Filtered by vendor Hp
Subscribe
Total
2513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5203 | 1 Hp | 2 Intelligent Management Center, Intelligent Management Center For Automated Network Manager | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1613.
|
|||||
| CVE-2010-4111 | 3 Hp, Linux, Microsoft | 3 Insight Diagnostics, Linux Kernel, Windows | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2013-2365 | 1 Hp | 1 Database And Middleware Automation | 2025-04-11 | 7.9 HIGH | N/A |
|
HP Database and Middleware Automation (DMA) 10.x before 10.10, when SSL is used, allows remote attackers to obtain sensitive information via unspecified vectors.
|
|||||
| CVE-2011-0278 | 1 Hp | 1 Web Jetadmin | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 and 4 allows local users to bypass intended access restrictions via unknown vectors.
|
|||||
| CVE-2010-3011 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 5.0 MEDIUM | N/A |
|
CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
|
|||||
| CVE-2011-1536 | 1 Hp | 1 Performance Insight | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP Performance Insight 5.0, 5.1x. 5.2x, 5.3x, 5.4, 5.41, and 5.41.002 allows remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2013-4844 | 1 Hp | 2 Service Center, Service Manager | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2012-0134 | 1 Hp | 1 Openvms | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64 platform allows local users to cause a denial of service via unknown vectors.
|
|||||
| CVE-2010-2705 | 1 Hp | 3 Procurve Switch 1800-24g, Procurve Switch 1800-8g, Procurve Switch Software | 2025-04-11 | 6.1 MEDIUM | N/A |
|
Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and the ProCurve 1800-8G switch with software PA.03.02 and earlier, when SNMP is enabled, allows remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2013-4784 | 1 Hp | 1 Integrated Lights-out Bmc | 2025-04-11 | 10.0 HIGH | N/A |
|
The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.
|
|||||
| CVE-2011-2408 | 1 Hp | 1 Palm Webos | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2012-2002 | 1 Hp | 1 Snmp Agents For Linux | 2025-04-11 | 8.3 HIGH | N/A |
|
Open redirect vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
|||||
| CVE-2011-4162 | 1 Hp | 1 Protecttools Device Access Manager | 2025-04-11 | 7.5 HIGH | N/A |
|
The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless methods in HP Protect Tools Device Access Manager (PTDAM) before 6.1.0.1 allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a long SidString argument.
|
|||||
| CVE-2010-4108 | 1 Hp | 1 Hp-ux | 2025-04-11 | 6.8 MEDIUM | N/A |
|
HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors.
|
|||||
| CVE-2012-2022 | 1 Hp | 1 Network Node Manager I | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2011-2407 | 1 Hp | 1 Openview Performance Insight | 2025-04-11 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors.
|
|||||
| CVE-2010-2704 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
|
Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long HTTP request to nnmrptconfig.exe.
|
|||||
| CVE-2013-2352 | 3 Dell, Hp, Ibm | 20 Poweredge 2950, Dl320s, Lefthand Nsm2060 and 17 more | 2025-04-11 | 9.4 HIGH | N/A |
|
LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of an unused one-time password.
|
|||||
| CVE-2013-2335 | 1 Hp | 1 Storage Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733.
|
|||||
| CVE-2012-4362 | 1 Hp | 2 San\/iq, Virtual San Appliance | 2025-04-11 | 4.0 MEDIUM | N/A |
|
hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838.
|
|||||
| CVE-2010-1972 | 1 Hp | 1 Client Automation Enterprise Infrastructure | 2025-04-11 | 9.0 HIGH | N/A |
|
The default configuration of HP Client Automation (HPCA) Enterprise Infrastructure (aka Radia) allows remote attackers to read log files, and consequently cause a denial of service or have unspecified other impact, via web requests.
|
|||||
| CVE-2012-0127 | 1 Hp | 1 Performance Manager | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2009-4185 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.
|
|||||
| CVE-2010-1963 | 1 Hp | 1 Servicecenter | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP ServiceCenter allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2013-4821 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors.
|
|||||
| CVE-2011-0514 | 1 Hp | 1 Data Protector Manager | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denial of service (crash) via a packet with a large data size to TCP port 1530.
|
|||||
| CVE-2012-2019 | 1 Hp | 1 Operations Agent | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325.
|
|||||
| CVE-2011-1724 | 1 Hp | 1 Virtual Server Environment | 2025-04-11 | 6.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP Virtual Server Environment before 6.3 allows remote authenticated users to gain privileges via unknown vectors.
|
|||||
| CVE-2010-4031 | 1 Hp | 1 Insight Control Performance Management | 2025-04-11 | 8.0 HIGH | N/A |
|
Unspecified vulnerability in HP Insight Control Performance Management before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
|
|||||
| CVE-2011-0889 | 1 Hp | 1 Client Automation Enterprise | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA or Radia Notify) 5.11, 7.2, 7.5, 7.8, and 7.9 allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2012-3252 | 1 Hp | 1 Serviceguard | 2025-04-11 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2012-3266 | 1 Hp | 4 Ibrix, Ibrix X9300, Ibrix X9320 and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in IBRIX 6.1.196 through 6.1.251 on HP IBRIX X9000 Storage allows remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2012-3267 | 1 Hp | 1 Network Node Manager I | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.20 allows remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2009-5098 | 1 Hp | 1 Palm Pre Webos | 2025-04-11 | 5.4 MEDIUM | N/A |
|
The LunaSysMgr process in Palm Pre WebOS 1.1 and earlier, when not viewing web pages in landscape mode, allows remote attackers to cause a denial of service (crash) via a web page containing a long string following a refresh tag, which triggers a floating point exception.
|
|||||
| CVE-2011-0343 | 3 Freebsd, Hp, Oneidentity | 3 Freebsd, Hp-ux, Syslog-ng | 2025-04-11 | 6.9 MEDIUM | N/A |
|
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files.
|
|||||
| CVE-2011-0265 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
|
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long data_select1 parameter.
|
|||||
| CVE-2013-2358 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360.
|
|||||
| CVE-2012-5222 | 2 Hp, Microsoft | 2 Service Manager Web Tier, Windows | 2025-04-11 | 5.0 MEDIUM | N/A |
|
HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to obtain sensitive information via unspecified vectors.
|
|||||
| CVE-2010-1036 | 1 Hp | 1 Systems Insight Manager | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2011-1531 | 1 Hp | 7 Envy 100 D410, Photosmart B110, Photosmart D110 and 4 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The webscan component in the Embedded Web Server (EWS) on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to read documents on the scan surface via unspecified vectors.
|
|||||