Vulnerabilities (CVE)

Filtered by vendor Hp Subscribe
Total 2460 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-5367 1 Hp 39 Elite X2 1010 G2, Elitebook 1040 G1, Elitebook 1040 G2 and 36 more 2025-04-12 6.9 MEDIUM N/A
The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows local users to gain privileges via unspecified vectors.
CVE-2016-4380 1 Hp 1 Operations Manager 2025-04-12 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-2605 1 Hp 10 Storage Management Software, Storevirtual 4130, Storevirtual 4330 and 7 more 2025-04-12 5.0 MEDIUM N/A
Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVirtual VSA 9.5 through 11.0 allows remote attackers to obtain sensitive information via unknown vectors.
CVE-2016-2026 1 Hp 2 Matrix Operating Environment, Systems Insight Manager 2025-04-12 5.0 MEDIUM 7.5 HIGH
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2027.
CVE-2016-2012 1 Hp 1 Network Node Manager I 2025-04-12 7.5 HIGH 6.5 MEDIUM
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to bypass authentication via unspecified vectors.
CVE-2015-2137 1 Hp 1 Operations Manager I 2025-04-12 10.0 HIGH N/A
Unspecified vulnerability in HP Operations Manager i (OMi) 9.22, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2014-7876 1 Hp 3 Integrated Lights-out 2 Firmware, Integrated Lights-out 4 Firmware, Integrated Lights-out Chassis Management Firmware 2025-04-12 10.0 HIGH N/A
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.
CVE-2014-7898 2 Hp, Microsoft 2 Ole Point Of Sale Driver, Windows 2025-04-12 10.0 HIGH N/A
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2014-7896 1 Hp 4 Xp7 Global Link Manager Software, Xp P9000 Device Manager, Xp P9000 Replication Manager and 1 more 2025-04-12 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before 7.6.1-06, and HP XP7 Global Link Manager Software (aka HGLM) 6.x through 8.x before 8.1.2-00, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-2632 1 Hp 1 Service Manager 2025-04-12 10.0 HIGH N/A
Unspecified vulnerability in the WebTier component in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2016-4395 1 Hp 1 System Management Homepage 2025-04-12 7.8 HIGH 7.5 HIGH
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
CVE-2014-7892 1 Hp 8 Integrated Single Head Msr W\/o Sred J1a33aa, Integrated Single Head W\/o Msr Sred J1a34aa, Mini Msr Fk186aa and 5 more 2025-04-12 10.0 HIGH N/A
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMSR.ocx for Mini MSR magnetic stripe readers, Retail Integrated Dual-Head MSR magnetic stripe readers, Integrated Single Head MSR w/o SRED magnetic stripe readers, Integrated Single Head w/o MSR SRED magnetic stripe readers, RP7 Single Head MSR w/o SRED magnetic stripe readers, POS keyboards, and POS keyboards with MSR, aka ZDI-CAN-2508.
CVE-2014-2625 1 Hp 1 Network Virtualization 2025-04-12 8.5 HIGH N/A
Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to read arbitrary files via crafted input, aka ZDI-CAN-2023.
CVE-2015-5443 1 Hp 1 3par Service Processor Sp 2025-04-12 4.0 MEDIUM N/A
HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 (GA) SPOCC, and SP 4.3.0-GA-24 (MU1) SPOCC allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVE-2015-6863 1 Hp 1 Arcsight Logger 2025-04-12 7.5 HIGH 7.3 HIGH
HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component.
CVE-2016-1993 1 Hp 1 System Management Homepage 2025-04-12 5.5 MEDIUM 8.1 HIGH
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVE-2015-2118 1 Hp 1 Access Control 2025-04-12 4.0 MEDIUM N/A
Unspecified vulnerability in the Secure Pull Print and Security Pull Print components in HP Access Control (AC) Software 12.x through 14.x before 14.1.2 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVE-2014-2621 1 Hp 2 Imc Branch Intelligent Management System Software Module, Intelligent Management Center 2025-04-12 7.8 HIGH N/A
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2090.
CVE-2016-4385 1 Hp 1 Network Automation 2025-04-12 7.5 HIGH 7.3 HIGH
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries.
CVE-2014-2612 3 Hp, Linux, Microsoft 3 Release Control, Linux Kernel, Windows 2025-04-12 4.0 MEDIUM N/A
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information via unknown vectors.