Filtered by vendor Hp
Subscribe
Total
2460 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3286 | 1 Hp | 1 Systems Insight Manager | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Systems Insight Manager (SIM) 6.0 and 6.1 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2012-3257 | 1 Hp | 1 Business Availability Center | 2025-04-11 | 4.6 MEDIUM | N/A |
| HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors. | |||||
| CVE-2011-0514 | 1 Hp | 1 Data Protector Manager | 2025-04-11 | 5.0 MEDIUM | N/A |
| The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denial of service (crash) via a packet with a large data size to TCP port 1530. | |||||
| CVE-2011-0921 | 1 Hp | 1 Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
| crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username. | |||||
| CVE-2010-1556 | 3 Hp, Linux, Microsoft | 4 Hp-ux, Systems Insight Manager, Linux Kernel and 1 more | 2025-04-11 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 Update 1, and 6.0 allows remote attackers to obtain sensitive information and modify data via unknown vectors. | |||||
| CVE-2011-4160 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Operations Agent, Performance Agent and 3 more | 2025-04-11 | 3.2 LOW | N/A |
| Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors. | |||||
| CVE-2013-2347 | 1 Hp | 1 Storage Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
| The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885. | |||||
| CVE-2011-0262 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
| Buffer overflow in the stringToSeconds function in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via large values of variables to jovgraph.exe. | |||||
| CVE-2010-0447 | 1 Hp | 1 Openview Performance Insight | 2025-04-11 | 10.0 HIGH | N/A |
| The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document. | |||||
| CVE-2011-2408 | 1 Hp | 1 Palm Webos | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-4784 | 1 Hp | 1 Integrated Lights-out Bmc | 2025-04-11 | 10.0 HIGH | N/A |
| The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. | |||||
| CVE-2011-4162 | 1 Hp | 1 Protecttools Device Access Manager | 2025-04-11 | 7.5 HIGH | N/A |
| The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless methods in HP Protect Tools Device Access Manager (PTDAM) before 6.1.0.1 allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a long SidString argument. | |||||
| CVE-2011-1538 | 1 Hp | 1 Proliant Support Pack | 2025-04-11 | 4.9 MEDIUM | N/A |
| Open redirect vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote authenticated users to redirect other users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2011-0895 | 1 Hp | 1 Network Node Manager I | 2025-04-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and 8.1x allows remote authenticated users to obtain sensitive information via unknown vectors. | |||||
| CVE-2011-4155 | 1 Hp | 1 Network Node Manager I | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4156. | |||||
| CVE-2011-1545 | 1 Hp | 1 Insight Control Performance Management | 2025-04-11 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2012-2020 | 1 Hp | 1 Operations Agent | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326. | |||||
| CVE-2011-1849 | 1 Hp | 1 Intelligent Management Center | 2025-04-11 | 10.0 HIGH | N/A |
| tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request. | |||||
| CVE-2012-2009 | 1 Hp | 1 Performance Insight | 2025-04-11 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2013-6191 | 1 Hp | 1 Operations Orchestration | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||