Filtered by vendor Hp
Subscribe
Total
2465 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4388 | 1 Hp | 1 Keyview | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
| The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4389, and CVE-2016-4390. | |||||
| CVE-2016-4368 | 1 Hp | 3 Universal Cmbd Configuration Manager, Universal Cmbd Foundation, Universal Discovery | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | |||||
| CVE-2016-4360 | 1 Hp | 2 Loadrunner, Performance Center | 2025-04-12 | 6.4 MEDIUM | 9.1 CRITICAL |
| web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555. | |||||
| CVE-2015-5411 | 1 Hp | 1 Version Control Repository Manager | 2025-04-12 | 6.8 MEDIUM | N/A |
| HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2014-2621 | 1 Hp | 2 Imc Branch Intelligent Management System Software Module, Intelligent Management Center | 2025-04-12 | 7.8 HIGH | N/A |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2090. | |||||
| CVE-2016-4358 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 4.8 MEDIUM | 8.1 HIGH |
| HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029. | |||||
| CVE-2016-4376 | 2 Broadcom, Hp | 2 Fabric Operating System, Storefabric B Series Switch | 2025-04-12 | 7.8 HIGH | 6.5 MEDIUM |
| HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2014-7888 | 1 Hp | 6 Hybrid Pos Printer With Micr Us Fk184aa, Ole Point Of Sale Driver, Pusb Thermal Receipt Printer F7m67aa and 3 more | 2025-04-12 | 10.0 HIGH | N/A |
| The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMICR.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2512. | |||||
| CVE-2015-5413 | 1 Hp | 1 Version Control Repository Manager | 2025-04-12 | 4.0 MEDIUM | N/A |
| HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain privileges and obtain sensitive information via unspecified vectors. | |||||
| CVE-2015-7942 | 5 Apple, Canonical, Debian and 2 more | 9 Iphone Os, Mac Os X, Tvos and 6 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941. | |||||
| CVE-2014-2629 | 1 Hp | 1 Nonstop Safeguard Security | 2025-04-12 | 4.0 MEDIUM | N/A |
| HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time. | |||||
| CVE-2016-2243 | 3 Hp, Samsung, Zyxel | 30 1000 Series Firmware, 700 Series Firmware, 800 Series Firmware and 27 more | 2025-04-12 | 5.4 MEDIUM | 7.9 HIGH |
| Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access. | |||||
| CVE-2016-4386 | 1 Hp | 1 Network Automation | 2025-04-12 | 6.9 MEDIUM | 7.8 HIGH |
| HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified vectors. | |||||
| CVE-2016-1997 | 1 Hp | 2 Operations Orchestration, Operations Orchestration Content | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | |||||
| CVE-2016-2010 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2011. | |||||
| CVE-2016-2015 | 1 Hp | 1 System Management Homepage | 2025-04-12 | 6.6 MEDIUM | 7.1 HIGH |
| HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2016-2009 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | 6.5 MEDIUM | 8.8 HIGH |
| HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | |||||
| CVE-2015-5424 | 1 Hp | 1 Keyview | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2885. | |||||
| CVE-2014-2602 | 1 Hp | 1 Oneview | 2025-04-12 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2015-2115 | 1 Hp | 1 Capture And Route Software | 2025-04-12 | 2.7 LOW | N/A |
| Unspecified vulnerability in HP Capture and Route Software (HPCR) 1.3 before Patch 7, 1.3 FP1 before Patch 1, and 1.4 before Patch 1 allows remote authenticated users to obtain sensitive information via unknown vectors. | |||||