Filtered by vendor Hp
Subscribe
Total
2513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0204 | 1 Hp | 1 Select Access | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP Select Access 6.1 and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2009-1426 | 1 Hp | 9 Proliant Dl120, Proliant Dl160, Proliant Dl165 and 6 more | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability on HP ProLiant DL and ML 100 Series G5, G5p, and G6 servers with ProLiant Onboard Administrator Powered by LO100i (formerly Lights Out 100) 3.07 and earlier allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2008-0974 | 2 Double-take Software, Hp | 2 Double-take, Storageworks Double-take | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon termination) via (1) a large vector<T> value, which raises a "vector<T> too long" exception; or (2) a certain packet that raises an ospace/time/src\date.cpp exception.
|
|||||
| CVE-2007-5413 | 1 Hp | 2 Openview Client Configuraton Manager, Openview Configuration Management | 2025-04-09 | 7.8 HIGH | N/A |
|
httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home directories, as demonstrated by ~root.
|
|||||
| CVE-2007-4590 | 1 Hp | 3 Dynrootdisk, Hp-ux, Ignite-ux | 2025-04-09 | 3.3 LOW | N/A |
|
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
|
|||||
| CVE-2008-3543 | 1 Hp | 2 Hpux, Oncplus | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in NFS / ONCplus B.11.31_04 and earlier on HP-UX B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.
|
|||||
| CVE-2008-4415 | 1 Hp | 1 Service Manager | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 allows remote authenticated users to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2009-1418 | 1 Hp | 1 System Management Homepage | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2007-4179 | 1 Hp | 2 Address And Routing Parameter Area\(arpa\) Transport, Hp-ux | 2025-04-09 | 1.5 LOW | N/A |
|
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. NOTE: this is probably different from CVE-2007-0916, but this is not certain due to lack of vendor details.
|
|||||
| CVE-2009-2677 | 1 Hp | 1 Insight Control Suite For Linux | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Suite For Linux (aka ICE-LX) before 2.11 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
|||||
| CVE-2007-6204 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as demonstrated via a long Action parameter to OpenView5.exe.
|
|||||
| CVE-2007-6232 | 8 Ftp, Hp, Ibm and 5 more | 9 Admin, Hp-ux, Tru64 and 6 more | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action.
|
|||||
| CVE-2009-1422 | 1 Hp | 3 Procurve Switch 5400zl, Procurve Switch 8200zl, Procurve Threat Management Services Zl Module | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and earlier allows remote attackers to gain privileges via unknown vectors, aka PR_41209.
|
|||||
| CVE-2008-0711 | 1 Hp | 4 Bl860c, Rx2660, Rx3600 and 1 more | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the embedded management console in HP iLO-2 Management Processors (iLO-2 MP), as used in Integrity Servers rx2660, rx3600, and rx6600, and Integrity Blade Server model bl860c, allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2009-3842 | 1 Hp | 2 Color Laserjet Cp3525 Printer, Color Laserjet M3530 Multifunction Printer | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction Printer with firmware 05.058.4 and the Color LaserJet CP3525 Printer with firmware 53.021.2 allows remote attackers to obtain "access to data" or cause a denial of service via unknown vectors.
|
|||||
| CVE-2006-5556 | 1 Hp | 1 Hp-ux | 2025-04-09 | 4.6 MEDIUM | N/A |
|
Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable.
|
|||||
| CVE-2007-3872 | 1 Hp | 2 Openview Operations, Shared Trace Service | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.
|
|||||
| CVE-2008-1659 | 1 Hp | 2 Hp-ux, Ldap-ux | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in HP LDAP-UX vB.04.10 through vB.04.15 allows local users to gain privileges via unknown vectors.
|
|||||
| CVE-2006-6418 | 1 Hp | 1 Tru64 | 2025-04-09 | 7.2 HIGH | N/A |
|
Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable.
|
|||||
| CVE-2007-2736 | 9 Achievo, Apple, Hp and 6 more | 18 Achievo, A Ux, Mac Os X and 15 more | 2025-04-09 | 10.0 HIGH | N/A |
|
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.
|
|||||
| CVE-2007-2246 | 2 Hp, Sendmail | 2 Hp-ux, Sendmail | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434.
|
|||||
| CVE-2009-2678 | 1 Hp | 1 Nonstop Server | 2025-04-09 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Open System Services (OSS) Name Server on HP NonStop G06.27, G06.28, G06.29, G06.30, H06.06, H06.07, H06.08, and J06.03 allows remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2007-1819 | 1 Hp | 1 Mercury Quality Center | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property.
|
|||||
| CVE-2008-3946 | 1 Hp | 1 Openvms | 2025-04-09 | 4.9 MEDIUM | N/A |
|
The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file.
|
|||||
| CVE-2007-0866 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2007-5208 | 1 Hp | 1 Linux Imaging And Printing Project | 2025-04-09 | 7.6 HIGH | N/A |
|
hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.
|
|||||
| CVE-2007-2281 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-09 | 10.0 HIGH | N/A |
|
Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter.
|
|||||
| CVE-2009-3098 | 2 Hp, Microsoft | 2 Operations Dashboard, Windows Server 2003 | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Portal in HP Operations Dashboard 2.1 on Windows Server 2003 SP2 allows remote attackers to have an unknown impact, related to a "Remote exploit," as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
|
|||||
| CVE-2007-5536 | 2 Hp, Hpe | 2 Hp-ux, Openssl | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.
|
|||||
| CVE-2008-4562 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205.
|
|||||
| CVE-2007-5608 | 1 Hp | 1 Instant Support | 2025-04-09 | 9.3 HIGH | N/A |
|
The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953.
|
|||||
| CVE-2008-3544 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 9.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61), or (3) REQUEST_RESTORE_STATE (aka number 62) request to TCP port 2954.
|
|||||
| CVE-2008-0068 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter.
|
|||||
| CVE-2007-1918 | 8 Apple, Hp, Ibm and 5 more | 11 Macos, Hp-ux, Tru64 and 8 more | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
|
|||||
| CVE-2009-2683 | 1 Hp | 1 Remote Graphics Software | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in the Sender module in HP Remote Graphics Software (RGS) 5.1.3 through 5.2.6 allows remote authenticated users to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2008-5395 | 2 Hp, Linux | 2 Pa-risc, Linux Kernel | 2025-04-09 | 4.9 MEDIUM | N/A |
|
The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses.
|
|||||
| CVE-2009-2679 | 1 Hp | 1 Hp-ux | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.
|
|||||
| CVE-2008-0215 | 1 Hp | 2 Storage Essentials Srm Enterprise, Storage Essentials Srm Standard | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in HP Storage Essentials Storage Resource Management (SRM) before 6.0.0 allow remote attackers to obtain unspecified access to a managed device via unknown attack vectors.
|
|||||
| CVE-2007-3729 | 1 Hp | 1 Openvms | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid POP usernames.
|
|||||
| CVE-2007-1994 | 1 Hp | 1 Hp-ux | 2025-04-09 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.00 allows local users to cause a denial of service via unknown vectors. NOTE: due to lack of vendor details, it is not clear whether this is the same as CVE-2007-0916.
|
|||||