver, Debian Linux and 12 more | 2025-04-12 | 7.2 HIGH | 8.8 HIGH |
|
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
|
|||||
| CVE-2014-7881 | 1 Hp | 1 Insight Control Server Deployment | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in the server in HP Insight Control allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2014-2617 | 1 Hp | 1 Universal Configuration Management Database | 2025-04-12 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104.
|
|||||
| CVE-2016-4380 | 1 Hp | 1 Operations Manager | 2025-04-12 | 3.5 LOW | 5.4 MEDIUM |
|
Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2016-2022 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 4.7 MEDIUM | 8.1 HIGH |
|
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and CVE-2016-2030.
|
|||||
| CVE-2016-4396 | 1 Hp | 1 System Management Homepage | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
|
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
|
|||||
| CVE-2016-4360 | 1 Hp | 2 Loadrunner, Performance Center | 2025-04-12 | 6.4 MEDIUM | 9.1 CRITICAL |
|
web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/impo ...
Show More |
|||||
| CVE-2014-7880 | 1 Hp | 1 Tcp Ip Services Openvms | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in the POP implementation in HP OpenVMS TCP/IP 5.7 before ECO5 allow remote attackers to cause a denial of service via unspecified vectors.
|
|||||
| CVE-2014-2624 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264.
|
|||||
| CVE-2015-5312 | 6 Apple, Canonical, Debian and 3 more | 13 Iphone Os, Mac Os X, Tvos and 10 more | 2025-04-12 | 7.1 HIGH | N/A |
|
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
|
|||||
| CVE-2014-7888 | 1 Hp | 6 Hybrid Pos Printer With Micr Us Fk184aa, Ole Point Of Sale Driver, Pusb Thermal Receipt Printer F7m67aa and 3 more | 2025-04-12 | 10.0 HIGH | N/A |
|
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMICR.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2512.
|
|||||
| CVE-2015-2903 | 1 Hp | 1 Arcsight Smartconnectors | 2025-04-12 | 6.9 MEDIUM | N/A |
|
The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of this password.
|
|||||
| CVE-2016-2005 | 1 Hp | 1 Data Protector | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
|
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352.
|
|||||
| CVE-2016-2029 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 6.4 MEDIUM | 9.1 CRITICAL |
|
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4358.
|
|||||
| CVE-2016-1986 | 1 Hp | 1 Continuous Delivery Automation | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
|
HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
|
|||||
| CVE-2015-5411 | 1 Hp | 1 Version Control Repository Manager | 2025-04-12 | 6.8 MEDIUM | N/A |
|
HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtain sensitive information via unspecified vectors.
|
|||||
| CVE-2015-2118 | 1 Hp | 1 Access Control | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Secure Pull Print and Security Pull Print components in HP Access Control (AC) Software 12.x through 14.x before 14.1.2 allows remote authenticated users to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2014-7884 | 1 Hp | 1 Arcsight Logger | 2025-04-12 | 9.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors.
|
|||||
| CVE-2016-0777 | 5 Apple, Hp, Openbsd and 2 more | 7 Mac Os X, Remote Device Access Virtual Customer Access System, Openssh and 4 more | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
|
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
|
|||||
| CVE-2016-1998 | 1 Hp | 1 Service Manager | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
|
HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
|
|||||
| CVE-2014-2647 | 1 Hp | 1 Operations Agent | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP Operations Manager (formerly OpenView Communications Broker) before 11.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2014-2642 | 1 Hp | 1 System Management Homepage | 2025-04-12 | 4.3 MEDIUM | N/A |
|
HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
|
|||||
| CVE-2013-6205 | 1 Hp | 2 Insight Control Server Deployment, Rapid Deployment Pack | 2025-04-12 | 4.1 MEDIUM | N/A |
|
Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insight Control Server Deployment allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
|
|||||
| CVE-2015-2108 | 1 Hp | 1 Operations Orchestration | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2014-2629 | 1 Hp | 1 Nonstop Safeguard Security | 2025-04-12 | 4.0 MEDIUM | N/A |
|
HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time.
|
|||||
| CVE-2016-1988 | 1 Hp | 1 Network Automation | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
|
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989.
|
|||||
| CVE-2015-5418 | 1 Hp | 1 Keyview | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2877.
|
|||||
| CVE-2014-2636 | 1 Hp | 1 Sprinter | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2336.
|
|||||