Filtered by vendor Hp
Subscribe
Search
Total
1323 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7892 | 1 Hp | 8 Integrated Single Head Msr W\/o Sred J1a33aa, Integrated Single Head W\/o Msr Sred J1a34aa, Mini Msr Fk186aa and 5 more | 2019-10-09 | 10.0 HIGH | N/A |
| The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMSR.ocx for Mini MSR magnetic stripe readers, Retail Integrated Dual-Head MSR magnetic stripe readers, Integrated Single Head MSR w/o SRED magnetic stripe readers, Integrated Single Head w/o MSR SRED magnetic stripe readers, RP7 Single Head MSR w/o SRED magnetic stripe readers, POS keyboards, and POS keyboards with MSR, aka ZDI-CAN-2508. | |||||
| CVE-2014-7884 | 1 Hp | 1 Arcsight Logger | 2019-10-09 | 9.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors. | |||||
| CVE-2014-7879 | 1 Hp | 1 Hp-ux | 2019-10-09 | 8.5 HIGH | N/A |
| HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors. | |||||
| CVE-2014-7881 | 1 Hp | 1 Insight Control Server Deployment | 2019-10-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the server in HP Insight Control allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-7883 | 1 Hp | 1 Universal Configuration Management Database | 2019-10-09 | 5.0 MEDIUM | N/A |
| HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response. | |||||
| CVE-2014-7876 | 1 Hp | 3 Integrated Lights-out 2 Firmware, Integrated Lights-out 4 Firmware, Integrated Lights-out Chassis Management Firmware | 2019-10-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors. | |||||
| CVE-2014-2649 | 2 Hp, Linux | 2 Operations Manager, Kernel | 2019-10-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Operations Manager 9.20 on UNIX allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2014-4661 | 1 Hp | 1 Records Manager | 2019-10-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-2646 | 1 Hp | 1 Network Automation | 2019-10-09 | 7.2 HIGH | N/A |
| Unspecified vulnerability in HP Network Automation 9.10 and 9.20 allows local users to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2014-2635 | 1 Hp | 1 Sprinter | 2019-10-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2343. | |||||
| CVE-2014-2639 | 1 Hp | 1 Mpio Device Specific Module Manager | 2019-10-09 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in HP MPIO Device Specific Module Manager before 4.02.00 allows local users to gain privileges via unknown vectors. | |||||
| CVE-2014-2648 | 2 Hp, Linux | 2 Operations Manager, Linux Kernel | 2019-10-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on UNIX allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2014-2637 | 1 Hp | 1 Sprinter | 2019-10-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2342. | |||||
| CVE-2014-2641 | 1 Hp | 1 System Management Homepage | 2019-10-09 | 6.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2014-2638 | 1 Hp | 1 Sprinter | 2019-10-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2344. | |||||
| CVE-2014-2642 | 1 Hp | 1 System Management Homepage | 2019-10-09 | 4.3 MEDIUM | N/A |
| HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2014-2643 | 1 Hp | 1 Systems Insight Manager | 2019-10-09 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2014-2628 | 1 Hp | 1 Enterprise Maps | 2019-10-09 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Enterprise Maps 1 allows remote authenticated users to obtain sensitive information via unknown vectors. | |||||
| CVE-2014-2636 | 1 Hp | 1 Sprinter | 2019-10-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2336. | |||||
| CVE-2014-2611 | 1 Hp | 1 Executive Scorecard | 2019-10-09 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120. | |||||
| CVE-2014-2618 | 1 Hp | 2 Imc Branch Intelligent Management System Software Module, Intelligent Management Center | 2019-10-09 | 7.8 HIGH | N/A |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2080. | |||||
| CVE-2014-2644 | 1 Hp | 1 Systems Insight Manager | 2019-10-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2014-2647 | 1 Hp | 1 Operations Agent | 2019-10-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP Operations Manager (formerly OpenView Communications Broker) before 11.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-2600 | 1 Hp | 2 Icewall Identity Manager, Icewall Sso Password Reset Option | 2019-10-09 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in HP IceWall Identity Manager 4.0 through SP1 and 5.0 and IceWall SSO 10.0 Password Reset Option, when Apache Commons FileUpload is used, allows remote authenticated users to cause a denial of service via unknown vectors. | |||||
| CVE-2014-2602 | 1 Hp | 1 Oneview | 2019-10-09 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2014-2603 | 1 Hp | 7 8\/20q Fibre Channel Switch 16 Port, 8\/20q Fibre Channel Switch 8 Port, 8gb Simple San Connection Kit and 4 more | 2019-10-09 | 1.7 LOW | N/A |
| Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and 8Gb Simple SAN Connection Kit with firmware before 8.0.14.08.00 allows remote authenticated users to obtain sensitive information via unknown vectors. | |||||
| CVE-2014-2645 | 1 Hp | 1 Systems Insight Manager | 2019-10-09 | 4.3 MEDIUM | N/A |
| HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to conduct clickjacking attacks via unknown vectors. | |||||
| CVE-2014-2607 | 1 Hp | 1 Operations Manager I | 2019-10-09 | 8.5 HIGH | N/A |
| Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role. | |||||
| CVE-2014-2640 | 1 Hp | 1 System Management Homepage | 2019-10-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-6204 | 1 Hp | 1 Application Information Optimizer | 2019-10-09 | 7.5 HIGH | N/A |
| The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004. | |||||
| CVE-2013-6203 | 1 Hp | 1 Application Information Optimizer | 2019-10-09 | 7.5 HIGH | N/A |
| The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-1656. | |||||
| CVE-2013-4830 | 1 Hp | 1 Service Manager | 2019-10-09 | 7.5 HIGH | N/A |
| HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach. | |||||
| CVE-2013-4832 | 1 Hp | 1 Service Manager | 2019-10-09 | 4.0 MEDIUM | N/A |
| HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-4831 | 1 Hp | 1 Service Manager | 2019-10-09 | 5.5 MEDIUM | N/A |
| HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2013-6205 | 1 Hp | 2 Insight Control Server Deployment, Rapid Deployment Pack | 2019-10-09 | 4.1 MEDIUM | N/A |
| Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insight Control Server Deployment allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. | |||||
| CVE-2013-6201 | 1 Hp | 1 Security Management System | 2019-10-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Security Management System 3.3.0, 3.5.0 before patch 1, and 3.6.0 before patch 2 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2013-6194 | 1 Hp | 1 Storage Data Protector | 2019-10-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1905. | |||||
| CVE-2013-6195 | 1 Hp | 1 Storage Data Protector | 2019-10-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-2008. | |||||
| CVE-2013-4828 | 1 Hp | 22 Color Laserjet Cm4540, Color Laserjet Cm4540f, Color Laserjet Cm4540fskm and 19 more | 2019-10-09 | 4.3 MEDIUM | N/A |
| HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices do not properly encrypt PDF documents, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-6202 | 1 Hp | 1 Service Manager | 2019-10-09 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code. | |||||
| CVE-2013-4833 | 1 Hp | 1 Service Manager | 2019-10-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-6200 | 1 Hp | 1 Hp-ux | 2019-10-09 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors. | |||||
| CVE-2013-6206 | 1 Hp | 2 Insight Control Server Deployment, Rapid Deployment Pack | 2019-10-09 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insight Control Server Deployment allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. | |||||
| CVE-2013-4823 | 1 Hp | 2 Imc Branch Intelligent Management System Software Module, Intelligent Management Center | 2019-10-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607. | |||||
| CVE-2013-4824 | 1 Hp | 2 Imc Service Operation Management Software Module, Intelligent Management Center | 2019-10-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-1644. | |||||
| CVE-2013-4844 | 1 Hp | 2 Service Center, Service Manager | 2019-10-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2013-4814 | 1 Hp | 1 Xp 9000 Command View | 2019-10-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP XP P9000 Command View Advanced Edition Suite Software 7.x before 7.5.0-02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-4827 | 1 Hp | 2 Imc Service Operation Management Software Module, Intelligent Management Center | 2019-10-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZDI-CAN-1664. | |||||
| CVE-2013-4845 | 1 Hp | 2 Officejet Pro 8500, Officejet Pro 8500 Firmware | 2019-10-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability on HP Officejet Pro 8500 (aka A909) All-in-One printers allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-4821 | 1 Hp | 1 System Management Homepage | 2019-10-09 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors. | |||||