Filtered by vendor Hp
Subscribe
Search
Total
2223 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3272 | 1 Hp | 7 Color Laserjet Cm3530, Color Laserjet Cm60xx, Color Laserjet Cp3525 and 4 more | 2013-01-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability on the HP Color LaserJet CM3530 with firmware before 53.190.9, Color LaserJet CM60xx with firmware before 52.210.9, Color LaserJet CP3525 with firmware before 06.140.3 18, Color LaserJet CP4xxx with firmware before 07.120.6, Color LaserJet CP6015 with firmware before 04.160.3, LaserJet P3015 with firmware before 07.140.3, and LaserJet P4xxx with firmware before 04.170.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-4789 | 1 Hp | 1 Diagnostics | 2012-11-28 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it was originally reported that the affected product is HP Diagnostics Server, but HP states that "the vulnerable product is actually HP LoadRunner." | |||||
| CVE-2011-4788 | 1 Hp | 3 Storageworks P2000 G3 Msa Fc\/iscsi Dual Combo Controller Lff Array System, Storageworks P2000 G3 Msa Fibre Channel Dual Controller Lff Array System, Storageworks P2000 G3 Msa Fibre Channel Dual Controller Sff Array System | 2012-11-28 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI. | |||||
| CVE-2008-4415 | 1 Hp | 1 Service Manager | 2012-10-31 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 allows remote authenticated users to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-4161 | 1 Hp | 41 Color Laserjet 3000, Color Laserjet 3800, Color Laserjet 4700 and 38 more | 2012-09-18 | 10.0 HIGH | N/A |
| The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update. | |||||
| CVE-2012-4362 | 1 Hp | 2 San\/iq, Virtual San Appliance | 2012-08-21 | 4.0 MEDIUM | N/A |
| hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838. | |||||
| CVE-2012-4361 | 1 Hp | 2 San\/iq, Virtual San Appliance | 2012-08-21 | 7.7 HIGH | N/A |
| lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter. | |||||
| CVE-2012-2986 | 1 Hp | 2 San\/iq, Virtual San Appliance | 2012-08-21 | 7.7 HIGH | N/A |
| lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361. | |||||
| CVE-2012-0134 | 1 Hp | 1 Openvms | 2012-08-14 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64 platform allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2011-3846 | 1 Hp | 1 System Management Homepage | 2012-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts. | |||||
| CVE-2011-4160 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Operations Agent, Performance Agent and 3 more | 2012-02-17 | 3.2 LOW | N/A |
| Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors. | |||||
| CVE-2011-3168 | 1 Hp | 1 Tcp Ip Services Openvms | 2012-02-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the POP and IMAP service implementations in HP TCP/IP Services 5.6 and 5.7 for OpenVMS allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2011-3165 | 1 Hp | 1 Openview Network Node Manager | 2012-02-15 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1208. | |||||
| CVE-2011-3166 | 1 Hp | 1 Openview Network Node Manager | 2012-02-15 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1209. | |||||
| CVE-2011-3167 | 1 Hp | 1 Openview Network Node Manager | 2012-02-15 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210. | |||||
| CVE-2011-3169 | 1 Hp | 1 Tcp Ip Services Openvms | 2012-02-15 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the SMTP service implementation in HP TCP/IP Services 5.6 and 5.7 for OpenVMS allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2011-4155 | 1 Hp | 1 Network Node Manager I | 2012-02-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4156. | |||||
| CVE-2011-4156 | 1 Hp | 1 Network Node Manager I | 2012-02-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4155. | |||||
| CVE-2011-3163 | 1 Hp | 1 Multifunction Peripheral Digital Sending Software | 2012-02-14 | 1.2 LOW | N/A |
| HP MFP Digital Sending Software 4.9x through 4.91.21 allows local users to obtain sensitive workflow-metadata information via unspecified vectors. | |||||
| CVE-2011-3155 | 1 Hp | 1 Onboard Administrator | 2012-02-14 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in HP Onboard Administrator (OA) 3.21 through 3.31 allows remote attackers to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2011-2412 | 1 Hp | 1 Business Service Automation Essentials | 2012-02-14 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Business Service Automation (BSA) Essentials 2.01 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2009-3999 | 1 Hp | 1 Power Manager | 2012-02-14 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter. | |||||
| CVE-2011-4163 | 1 Hp | 1 Database Archiving Software | 2012-02-02 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1213. | |||||
| CVE-2011-4164 | 1 Hp | 1 Database Archiving Software | 2012-02-02 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1214. | |||||
| CVE-2011-4165 | 1 Hp | 1 Database Archiving Software | 2012-02-02 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1263. | |||||
| CVE-2011-2404 | 1 Hp | 1 Easy Printer Care Software | 2012-01-14 | 7.5 HIGH | N/A |
| A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-4786 and CVE-2011-4787. | |||||
| CVE-2011-3337 | 4 Eeye, Hp, Sgi and 1 more | 5 Digital Security Audits, Retina Network Security Scanner, Hp-ux and 2 more | 2012-01-04 | 6.9 MEDIUM | N/A |
| eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/. | |||||
| CVE-2011-1855 | 1 Hp | 1 Network Node Manager I | 2011-09-22 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows local users to read or modify (1) log files or (2) other data via unknown vectors. | |||||
| CVE-2011-1537 | 1 Hp | 1 Proliant Support Pack | 2011-09-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1544 | 1 Hp | 1 Insight Control Performance Management | 2011-09-22 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Insight Control Performance Management before 6.3 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2011-1543 | 1 Hp | 1 Systems Insight Manager | 2011-09-22 | 4.3 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2011-1536 | 1 Hp | 1 Performance Insight | 2011-09-22 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Performance Insight 5.0, 5.1x. 5.2x, 5.3x, 5.4, 5.41, and 5.41.002 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2011-1545 | 1 Hp | 1 Insight Control Performance Management | 2011-09-22 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2011-1542 | 1 Hp | 1 Systems Insight Manager | 2011-09-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1724 | 1 Hp | 1 Virtual Server Environment | 2011-09-22 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Virtual Server Environment before 6.3 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2011-1538 | 1 Hp | 1 Proliant Support Pack | 2011-09-22 | 4.9 MEDIUM | N/A |
| Open redirect vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote authenticated users to redirect other users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2011-1539 | 1 Hp | 1 Proliant Support Pack | 2011-09-22 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2011-1540 | 1 Hp | 1 System Management Homepage | 2011-09-22 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-1541 | 1 Hp | 1 System Management Homepage | 2011-09-22 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors. | |||||
| CVE-2011-0893 | 1 Hp | 1 Operations | 2011-09-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX platforms allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-0892 | 1 Hp | 1 Diagnostics | 2011-09-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Diagnostics 7.5x and 8.0x before 8.05.54.225 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2011-0894 | 1 Hp | 1 Operations | 2011-09-22 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in HP Operations 9.10 on UNIX platforms allows remote authenticated users to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2009-5097 | 1 Hp | 1 Palm Pre Webos | 2011-09-14 | 7.1 HIGH | N/A |
| Palm Pre WebOS 1.1 and earlier processes JavaScript in email messages, which allows remote attackers to execute arbitrary JavaScript, as demonstrated by reading PalmDatabase.db3. | |||||
| CVE-2011-1737 | 1 Hp | 1 Palm Webos | 2011-09-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Email application in HP Palm webOS 1.4.5 and 1.4.5.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1738 | 1 Hp | 1 Palm Webos | 2011-09-07 | 7.2 HIGH | N/A |
| HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access. | |||||
| CVE-2011-1856 | 1 Hp | 1 Business Availability Center | 2011-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.06 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2009-5071 | 1 Hp | 1 Palm Pre Webos | 2011-04-27 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown impact and attack vectors related to an "included contact template file." | |||||
| CVE-2011-0891 | 1 Hp | 1 Hp-ux | 2011-04-21 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2011-0278 | 1 Hp | 1 Web Jetadmin | 2011-03-18 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 and 4 allows local users to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2008-4418 | 1 Hp | 1 Hp-ux | 2011-03-08 | 7.8 HIGH | N/A |
| Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors. | |||||