Filtered by vendor Hp
Subscribe
Total
2513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3250 | 1 Hp | 2 Service Center Server, Service Manager Server | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and 9.30, and HP Service Center Server 6.28, allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2013-2356 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 5.0 MEDIUM | N/A |
|
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363.
|
|||||
| CVE-2012-2561 | 1 Hp | 1 Business Service Management | 2025-04-11 | 10.0 HIGH | N/A |
|
HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server component via a crafted request to TCP port 1098, 1099, or 4444.
|
|||||
| CVE-2013-2345 | 1 Hp | 1 Storage Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1869.
|
|||||
| CVE-2012-2001 | 1 Hp | 1 Snmp Agents For Linux | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2011-1378 | 2 Hp, Ibm | 2 Openvms, Websphere Mq | 2025-04-11 | 1.9 LOW | N/A |
|
IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM group are established, does not properly verify User Authorization File (UAF) data, which allows local users to kill listener processes and the command server via a control command.
|
|||||
| CVE-2012-5215 | 1 Hp | 20 Hotspot Laserjet Pro M1218nfs Mfp, Hotspot Laserjet Pro M1218nfs Mfp Firmware, Laserjet Pro Cp1025nw and 17 more | 2025-04-11 | 8.8 HIGH | N/A |
|
Unspecified vulnerability on the HP LaserJet Pro M1212nf, M1213nf, M1214nfh, M1216nfh, M1217nfw, and M1219nf, and HotSpot LaserJet Pro M1218nfs, with firmware before 20130211; LaserJet Pro CP1025nw with firmware before 20130212; and LaserJet Pro P1102w and P1606dn with firmware before 20130213 allows remote attackers to modify data or cause a denial of service via unknown vectors.
|
|||||
| CVE-2011-0892 | 1 Hp | 1 Diagnostics | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Diagnostics 7.5x and 8.0x before 8.05.54.225 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
|||||
| CVE-2011-1864 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-11 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2012-3277 | 1 Hp | 1 Openvms | 2025-04-11 | 5.0 MEDIUM | N/A |
|
HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows remote attackers to cause a denial of service via unspecified vectors.
|
|||||
| CVE-2013-4799 | 1 Hp | 1 Loadrunner | 2025-04-11 | 7.6 HIGH | N/A |
|
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1734.
|
|||||
| CVE-2010-4115 | 1 Hp | 2 Storageworks Modular Smart Array P2000 G3, Storageworks Modular Smart Array P2000 G3 Firmware | 2025-04-11 | 9.0 HIGH | N/A |
|
HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, TS100R025, TS100P002, TS200R005, TS201R014, and TS201R015 installs an undocumented admin account with a default "!admin" password, which allows remote attackers to gain privileges.
|
|||||
| CVE-2012-1993 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 3.2 LOW | N/A |
|
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors.
|
|||||
| CVE-2013-2321 | 2 Hp, Microsoft | 2 Service Manager Web Tier, Windows | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2013-4835 | 1 Hp | 1 Sitescope | 2025-04-11 | 7.5 HIGH | N/A |
|
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.
|
|||||
| CVE-2011-1533 | 1 Hp | 7 Envy 100 D410, Photosmart B110, Photosmart D110 and 4 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2011-1737 | 1 Hp | 1 Palm Webos | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in the Email application in HP Palm webOS 1.4.5 and 1.4.5.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2010-1031 | 1 Hp | 1 Insight Control Suite For Linux | 2025-04-11 | 6.9 MEDIUM | N/A |
|
Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux or ICE-LX) 2.11 and earlier allows local users to gain privileges via unknown vectors.
|
|||||
| CVE-2013-6203 | 1 Hp | 1 Application Information Optimizer | 2025-04-11 | 7.5 HIGH | N/A |
|
The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-1656.
|
|||||
| CVE-2010-3291 | 1 Hp | 2 Assetcenter, Assetmanager | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x through AC_5.03, and AssetManager 5.1x through AM_5.12 and 5.2x through AM_5.22, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2013-2332 | 1 Hp | 1 Storage Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1654.
|
|||||
| CVE-2011-0923 | 1 Hp | 1 Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
|
The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."
|
|||||
| CVE-2011-0271 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
|
The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability."
|
|||||
| CVE-2010-4494 | 10 Apache, Apple, Debian and 7 more | 17 Openoffice, Iphone Os, Itunes and 14 more | 2025-04-11 | 7.5 HIGH | N/A |
|
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
|
|||||
| CVE-2011-0891 | 1 Hp | 1 Hp-ux | 2025-04-11 | 4.4 MEDIUM | N/A |
|
Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors.
|
|||||
| CVE-2011-1545 | 1 Hp | 1 Insight Control Performance Management | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
|||||
| CVE-2014-0382 | 3 Hp, Oracle, Redhat | 11 Hp-ux, Jdk, Jre and 8 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect availability via unknown vectors related to JavaFX.
|
|||||
| CVE-2011-2697 | 1 Hp | 1 Linux Imaging And Printing Project | 2025-04-11 | 6.8 MEDIUM | N/A |
|
foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file.
|
|||||
| CVE-2013-6202 | 1 Hp | 1 Service Manager | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code.
|
|||||
| CVE-2011-4158 | 1 Hp | 1 Directories Support For Proliant Management Processors | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP Directories Support for ProLiant Management Processors 3.10 and 3.20 for Integrated Lights-Out iLO2 and iLO3 allows remote authenticated users to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2011-1537 | 1 Hp | 1 Proliant Support Pack | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2011-2779 | 1 Hp | 7 Arcsight C1000 Appliance, Arcsight C1300 Appliance, Arcsight C3200 Appliance and 4 more | 2025-04-11 | 3.6 LOW | N/A |
|
Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 uses world-writable permissions for exported report files, which allows local users to change or delete log data by modifying a file, a different vulnerability than CVE-2011-0770.
|
|||||
| CVE-2012-3262 | 1 Hp | 1 Sitescope | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464.
|
|||||
| CVE-2011-4159 | 1 Hp | 2 Event Monitoring Service, Hp-ux | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in System Administration Manager (SAM) in EMS before A.04.20.11.04_01 on HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.
|
|||||
| CVE-2011-1854 | 1 Hp | 1 Intelligent Management Center | 2025-04-11 | 10.0 HIGH | N/A |
|
Use-after-free vulnerability in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long syslog packet, related to an exception handler.
|
|||||
| CVE-2013-6197 | 1 Hp | 3 Service Manager, Service Manager Web Client, Service Manager Web Tier | 2025-04-11 | 5.2 MEDIUM | N/A |
|
Unspecified vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote authenticated users to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2011-1538 | 1 Hp | 1 Proliant Support Pack | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Open redirect vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote authenticated users to redirect other users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
|||||
| CVE-2011-0279 | 1 Hp | 1 Multifunction Peripheral Digital Sending Software | 2025-04-11 | 2.1 LOW | N/A |
|
HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication.
|
|||||
| CVE-2010-4103 | 1 Hp | 1 Insight Managed System Setup Wizard | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP Insight Managed System Setup Wizard before 6.2 allows remote attackers to read arbitrary files via unknown vectors.
|
|||||
| CVE-2011-4790 | 1 Hp | 1 Network Automation | 2025-04-11 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in HP Network Automation 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||