Filtered by vendor Hp
Subscribe
Search
Total
2223 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4030 | 1 Hp | 1 Insight Control Performance Management | 2017-08-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-4031 | 1 Hp | 1 Insight Control Performance Management | 2017-08-17 | 8.0 HIGH | N/A |
| Unspecified vulnerability in HP Insight Control Performance Management before 6.2 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2010-4032 | 1 Hp | 1 Insight Control Performance Management | 2017-08-17 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2010-4100 | 1 Hp | 1 Insight Control Performance Management | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Insight Control Performance Management before 6.1 update 2 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2010-4103 | 1 Hp | 1 Insight Managed System Setup Wizard | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Insight Managed System Setup Wizard before 6.2 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2010-4106 | 1 Hp | 1 Insight Control For Linux | 2017-08-17 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Control for Linux before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2010-4107 | 1 Hp | 8 9000, Color Laserjet Mfp, Laserjet 4100 and 5 more | 2017-08-17 | 7.8 HIGH | N/A |
| The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack. | |||||
| CVE-2011-0279 | 1 Hp | 1 Multifunction Peripheral Digital Sending Software | 2017-08-17 | 2.1 LOW | N/A |
| HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication. | |||||
| CVE-2011-0889 | 1 Hp | 1 Client Automation Enterprise | 2017-08-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA or Radia Notify) 5.11, 7.2, 7.5, 7.8, and 7.9 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-0770 | 1 Hp | 7 Arcsight C1000 Appliance, Arcsight C1300 Appliance, Arcsight C3200 Appliance and 4 more | 2017-08-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 allows remote attackers to inject arbitrary web script or HTML via the Windows XP variable in a file. | |||||
| CVE-2011-0890 | 2 Hp, Microsoft | 2 Discovery\&dependency Mapping Inventory, Windows | 2017-08-17 | 5.0 MEDIUM | N/A |
| HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community. | |||||
| CVE-2011-0263 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in ovas.exe in the OVAS service in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) Source Node or (2) Destination Node variable. | |||||
| CVE-2011-0264 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long COOKIE variable. | |||||
| CVE-2010-4267 | 1 Hp | 1 Linux Imaging And Printing Project | 2017-08-17 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value. | |||||
| CVE-2011-0896 | 1 Hp | 2 Hp-ux, Nfs\/oncplus | 2017-08-17 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on HP-UX B.11.31 allows remote authenticated users to cause a denial of service via unknown vectors. | |||||
| CVE-2011-0265 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long data_select1 parameter. | |||||
| CVE-2011-0275 | 1 Hp | 1 Openview Storage Data Protector | 2017-08-17 | 7.1 HIGH | N/A |
| Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2011-0266 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long nameParams parameter, a different vulnerability than CVE-2011-0267.2. | |||||
| CVE-2011-0267 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266. | |||||
| CVE-2010-1033 | 1 Hp | 1 Operations Manager | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argument to the (1) LoadFile or (2) SaveFile method, related to srcvw32.dll and srcvw4.dll. | |||||
| CVE-2010-3290 | 1 Hp | 1 Systems Insight Manager | 2017-08-17 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2010-1586 | 1 Hp | 1 System Management Homepage | 2017-08-17 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter. | |||||
| CVE-2010-1558 | 2 Hp, Microsoft | 2 Multifunction Peripheral Digital Sending Software, Windows | 2017-08-17 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors. | |||||
| CVE-2010-3289 | 1 Hp | 1 Systems Insight Manager | 2017-08-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-1962 | 1 Hp | 1 Storageworks Storage Mirroring | 2017-08-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.2.1.870.0 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2010-2709 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie. | |||||
| CVE-2010-2711 | 2 Apple, Hp | 2 Ipad, Magcloud | 2017-08-17 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the HP MagCloud app before 1.0.5 for the iPad allows remote attackers to read and modify MagCloud application data via unknown vectors. | |||||
| CVE-2010-0443 | 1 Hp | 2 Openvms, Openvms Rms | 2017-08-17 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Record Management Services (RMS) before VMS83A_RMS-V1100 for HP OpenVMS on the Alpha platform allows local users to gain privileges via unknown vectors. | |||||
| CVE-2009-3843 | 1 Hp | 1 Operations Manager | 2017-08-17 | 10.0 HIGH | N/A |
| HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload. | |||||
| CVE-2009-4777 | 4 Hitachi, Hp, Microsoft and 1 more | 17 Job Management Partner 1\/automatic Job Management System 2-view, Job Management Partner 1\/integrated Management-view, Job Management Partner 1\/integrated Manager-console View and 14 more | 2017-08-17 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in multiple versions of Hitachi JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer, allows remote attackers to cause a denial of service ("abnormal" termination) via vectors related to the display of an "invalid GIF file." | |||||
| CVE-2009-3977 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in a certain ActiveX control in ActiveDom.ocx in HP OpenView Network Node Manager (OV NNM) 7.53 might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via a long string argument to the (1) DisplayName, (2) AddGroup, (3) InstallComponent, or (4) Subscribe method. NOTE: this issue is not a vulnerability in many environments, because the control is not marked as safe for scripting and would not execute with default Internet Explorer settings. | |||||
| CVE-2009-3847 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2009-1423 | 1 Hp | 3 Procurve Switch 5400zl, Procurve Switch 8200zl, Procurve Threat Management Services Zl Module | 2017-08-17 | 7.8 HIGH | N/A |
| Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and earlier allows remote attackers to cause a denial of service via unknown vectors, aka PR_39898, a different vulnerability than CVE-2009-1424 and CVE-2009-1425. | |||||
| CVE-2009-2677 | 1 Hp | 1 Insight Control Suite For Linux | 2017-08-17 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Control Suite For Linux (aka ICE-LX) before 2.11 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2009-2678 | 1 Hp | 1 Nonstop Server | 2017-08-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Open System Services (OSS) Name Server on HP NonStop G06.27, G06.28, G06.29, G06.30, H06.06, H06.07, H06.08, and J06.03 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2009-2680 | 1 Hp | 4 Storageworks 1\/8 G2 Tape Autoloader, Storageworks Msl2024 Tape Library, Storageworks Msl4048 Tape Library and 1 more | 2017-08-17 | 8.5 HIGH | N/A |
| Unspecified vulnerability in the Remote Management Interface (RMI) for MSL Tape Libraries and 1/8 G2 Tape Autoloaders in HP StorageWorks 1/8 G2 Tape Autoloader firmware 2.30 and earlier, MSL2024 Tape Library firmware 4.20 and earlier, MSL4048 Tape Library firmware 6.50 and earlier, and MSL8096 Tape Library firmware 8.90 and earlier allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2009-1418 | 1 Hp | 1 System Management Homepage | 2017-08-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2009-1425 | 1 Hp | 3 Procurve Switch 5400zl, Procurve Switch 8200zl, Procurve Threat Management Services Zl Module | 2017-08-17 | 7.8 HIGH | N/A |
| Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and earlier allows remote attackers to cause a denial of service by triggering a stop or crash in httpd, aka PR_18770, a different vulnerability than CVE-2009-1423 and CVE-2009-1424. | |||||
| CVE-2016-4382 | 1 Hp | 1 Performance Center | 2017-08-13 | 6.0 MEDIUM | 8.3 HIGH |
| HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue. | |||||
| CVE-2009-0206 | 1 Hp | 2 Hp-ux, Oncplus | 2017-08-08 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in NFS in HP ONCplus B.11.31.05 and earlier for HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2009-0204 | 1 Hp | 1 Select Access | 2017-08-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Select Access 6.1 and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-4414 | 1 Hp | 1 Tru64 | 2017-08-08 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the AdvFS showfile command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2008-4411 | 1 Hp | 1 System Management Homepage | 2017-08-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663. | |||||
| CVE-2008-4413 | 1 Hp | 2 Hp-ux, System Management Homepage | 2017-08-08 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions. | |||||
| CVE-2008-4412 | 1 Hp | 1 Systems Insight Manager | 2017-08-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2008-4052 | 1 Hp | 1 Openvms | 2017-08-08 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in SMGSHR.EXE in OpenVMS for Integrity Servers 8.2-1, 8.3, and 8.3-1H1 and OpenVMS ALPHA 7.3-2, 8.2, and 8.3 allows local users to cause a denial of service (crash) or gain privileges via unspecified vectors. | |||||
| CVE-2008-3947 | 1 Hp | 1 Openvms | 2017-08-08 | 7.2 HIGH | N/A |
| DCL (aka the CLI) in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line. | |||||
| CVE-2008-3940 | 1 Hp | 1 Openvms | 2017-08-08 | 4.4 MEDIUM | N/A |
| Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file. | |||||
| CVE-2008-3946 | 1 Hp | 1 Openvms | 2017-08-08 | 4.9 MEDIUM | N/A |
| The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file. | |||||
| CVE-2008-3539 | 2 Hp, Microsoft | 12 Hpsi Acf2 Connector, Hpsi Active Directory Connector, Hpsi Bidir Dirx Connector and 9 more | 2017-08-08 | 2.1 LOW | N/A |
| Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in HPSI Active Directory Connector 2.30 and earlier, HPSI SunOne Connector 1.14 and earlier, HPSI eDirectory Connector 1.12 and earlier, HPSI eTrust Connector 1.02 and earlier, HPSI OID Connector 1.02 and earlier, HPSI IBM Tivoli Dir Connector 1.02 and earlier, HPSI TOPSecret Connector 2.22.001 and earlier, HPSI RACF Connector 1.12.001 and earlier, HPSI ACF2 Connector 1.02 and earlier, HPSI OpenLDAP Connector 1.02 and earlier, and HPSI BiDir DirX Connector 1.00.003 and earlier, allows local users to obtain sensitive information via unknown vectors. | |||||