Filtered by vendor Hp
Subscribe
Search
Total
427 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-11956 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11984 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11980 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A remote code exection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11950 | 1 Hp | 1 Intelligent Management Center | 2019-06-06 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5357 | 1 Hp | 1 Intelligent Management Center | 2019-06-06 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-5350 | 1 Hp | 1 Intelligent Management Center | 2019-06-06 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11947 | 1 Hp | 1 Intelligent Management Center | 2019-06-06 | 9.0 HIGH | 8.8 HIGH |
| A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2018-7123 | 1 Hp | 1 Intelligent Management Center | 2019-06-06 | 7.8 HIGH | 7.5 HIGH |
| A remote denial of service vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2017-3733 | 2 Hp, Openssl | 2 Operations Agent, Openssl | 2019-04-23 | 5.0 MEDIUM | 7.5 HIGH |
| During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected. | |||||
| CVE-2017-2748 | 1 Hp | 1 Isaac Mizrahi Smartwatch | 2019-03-29 | 5.0 MEDIUM | 7.5 HIGH |
| A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue. | |||||
| CVE-2016-4447 | 8 Apple, Canonical, Debian and 5 more | 12 Iphone Os, Itunes, Mac Os X and 9 more | 2019-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName. | |||||
| CVE-2019-3481 | 1 Hp | 1 Arcsight Logger | 2019-03-25 | 7.5 HIGH | 7.1 HIGH |
| Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7. | |||||
| CVE-2017-5828 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2019-03-11 | 5.5 MEDIUM | 8.1 HIGH |
| An arbitrary command execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found. | |||||
| CVE-2017-12500 | 1 Hp | 1 Intelligent Management Center | 2019-03-08 | 9.0 HIGH | 8.8 HIGH |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version. | |||||
| CVE-2018-7102 | 1 Hp | 1 Intelligent Management Center | 2018-12-20 | 5.0 MEDIUM | 7.5 HIGH |
| A security vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09, createFabricAutoCfgFile could be remotely exploited via directory traversal to allow remote arbitrary file modification. | |||||
| CVE-2018-5921 | 1 Hp | 387 A2w75a, A2w75a Firmware, A2w76a and 384 more | 2018-11-27 | 6.8 MEDIUM | 8.8 HIGH |
| A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and could potentially be exploited remotely to allow elevation of privilege. | |||||
| CVE-2016-3705 | 5 Canonical, Debian, Hp and 2 more | 6 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 3 more | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references. | |||||
| CVE-2016-3627 | 5 Canonical, Debian, Hp and 2 more | 6 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 3 more | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document. | |||||
| CVE-2018-7059 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2018-10-18 | 4.0 MEDIUM | 8.8 HIGH |
| Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the "mon" permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is only present when authenticated as a user with "mon" permission. | |||||
| CVE-2017-9003 | 1 Hp | 1 Arubaos | 2018-10-18 | 7.8 HIGH | 7.5 HIGH |
| Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed. | |||||
| CVE-2016-8526 | 1 Hp | 1 Airwave | 2018-10-16 | 4.0 MEDIUM | 8.8 HIGH |
| Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities (XXE). XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the contents of XML files, XXE can be used as an attack vector. Because the XML parser has access to the local filesystem and runs with the permissions of the web server, it can access any file that is readable by the web server and copy it to an external system of the attacker's choosing. This could include files that contain passwords, which could then lead to privilege escalation. | |||||
| CVE-2018-5925 | 1 Hp | 540 1dt61a, 1dt61a Firmware, 1jl02a and 537 more | 2018-10-15 | 9.3 HIGH | 7.8 HIGH |
| A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution. | |||||
| CVE-2018-7069 | 1 Hp | 1 Centralview Fraud Risk Management | 2018-10-10 | 5.0 MEDIUM | 7.5 HIGH |
| HPE has identified a remote unauthenticated access to files vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version. | |||||
| CVE-2018-7097 | 1 Hp | 1 3par Service Provider | 2018-10-10 | 6.8 MEDIUM | 8.8 HIGH |
| A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow cross-site request forgery. | |||||
| CVE-2018-7098 | 1 Hp | 1 3par Service Provider | 2018-10-10 | 3.6 LOW | 8.4 HIGH |
| A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow directory traversal. | |||||
| CVE-2016-4405 | 1 Hp | 1 Business Service Management | 2018-10-05 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability was identified in HP Business Service Management (BSM) using Apache Commons Collection Java Deserialization versions v9.20-v9.26 | |||||
| CVE-2016-4398 | 1 Hp | 1 Network Node Manager I | 2018-10-05 | 6.5 MEDIUM | 8.8 HIGH |
| A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10 using Java Deserialization. | |||||
| CVE-2016-4397 | 1 Hp | 1 Network Node Manager I | 2018-10-05 | 4.6 MEDIUM | 7.8 HIGH |
| A local code execution security vulnerability was identified in HP Network Node Manager i (NNMi) v10.00, v10.10 and v10.20 Software. | |||||
| CVE-2018-7078 | 1 Hp | 3 Integrated Lights-out, Integrated Lights-out 4 Firmware, Integrated Lights-out 5 Firmware | 2018-10-05 | 9.0 HIGH | 7.2 HIGH |
| A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30. | |||||
| CVE-2018-7092 | 1 Hp | 1 Intelligent Management Center | 2018-10-05 | 6.4 MEDIUM | 7.5 HIGH |
| A potential security vulnerability has been identified in HPE Intelligent Management Center Platform (IMC Plat) 7.3 E0506P09. The vulnerability could be remotely exploited to allow for remote directory traversal leading to arbitrary file deletion. | |||||
| CVE-2017-17482 | 1 Hp | 1 Openvms | 2018-08-13 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation. | |||||
| CVE-2017-5797 | 1 Hp | 1 Intelligent Management Center | 2018-03-15 | 7.8 HIGH | 7.5 HIGH |
| A Remote Unauthenticated Disclosure of Information vulnerability in HPE Intelligent Management Center (IMC) SOM version v7.3 (E0501) was found. | |||||
| CVE-2017-5799 | 1 Hp | 1 Opencall Media Platform | 2018-03-15 | 6.5 MEDIUM | 8.8 HIGH |
| A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x). | |||||
| CVE-2017-5801 | 1 Hp | 1 Business Process Monitor | 2018-03-15 | 5.0 MEDIUM | 7.5 HIGH |
| A Remote Unauthorized Access to Data vulnerability in HPE Business Process Monitor version v09.2x, v09.30 was found. | |||||
| CVE-2017-8944 | 1 Hp | 1 Cloud Optimizer | 2018-03-15 | 7.8 HIGH | 7.5 HIGH |
| A Remote Disclosure of Information vulnerability in HPE Cloud Optimizer version v3.0x was found. | |||||
| CVE-2017-8946 | 1 Hp | 1 Aruba Airwave Glass | 2018-03-15 | 7.6 HIGH | 8.3 HIGH |
| A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found. | |||||
| CVE-2016-8529 | 1 Hp | 1 Lefthand | 2018-03-12 | 7.3 HIGH | 7.6 HIGH |
| A Remote Arbitrary Command Execution vulnerability in HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS version v12.5 and earlier was found. The problem was resolved in LeftHand OS v12.6 or any subsequent version. | |||||
| CVE-2017-5796 | 1 Hp | 10 J9623a, J9623a Firmware, J9624a and 7 more | 2018-03-12 | 9.3 HIGH | 8.8 HIGH |
| A Remote Cross Site Request Forgery (CSRF) vulnerability in HPE 2620 Series Network Switches version RA.15.05.0006 was found. | |||||
| CVE-2016-8530 | 1 Hp | 1 Intelligent Management Center | 2018-03-12 | 5.0 MEDIUM | 7.5 HIGH |
| A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version. | |||||
| CVE-2016-8513 | 1 Hp | 1 Version Control Repository Manager | 2018-03-07 | 6.0 MEDIUM | 8.0 HIGH |
| A Cross-Site Request Forgery (CSRF) vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6. | |||||
| CVE-2016-8525 | 1 Hp | 1 Intelligent Management Center | 2018-03-07 | 5.0 MEDIUM | 7.5 HIGH |
| A Remote Disclosure of Information vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version. | |||||
| CVE-2017-5812 | 1 Hp | 1 Network Automation | 2018-03-07 | 5.0 MEDIUM | 7.5 HIGH |
| A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. | |||||
| CVE-2017-5811 | 1 Hp | 1 Network Automation | 2018-03-07 | 7.8 HIGH | 7.5 HIGH |
| A remote code execution vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found. | |||||
| CVE-2017-5808 | 1 Hp | 1 Data Protector | 2018-03-07 | 7.8 HIGH | 7.5 HIGH |
| A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found. | |||||
| CVE-2017-5794 | 1 Hp | 1 Intelligent Management Center | 2018-03-07 | 9.0 HIGH | 8.8 HIGH |
| A Remote Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found. | |||||
| CVE-2017-5793 | 1 Hp | 1 Intelligent Management Center | 2018-03-07 | 9.0 HIGH | 8.8 HIGH |
| A Remote Arbitrary Code Execution vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found. | |||||
| CVE-2017-8952 | 1 Hp | 1 Sitescope | 2018-03-06 | 5.0 MEDIUM | 7.5 HIGH |
| A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found. | |||||
| CVE-2017-8951 | 1 Hp | 1 Sitescope | 2018-03-06 | 4.6 MEDIUM | 7.8 HIGH |
| A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found. | |||||
| CVE-2016-8515 | 1 Hp | 1 Version Control Repository Manager | 2018-03-06 | 6.5 MEDIUM | 8.8 HIGH |
| A remote malicious file upload vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6. | |||||
| CVE-2017-8955 | 1 Hp | 1 Intelligent Management Center | 2018-03-06 | 7.8 HIGH | 7.5 HIGH |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found. | |||||