Filtered by vendor Hp
Subscribe
Total
2460 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6188 | 1 Hp | 1 System Management Homepage | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2015-2121 | 1 Hp | 1 Network Virtualization | 2025-04-12 | 7.8 HIGH | N/A |
| HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569. | |||||
| CVE-2015-2903 | 1 Hp | 1 Arcsight Smartconnectors | 2025-04-12 | 6.9 MEDIUM | N/A |
| The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of this password. | |||||
| CVE-2016-2027 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2026. | |||||
| CVE-2016-4373 | 1 Hp | 1 Operations Manager | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | |||||
| CVE-2015-7497 | 5 Canonical, Debian, Hp and 2 more | 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2013-6212 | 1 Hp | 1 Database And Middleware Automation | 2025-04-12 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors. | |||||
| CVE-2015-6029 | 1 Hp | 1 Arcsight Logger | 2025-04-12 | 5.0 MEDIUM | N/A |
| HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach. | |||||
| CVE-2014-2634 | 1 Hp | 1 Service Manager | 2025-04-12 | 9.4 HIGH | N/A |
| Unspecified vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to bypass intended access restrictions, and modify data or cause a denial of service, via unknown vectors. | |||||
| CVE-2014-2643 | 1 Hp | 1 Systems Insight Manager | 2025-04-12 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2015-5421 | 1 Hp | 1 Keyview | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2881. | |||||
| CVE-2015-2132 | 1 Hp | 1 Operations Manager I | 2025-04-12 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in the execve system-call implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors. | |||||
| CVE-2016-2008 | 1 Hp | 1 Data Protector | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2014-2609 | 1 Hp | 1 Executive Scorecard | 2025-04-12 | 10.0 HIGH | N/A |
| The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116. | |||||
| CVE-2015-5430 | 1 Hp | 1 Matrix Operating Environment | 2025-04-12 | 5.0 MEDIUM | N/A |
| HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2015-2123 | 1 Hp | 1 Nonstop Safeguard Security | 2025-04-12 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP NonStop Safeguard Security Software H06.x, L15.02, and J06.x before J06.19 allows remote authenticated users to gain privileges by leveraging Expand access. | |||||
| CVE-2014-4661 | 1 Hp | 1 Records Manager | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-7884 | 1 Hp | 1 Arcsight Logger | 2025-04-12 | 9.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors. | |||||
| CVE-2014-2637 | 1 Hp | 1 Sprinter | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2342. | |||||
| CVE-2013-6220 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0, 9.10, and 9.20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||