Filtered by vendor Hp
Subscribe
Search
Total
1323 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1661 | 1 Hp | 1 Storageworks Storage Mirroring | 2017-08-08 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring (SWSM) before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request. | |||||
| CVE-2007-6519 | 1 Hp | 1 Tru64 | 2017-08-08 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors. | |||||
| CVE-2007-6513 | 1 Hp | 1 Esupportdiagnostics | 2017-08-08 | 4.3 MEDIUM | N/A |
| HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allows remote attackers to (1) read arbitrary files via the ReadTextFile method, or (2) read arbitrary registry values via the ReadValue method. | |||||
| CVE-2008-0706 | 2 Compaq, Hp | 4 Presario A900, Presario C700, G7000 and 1 more | 2017-08-08 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password. | |||||
| CVE-2008-0707 | 1 Hp | 2 Hp-ux, Storageworks Library And Tape Tools | 2017-08-08 | 7.2 HIGH | N/A |
| HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B.11.11 and B.11.23 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2008-0704 | 1 Hp | 3 Alpha, Integrity, Open Vms Tcp-ip Services | 2017-08-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain unspecified access via unknown vectors. | |||||
| CVE-2008-0952 | 1 Hp | 1 Instant Support | 2017-08-08 | 9.3 HIGH | N/A |
| The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953. | |||||
| CVE-2008-0953 | 1 Hp | 1 Instant Support | 2017-08-08 | 10.0 HIGH | N/A |
| The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953. | |||||
| CVE-2008-0711 | 1 Hp | 4 Bl860c, Rx2660, Rx3600 and 1 more | 2017-08-08 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the embedded management console in HP iLO-2 Management Processors (iLO-2 MP), as used in Integrity Servers rx2660, rx3600, and rx6600, and Integrity Blade Server model bl860c, allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2008-0712 | 1 Hp | 1 Software Update | 2017-08-08 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ActiveX control in hpediag.dll in HP Software Update 4.000.009.002 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors. NOTE: this might overlap CVE-2007-6513. | |||||
| CVE-2008-0709 | 4 Hp, Microsoft, Redhat and 1 more | 6 Hp-ux, Select Identity, Windows 2003 Server and 3 more | 2017-08-08 | 5.5 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to access other user accounts via unknown vectors, a different issue than CVE-2008-0214. | |||||
| CVE-2008-0708 | 1 Hp | 3 442084-b21, 442085-b21, Proliant | 2017-08-08 | 4.6 MEDIUM | N/A |
| HP USB 2.0 Floppy Drive Key product options (1) 442084-B21 and (2) 442085-B21 for certain HP ProLiant servers contain the (a) W32.Fakerecy and (b) W32.SillyFDC worms, which might be launched if the server does not have up-to-date detection. | |||||
| CVE-2007-6194 | 1 Hp | 1 Select Identity | 2017-07-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 and 4.1x before 4.13.003 allows remote attackers to obtain unspecified access via unknown vectors. | |||||
| CVE-2007-5604 | 1 Hp | 1 Instant Support | 2017-07-29 | 7.5 HIGH | N/A |
| Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607. | |||||
| CVE-2007-5610 | 1 Hp | 1 Instant Support | 2017-07-29 | 10.0 HIGH | N/A |
| The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument. | |||||
| CVE-2007-5608 | 1 Hp | 1 Instant Support | 2017-07-29 | 9.3 HIGH | N/A |
| The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953. | |||||
| CVE-2007-5607 | 1 Hp | 1 Instant Support | 2017-07-29 | 7.5 HIGH | N/A |
| Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606. | |||||
| CVE-2007-5606 | 1 Hp | 1 Instant Support | 2017-07-29 | 10.0 HIGH | N/A |
| Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607. | |||||
| CVE-2007-5605 | 1 Hp | 1 Instant Support | 2017-07-29 | 9.3 HIGH | N/A |
| Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607. | |||||
| CVE-2007-4241 | 2 Cisco, Hp | 2 Local Director, Hp-ux | 2017-07-29 | 10.0 HIGH | N/A |
| Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for Cisco Local Director on HP-UX 11.11i allows remote attackers to execute arbitrary code via a long string to TCP port 17781. | |||||
| CVE-2007-3260 | 1 Hp | 1 System Management Homepage | 2017-07-29 | 9.0 HIGH | N/A |
| HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges. | |||||
| CVE-2007-3872 | 1 Hp | 2 Openview Operations, Shared Trace Service | 2017-07-29 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests. | |||||
| CVE-2007-4514 | 1 Hp | 1 Procurve Manager | 2017-07-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors. | |||||
| CVE-2007-3729 | 1 Hp | 1 Openvms | 2017-07-29 | 5.0 MEDIUM | N/A |
| The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid POP usernames. | |||||
| CVE-2007-3045 | 2 Hitachi, Hp | 3 Hi Ux We2, Tp1 Net Osi-tp-extended, Hp-ux | 2017-07-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Hitachi TP1/NET/OSI-TP-Extended on HI-UX/WE2 before 20070213, and on HP-UX before 20070314, allows remote attackers to cause a denial of service via certain data to a port. | |||||
| CVE-2007-3062 | 1 Hp | 1 System Management Homepage | 2017-07-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-1882 | 1 Hp | 1 Mercury Quality Center | 2017-07-29 | 6.5 MEDIUM | N/A |
| qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method. | |||||
| CVE-2007-2998 | 1 Hp | 1 Openvms | 2017-07-29 | 4.9 MEDIUM | N/A |
| The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service (system crash) via certain Pascal code. | |||||
| CVE-2007-2502 | 1 Hp | 1 Procurve Switch 9300m | 2017-07-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.01j allows remote attackers to cause a denial of service via unknown vectors, a different switch series than CVE-2006-4015. | |||||
| CVE-2007-2191 | 7 Bsd, Freepbx, Hp and 4 more | 8 Bsd, Freepbx, Hp-ux and 5 more | 2017-07-29 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php. | |||||
| CVE-2007-3044 | 2 Hitachi, Hp | 3 Hi Ux We2, Xp W, Hp-ux | 2017-07-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Map I/O Service (xpwmap) in Hitachi XP/W on HI-UX/WE2 before 20070319, and XP/W on HP-UX before 20070405, allows remote attackers to cause a denial of service via certain data to the service port. | |||||
| CVE-2007-1945 | 5 Hp, Ibm, Linux and 2 more | 9 Hp-ux, Aix, I5os and 6 more | 2017-07-29 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors. | |||||
| CVE-2007-1819 | 1 Hp | 1 Mercury Quality Center | 2017-07-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property. | |||||
| CVE-2007-2791 | 1 Hp | 1 Tru64 | 2017-07-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout. | |||||
| CVE-2007-2275 | 1 Hp | 3 Storageworks Command View, Storageworks Replication Monitor, Storageworks Tiered Storage Manager | 2017-07-29 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in HP StorageWorks Command View Advanced Edition for XP before 5.6.0-01, XP Replication Monitor before 5.6.0-01, and XP Tiered Storage Manager before 5.5.0-02 allows local users to access other accounts via unspecified vectors during registration or addition of new users. | |||||
| CVE-2007-2351 | 1 Hp | 2 Hp-ux, Power Manager Remote Agent | 2017-07-29 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX B.11.11 and B.11.23 allows local users to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-2468 | 1 Hp | 1 Openvms | 2017-07-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 allows local users to cause a denial of service (crash) via "Program actions relating to exceptions." | |||||
| CVE-2007-0358 | 1 Hp | 1 Jetdirect Firmware | 2017-07-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the FTP server implementation in HP Jetdirect firmware x.20.nn through x.24.nn allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2007-0819 | 1 Hp | 1 Network Node Manager | 2017-07-29 | 7.2 HIGH | N/A |
| HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified bin\ovtrcsvc.exe for the HP Open View Shared Trace Service. | |||||
| CVE-2007-1772 | 1 Hp | 1 Jetdirect | 2017-07-29 | 7.1 HIGH | N/A |
| The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (engine crash) via a RETR command with a long pathname. | |||||
| CVE-2007-0915 | 1 Hp | 1 Hp-ux | 2017-07-29 | 10.0 HIGH | N/A |
| Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request. | |||||
| CVE-2007-1727 | 4 Hp, Linux, Microsoft and 1 more | 7 Hp-ux, Openview Network Node Manager, Linux Kernel and 4 more | 2017-07-29 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors. | |||||
| CVE-2007-1093 | 4 Hitachi, Hp, Microsoft and 1 more | 12 Cm2-network Node Manager, Cm2-network Node Manager 250, Hi Ux We2 and 9 more | 2017-07-29 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior. | |||||
| CVE-2003-1374 | 1 Hp | 1 Hp-ux | 2017-07-29 | 4.6 MEDIUM | N/A |
| Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. | |||||
| CVE-2003-1494 | 1 Hp | 1 Openview Network Node Manager | 2017-07-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet. | |||||
| CVE-2003-1495 | 1 Hp | 3 Insight Management Suite, Insight Manager, Remote Diagnostics Enabling Agent | 2017-07-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors. | |||||
| CVE-2003-1362 | 1 Hp | 2 Bastille, Hp-ux | 2017-07-29 | 7.8 HIGH | N/A |
| Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. | |||||
| CVE-2004-2753 | 1 Hp | 1 Hp-ux | 2017-07-29 | 5.6 MEDIUM | N/A |
| Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "files in a potentially insecure manner." | |||||
| CVE-2003-1496 | 1 Hp | 1 Tru64 | 2017-07-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840. | |||||
| CVE-2003-1360 | 1 Hp | 1 Hp-ux | 2017-07-29 | 7.2 HIGH | N/A |
| Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable. | |||||