Filtered by vendor Hp
Subscribe
Total
2513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3847 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2007-3062 | 1 Hp | 1 System Management Homepage | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2009-2682 | 1 Hp | 1 Hp-ux | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in Role-Based Access Control (RBAC) in HP HP-UX B.11.23 and B.11.31 allows local users to bypass intended access restrictions via unknown vectors.
|
|||||
| CVE-2007-5241 | 1 Hp | 1 Openvms | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All" command, which overwrites a Non-Paged Pool Packet.
|
|||||
| CVE-2009-3097 | 2 Hp, Microsoft | 2 Performance Insight, Windows | 2025-04-09 | 7.8 HIGH | N/A |
|
Multiple unspecified vulnerabilities in HP Performance Insight 5.3 on Windows allow attackers to obtain sensitive information via unknown vectors, as demonstrated by certain modules in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
|
|||||
| CVE-2007-3260 | 1 Hp | 1 System Management Homepage | 2025-04-09 | 9.0 HIGH | N/A |
|
HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.
|
|||||
| CVE-2007-5242 | 1 Hp | 1 Openvms | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after receipt of the first buffer segment."
|
|||||
| CVE-2007-2280 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSG_PROTOCOL command with long arguments, a different vulnerability than CVE-2009-3844.
|
|||||
| CVE-2009-4181 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via vectors involving the sel and arg parameters to jovgraph.exe.
|
|||||
| CVE-2008-2438 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Integer overflow in ovalarmsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted command to TCP port 2954, which triggers a heap-based buffer overflow.
|
|||||
| CVE-2007-4241 | 2 Cisco, Hp | 2 Local Director, Hp-ux | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for Cisco Local Director on HP-UX 11.11i allows remote attackers to execute arbitrary code via a long string to TCP port 17781.
|
|||||
| CVE-2007-2275 | 1 Hp | 3 Storageworks Command View, Storageworks Replication Monitor, Storageworks Tiered Storage Manager | 2025-04-09 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in HP StorageWorks Command View Advanced Edition for XP before 5.6.0-01, XP Replication Monitor before 5.6.0-01, and XP Tiered Storage Manager before 5.5.0-02 allows local users to access other accounts via unspecified vectors during registration or addition of new users.
|
|||||
| CVE-2007-0805 | 1 Hp | 1 Tru64 | 2025-04-09 | 2.1 LOW | N/A |
|
The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.
|
|||||
| CVE-2007-0161 | 1 Hp | 21 Color Laserjet 4650, Officejet 4100, Officejet 5100 and 18 more | 2025-04-09 | 4.1 MEDIUM | N/A |
|
The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.
|
|||||
| CVE-2008-3902 | 1 Hp | 1 68dtt | 2025-04-09 | 2.1 LOW | N/A |
|
HP firmware 68DTT F.0D stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer, aka SSRT080104.
|
|||||
| CVE-2008-0713 | 1 Hp | 1 Hp-ux | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23, and B.11.31 allows remote authenticated users to cause a denial of service (FTP server outage) via unknown attack vectors.
|
|||||
| CVE-2009-0713 | 1 Hp | 1 Systems Insight Manager | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager before 2.5.2.0 allows remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2008-0214 | 1 Hp | 1 Select Identity | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to gain access via unknown vectors.
|
|||||
| CVE-2007-5008 | 1 Hp | 1 Hp-ux | 2025-04-09 | 9.0 HIGH | N/A |
|
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.
|
|||||
| CVE-2007-6506 | 1 Hp | 1 Software Update | 2025-04-09 | 9.3 HIGH | N/A |
|
The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.
|
|||||
| CVE-2008-1665 | 1 Hp | 1 Hpsi Active Directory Bidirectional Ldap Connector | 2025-04-09 | 9.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in HP Select Identity (HPSI) Active Directory Bidirectional LDAP Connector 2.20, 2.20.001, 2.20.002, and 2.30 allow remote attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2007-6425 | 1 Hp | 1 Hp-ux | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2007-5391 | 1 Hp | 1 Select Identity | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 allows remote attackers to obtain unspecified access via unknown vectors.
|
|||||
| CVE-2008-0709 | 4 Hp, Microsoft, Redhat and 1 more | 6 Hp-ux, Select Identity, Windows 2003 Server and 3 more | 2025-04-09 | 5.5 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to access other user accounts via unknown vectors, a different issue than CVE-2008-0214.
|
|||||
| CVE-2008-0704 | 1 Hp | 3 Alpha, Integrity, Open Vms Tcp-ip Services | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain unspecified access via unknown vectors.
|
|||||
| CVE-2008-3536 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3537.
|
|||||
| CVE-2007-2998 | 1 Hp | 1 Openvms | 2025-04-09 | 4.9 MEDIUM | N/A |
|
The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service (system crash) via certain Pascal code.
|
|||||
| CVE-2008-4418 | 1 Hp | 1 Hp-ux | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2009-2681 | 2 Hp, Microsoft | 3 Procurve Identity Driven Manager, Windows Server 2003, Windows Server 2008 | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in HP ProCurve Identity Driven Manager (IDM) A.02.x through A.02.03 and A.03.x through A.03.00, on Windows Server 2003 with IAS and Windows Server 2008 with NPS, allows local users to gain privileges via unknown vectors.
|
|||||
| CVE-2009-4189 | 1 Hp | 1 Operations Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
HP Operations Manager has a default password of OvW*busr1 for the ovwebusr account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3099 and CVE-2009-3843.
|
|||||
| CVE-2009-1420 | 1 Hp | 3 Hpovnnm.hpovmib, Hpovnnm.hpovsnmp, Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when used with SNMP (aka HPOvNNM.HPOVSNMP) before 1.30.009 and MIB (aka HPOvNNM.HPOVMIB) before 1.30.009, allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.
|
|||||
| CVE-2002-1611 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
|
|||||
| CVE-1999-0008 | 2 Hp, Sun | 3 Hp-ux, Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in NIS+, in Sun's rpc.nisd program.
|
|||||
| CVE-2005-1434 | 1 Hp | 1 Openview Network Node Manager | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code.
|
|||||
| CVE-2000-1057 | 1 Hp | 1 Openview Network Node Manager | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions.
|
|||||
| CVE-2006-3686 | 1 Hp | 1 Openvms | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in [SYSEXE]SMPUTIL.EXE in HP OpenVMS 7.3-2 allows local users and "remote users" to cause a denial of service (crash).
|
|||||
| CVE-2001-0267 | 1 Hp | 1 Mpe Ix | 2025-04-03 | 7.2 HIGH | N/A |
|
NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges.
|
|||||
| CVE-2002-0836 | 3 Hp, Mandrakesoft, Redhat | 3 Secure Os, Mandrake Linux, Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
|
|||||
| CVE-1999-1115 | 1 Hp | 1 Apollo Domain Os | 2025-04-03 | 7.2 HIGH | N/A |
|
Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh).
|
|||||
| CVE-2001-0606 | 2 Hp, Sun | 2 Virtualvault, Iplanet Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service.
|
|||||