Filtered by vendor Hp
Subscribe
Total
2499 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-4669 | 1 Hp | 1 Enterprise Maps | 2025-04-12 | 3.5 LOW | N/A |
| HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue. | |||||
| CVE-2015-5433 | 1 Hp | 2 Matrix Operating Environment, Virtual Connect Enterprise Manager Sdk | 2025-04-12 | 4.0 MEDIUM | N/A |
| HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2015-5434 | 1 Hp | 87 Jc072b Hp 12500 Main Processing Unit, Jc085a Hp A12518 Switch Chassis, Jc086a Hp A12508 Switch Chassis and 84 more | 2025-04-12 | 6.4 MEDIUM | 6.5 MEDIUM |
| HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping." | |||||
| CVE-2013-6204 | 1 Hp | 1 Application Information Optimizer | 2025-04-12 | 7.5 HIGH | N/A |
| The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004. | |||||
| CVE-2014-2645 | 1 Hp | 1 Systems Insight Manager | 2025-04-12 | 4.3 MEDIUM | N/A |
| HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to conduct clickjacking attacks via unknown vectors. | |||||
| CVE-2016-3705 | 5 Canonical, Debian, Hp and 2 more | 6 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 3 more | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references. | |||||
| CVE-2016-4357 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 7.5 HIGH | 8.1 HIGH |
| HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2028. | |||||
| CVE-2015-3143 | 5 Apple, Canonical, Debian and 2 more | 6 Mac Os X, Ubuntu Linux, Debian Linux and 3 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. | |||||
| CVE-2014-7877 | 1 Hp | 1 Hp-ux | 2025-04-12 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2014-7884 | 1 Hp | 1 Arcsight Logger | 2025-04-12 | 9.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors. | |||||
| CVE-2014-2622 | 1 Hp | 2 Imc Branch Intelligent Management System Software Module, Intelligent Management Center | 2025-04-12 | 8.5 HIGH | N/A |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors, aka ZDI-CAN-2312. | |||||
| CVE-2014-2614 | 1 Hp | 1 Sitescope | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and 11.2x through 11.24 allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-2140. | |||||
| CVE-2013-6200 | 1 Hp | 1 Hp-ux | 2025-04-12 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors. | |||||
| CVE-2014-7891 | 1 Hp | 3 Ole Point Of Sale Driver, Pos Keyboard Fk221aa, Pos Keyboard With Msr Fk218aa | 2025-04-12 | 10.0 HIGH | N/A |
| The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSPOSKeyboard.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2509. | |||||
| CVE-2015-5432 | 1 Hp | 2 Matrix Operating Environment, Virtual Connect Enterprise Manager Sdk | 2025-04-12 | 7.5 HIGH | N/A |
| HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2014-2647 | 1 Hp | 1 Operations Agent | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP Operations Manager (formerly OpenView Communications Broker) before 11.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2016-4448 | 9 Apple, Hp, Mcafee and 6 more | 21 Icloud, Iphone Os, Itunes and 18 more | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. | |||||
| CVE-2015-6029 | 1 Hp | 1 Arcsight Logger | 2025-04-12 | 5.0 MEDIUM | N/A |
| HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach. | |||||
| CVE-2014-2606 | 1 Hp | 10 Storage Management Software, Storevirtual 4130, Storevirtual 4330 and 7 more | 2025-04-12 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVirtual VSA 9.5 through 11.0 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2016-1986 | 1 Hp | 1 Continuous Delivery Automation | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | |||||