Filtered by vendor Hp
Subscribe
Total
2441 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-1992 | 1 Hp | 2 Enterprise Security Manager, Enterprise Security Manager Express | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-6215 | 1 Hp | 1 Universal Configuration Management Database | 2025-04-12 | 8.5 HIGH | N/A |
| Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1977. | |||||
| CVE-2015-4024 | 5 Apple, Hp, Oracle and 2 more | 12 Mac Os X, System Management Homepage, Linux and 9 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome. | |||||
| CVE-2015-6859 | 1 Hp | 54 J8692a, J8693a, J8697a and 51 more | 2025-04-12 | 4.6 MEDIUM | 7.8 HIGH |
| HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6860. | |||||
| CVE-2015-3269 | 2 Adobe, Hp | 2 Livecycle Data Services, Business Service Management | 2025-04-12 | 5.0 MEDIUM | N/A |
| Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354169 and other products, allows remote attackers to read arbitrary files via an AMF message containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2015-5427 | 1 Hp | 1 Matrix Operating Environment | 2025-04-12 | 7.5 HIGH | N/A |
| HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5428 and CVE-2015-5429. | |||||
| CVE-2016-4361 | 1 Hp | 2 Loadrunner, Performance Center | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2016-4365 | 1 Hp | 1 Insight Control Server Deployment | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| HPE Insight Control server deployment allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2015-5423 | 1 Hp | 1 Keyview | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2884. | |||||
| CVE-2016-4394 | 1 Hp | 1 System Management Homepage | 2025-04-12 | 5.8 MEDIUM | 6.5 MEDIUM |
| HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue. | |||||
| CVE-2016-2244 | 1 Hp | 55 A2w75a, A2w76a, A2w77a and 52 more | 2025-04-12 | 5.0 MEDIUM | 5.9 MEDIUM |
| HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-2011 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2010. | |||||
| CVE-2013-6188 | 1 Hp | 1 System Management Homepage | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2015-2121 | 1 Hp | 1 Network Virtualization | 2025-04-12 | 7.8 HIGH | N/A |
| HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569. | |||||
| CVE-2015-2903 | 1 Hp | 1 Arcsight Smartconnectors | 2025-04-12 | 6.9 MEDIUM | N/A |
| The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of this password. | |||||
| CVE-2016-2027 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2026. | |||||
| CVE-2016-4373 | 1 Hp | 1 Operations Manager | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | |||||
| CVE-2015-7497 | 5 Canonical, Debian, Hp and 2 more | 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2013-6212 | 1 Hp | 1 Database And Middleware Automation | 2025-04-12 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors. | |||||
| CVE-2015-6029 | 1 Hp | 1 Arcsight Logger | 2025-04-12 | 5.0 MEDIUM | N/A |
| HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach. | |||||