Filtered by vendor Hp
Subscribe
Total
2513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2003 | 2 Hp, Microsoft | 4 Insight Management Agents, Windows 2003 Server, Windows Server 2003 and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Cross-site request forgery (CSRF) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
|||||
| CVE-2010-1034 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2025-04-11 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.
|
|||||
| CVE-2012-5216 | 1 Hp | 3 Procurve Switch 1700-24, Procurve Switch 1700-8, Procurve Switch Software | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Cross-site request forgery (CSRF) vulnerability on HP ProCurve 1700-8 (aka J9079A) switches with software before VA.02.09 and 1700-24 (aka J9080A) switches with software before VB.02.09 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
|||||
| CVE-2013-4797 | 1 Hp | 1 Loadrunner | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690.
|
|||||
| CVE-2011-2722 | 1 Hp | 1 Linux Imaging And Printing Project | 2025-04-11 | 1.2 LOW | N/A |
|
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.
|
|||||
| CVE-2010-3989 | 1 Hp | 1 Insight Control Virtual Machine Management | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
|||||
| CVE-2013-2357 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360.
|
|||||
| CVE-2011-3167 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210.
|
|||||
| CVE-2012-3273 | 1 Hp | 2 Laserjet Pro Mfp M401, Laserjet Pro Mfp M425 | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities on the HP LaserJet Pro 400 MFP M425 with firmware 20120625 and LaserJet 400 M401 with firmware 20120621 allow remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2009-4777 | 4 Hitachi, Hp, Microsoft and 1 more | 17 Job Management Partner 1\/automatic Job Management System 2-view, Job Management Partner 1\/integrated Management-view, Job Management Partner 1\/integrated Manager-console View and 14 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in multiple versions of Hitachi JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer, allows remote attackers to cause a denial of service ("abnormal" termination) via vectors related to the display of an "invalid GIF file."
|
|||||
| CVE-2010-4030 | 1 Hp | 1 Insight Control Performance Management | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2013-4841 | 1 Hp | 3 Lefthand, Storevirtual 4000, Storevirtual Virtual Storage Appliance | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in HP StoreVirtual 4000 and StoreVirtual VSA Software (formerly LeftHand Virtual SAN Appliance) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1509.
|
|||||
| CVE-2011-0272 | 1 Hp | 1 Loadrunner | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, related to the HttpTunnel feature.
|
|||||
| CVE-2010-3285 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2011-1541 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors.
|
|||||
| CVE-2010-1966 | 2 Hp, Microsoft | 2 Insight Control, Windows | 2025-04-11 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in HP Insight Control power management for Windows before 6.1 allows local users to read or modify data, or cause a denial of service, via unknown vectors.
|
|||||
| CVE-2012-2005 | 2 Hp, Microsoft | 4 Insight Management Agents, Windows 2003 Server, Windows Server 2003 and 1 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2011-0894 | 1 Hp | 1 Operations | 2025-04-11 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in HP Operations 9.10 on UNIX platforms allows remote authenticated users to bypass intended access restrictions via unknown vectors.
|
|||||
| CVE-2011-1735 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message.
|
|||||
| CVE-2009-5097 | 1 Hp | 1 Palm Pre Webos | 2025-04-11 | 7.1 HIGH | N/A |
|
Palm Pre WebOS 1.1 and earlier processes JavaScript in email messages, which allows remote attackers to execute arbitrary JavaScript, as demonstrated by reading PalmDatabase.db3.
|
|||||
| CVE-2011-4791 | 1 Hp | 1 Data Protector Media Operations | 2025-04-11 | 10.0 HIGH | N/A |
|
DBServer.exe in HP Data Protector Media Operations 6.11 and earlier allows remote attackers to execute arbitrary code via a crafted request containing a large value in a length field.
|
|||||
| CVE-2010-1039 | 3 Hp, Ibm, Sgi | 5 Hp-ux, Nfs\/oncplus, Aix and 2 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
|
|||||
| CVE-2011-1738 | 1 Hp | 1 Palm Webos | 2025-04-11 | 7.2 HIGH | N/A |
|
HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access.
|
|||||
| CVE-2010-2710 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2013-4828 | 1 Hp | 22 Color Laserjet Cm4540, Color Laserjet Cm4540f, Color Laserjet Cm4540fskm and 19 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices do not properly encrypt PDF documents, which allows remote attackers to obtain sensitive information via unspecified vectors.
|
|||||
| CVE-2011-0896 | 1 Hp | 2 Hp-ux, Nfs\/oncplus | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on HP-UX B.11.31 allows remote authenticated users to cause a denial of service via unknown vectors.
|
|||||
| CVE-2012-3269 | 1 Hp | 1 Performance Insight | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-3270.
|
|||||
| CVE-2010-3008 | 1 Hp | 1 Data Protector Express | 2025-04-11 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain privileges or cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3007.
|
|||||
| CVE-2012-3254 | 1 Hp | 1 Inode Management Center Pc | 2025-04-11 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by a stack-based buffer overflow in iNodeMngChecker.exe for a crafted 0x0A0BF007 packet.
|
|||||
| CVE-2010-1970 | 2 Hp, Microsoft | 2 Insight Software Installer, Windows | 2025-04-11 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users to read or modify data, and consequently gain privileges, via unknown vectors.
|
|||||
| CVE-2013-6198 | 1 Hp | 3 Service Manager, Service Manager Web Client, Service Manager Web Tier | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2012-3257 | 1 Hp | 1 Business Availability Center | 2025-04-11 | 4.6 MEDIUM | N/A |
|
HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors.
|
|||||
| CVE-2012-5219 | 1 Hp | 1 Managed Printing Administration | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Managed Printing Administration (MPA) before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2013-4818 | 1 Hp | 4 Icewall File Manager, Icewall Smart Device Option, Icewall Sso Agent and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall SSO Agent Option 8.0 through 10.0, IceWall SSO Smart Device Option 10.0, and IceWall File Manager 3.0 through SP4 allows remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2010-3287 | 1 Hp | 18 Procurve Access Point Software, Procurve M110 Access Point, Procurve Miltope Dual Radio Access Point and 15 more | 2025-04-11 | 8.3 HIGH | N/A |
|
Unspecified vulnerability on HP ProCurve Access Points, Access Controllers, and Mobility Controllers with software 5.1.x through 5.1.9, 5.2.x through 5.2.7, 5.3.x through 5.3.5, and 5.4.x through 5.4.0 allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2012-3261 | 1 Hp | 1 Sitescope | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.
|
|||||
| CVE-2009-4184 | 1 Hp | 2 Enterprise Cluster Master Toolkit, Hp-ux | 2025-04-11 | 6.2 MEDIUM | N/A |
|
Unspecified vulnerability in HP Enterprise Cluster Master Toolkit (ECMT) B.05.00 on HP-UX B.11.23 (11i v2) and HP-UX B.11.31 (11i v3) allows local users to gain access to an Oracle or Sybase database via unknown vectors.
|
|||||
| CVE-2012-3285 | 1 Hp | 2 Lefthand P4000 Virtual San Appliance, San\/iq | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1513.
|
|||||
| CVE-2013-4838 | 1 Hp | 1 Loadrunner | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.
|
|||||
| CVE-2011-3337 | 4 Eeye, Hp, Sgi and 1 more | 5 Digital Security Audits, Retina Network Security Scanner, Hp-ux and 2 more | 2025-04-11 | 6.9 MEDIUM | N/A |
|
eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/.
|
|||||