Filtered by vendor Hp
Subscribe
Total
2513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3992 | 1 Hp | 2 Insight Control Server Migration, Insight Control Server Migration6.0.1 | 2025-04-11 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
|
|||||
| CVE-2011-2331 | 1 Hp | 1 Intelligent Management Center | 2025-04-11 | 10.0 HIGH | N/A |
|
Integer overflow in img.exe in HP Intelligent Management Center (IMC) allows remote attackers to execute arbitrary code via a crafted length value in an a packet that triggers a heap-based buffer overflow, possibly related to an "recv" field.
|
|||||
| CVE-2011-2398 | 1 Hp | 1 Hp-ux | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the dynamic loader in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges or cause a denial of service via unknown vectors.
|
|||||
| CVE-2011-3164 | 1 Hp | 1 Hp-ux Containers | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure Resource Partitions (SRP)) A.03.00, A.03.00.002, and A.03.01, when running with patch PHKL_42310, allows local users to gain privileges via unknown vectors.
|
|||||
| CVE-2013-3575 | 1 Hp | 1 Insight Diagnostics | 2025-04-11 | 5.0 MEDIUM | N/A |
|
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter.
|
|||||
| CVE-2010-4100 | 1 Hp | 1 Insight Control Performance Management | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP Insight Control Performance Management before 6.1 update 2 allows remote attackers to read arbitrary files via unknown vectors.
|
|||||
| CVE-2011-1856 | 1 Hp | 1 Business Availability Center | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.06 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2012-5211 | 1 Hp | 1 Intelligent Management Center User Access Manager | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP Intelligent Management Center (iMC) User Access Manager (UAM) before 5.2 E0402 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1643.
|
|||||
| CVE-2012-5212 | 1 Hp | 2 Intelligent Management Center, Intelligent Management Center For Automated Network Manager | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1663.
|
|||||
| CVE-2010-2708 | 1 Hp | 7 Procurve Switch 2610, Procurve Switch 2610-24, Procurve Switch 2610-24-pwr and 4 more | 2025-04-11 | 6.1 MEDIUM | N/A |
|
Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2013-3576 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 9.0 HIGH | N/A |
|
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en.
|
|||||
| CVE-2011-4167 | 1 Hp | 1 Managed Printing Administration | 2025-04-11 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing Administration before 2.6.4 allows remote attackers to execute arbitrary code via a long filename parameter in an uploadfile action to Default.asp.
|
|||||
| CVE-2012-5202 | 1 Hp | 2 Intelligent Management Center, Intelligent Management Center For Automated Network Manager | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1612.
|
|||||
| CVE-2009-4183 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-11 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in HP OpenView Storage Data Protector 6.00 and 6.10 allows local users to obtain unspecified "access" via unknown vectors.
|
|||||
| CVE-2013-3573 | 1 Hp | 1 Insight Diagnostics | 2025-04-11 | 10.0 HIGH | N/A |
|
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors.
|
|||||
| CVE-2010-1550 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
|
Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in the sel parameter.
|
|||||
| CVE-2013-4836 | 1 Hp | 2 Alm Synchronizer, Application Lifecycle Management | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759.
|
|||||
| CVE-2011-2328 | 1 Hp | 1 Loadrunner | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Buffer overflow in HP LoadRunner allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a .usr (aka Virtual User script) file with long directives.
|
|||||
| CVE-2011-0269 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
|
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long schd_select1 parameter.
|
|||||
| CVE-2010-4107 | 1 Hp | 8 9000, Color Laserjet Mfp, Laserjet 4100 and 5 more | 2025-04-11 | 7.8 HIGH | N/A |
|
The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack.
|
|||||
| CVE-2010-0452 | 1 Hp | 2 Hp-ux, Project And Portfolio Management Center | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in HP Project and Portfolio Management Center (PPMC, formerly Mercury IT Governance) 7.1 through SP10 and 7.5 through SP3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2010-1964 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 7.5 HIGH | N/A |
|
Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.
|
|||||
| CVE-2011-4788 | 1 Hp | 3 Storageworks P2000 G3 Msa Fc\/iscsi Dual Combo Controller Lff Array System, Storageworks P2000 G3 Msa Fibre Channel Dual Controller Lff Array System, Storageworks P2000 G3 Msa Fibre Channel Dual Controller Sff Array System | 2025-04-11 | 7.8 HIGH | N/A |
|
Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI.
|
|||||
| CVE-2012-0121 | 1 Hp | 1 Data Protector Express | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1392.
|
|||||
| CVE-2011-0921 | 1 Hp | 1 Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
|
crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username.
|
|||||
| CVE-2011-0770 | 1 Hp | 7 Arcsight C1000 Appliance, Arcsight C1300 Appliance, Arcsight C3200 Appliance and 4 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 allows remote attackers to inject arbitrary web script or HTML via the Windows XP variable in a file.
|
|||||
| CVE-2013-6193 | 1 Hp | 25 Color Laserjet Cm1312nfi Multifunction Printer, Color Laserjet Cm2320n Multifunction Printer, Color Laserjet Cp1515 and 22 more | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability on HP LaserJet M1522n and M2727; LaserJet Pro 100, 300, 400, CM1415fnw, CP1*, M121*, M1536dnf, and P1*; Color LaserJet CM* and CP*; and TopShot LaserJet Pro M275 printers allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2012-3279 | 1 Hp | 1 Network Node Manager I | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2010-3006 | 1 Hp | 13 Proliant Dl120 G6, Proliant Dl160 G6, Proliant Dl160se G6 and 10 more | 2025-04-11 | 7.8 HIGH | N/A |
|
Unspecified vulnerability on the HP ProLiant G6 Lights-Out 100 Remote Management card with firmware before 4.06 allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2013-2350 | 1 Hp | 1 Storage Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1897.
|
|||||
| CVE-2010-4112 | 1 Hp | 1 Insight Management Agents | 2025-04-11 | 5.0 MEDIUM | N/A |
|
HP Insight Management Agents before 8.6 allows remote attackers to obtain sensitive information via an unspecified request that triggers disclosure of the full path.
|
|||||
| CVE-2012-3284 | 1 Hp | 2 Lefthand P4000 Virtual San Appliance, San\/iq | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512.
|
|||||
| CVE-2011-3165 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1208.
|
|||||
| CVE-2011-3846 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
|
|||||
| CVE-2011-1540 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2013-2368 | 1 Hp | 1 Loadrunner | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to cause a denial of service via unknown vectors, aka ZDI-CAN-1669.
|
|||||
| CVE-2011-4166 | 1 Hp | 1 Managed Printing Administration | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.
|
|||||
| CVE-2013-2340 | 1 Hp | 15 3com Baseline Plus Switch, 3com Router, 3com Switch and 12 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors.
|
|||||
| CVE-2011-1539 | 1 Hp | 1 Proliant Support Pack | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2012-5200 | 1 Hp | 2 Intelligent Management Center, Intelligent Management Center For Automated Network Manager | 2025-04-11 | 3.5 LOW | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
|||||