Vulnerabilities (CVE)

Filtered by vendor Hp Subscribe
Total 2459 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-1727 1 Hp 1 Sitescope 2025-04-11 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue.
CVE-2011-1726 1 Hp 1 Sitescope 2025-04-11 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4777 4 Hitachi, Hp, Microsoft and 1 more 17 Job Management Partner 1\/automatic Job Management System 2-view, Job Management Partner 1\/integrated Management-view, Job Management Partner 1\/integrated Manager-console View and 14 more 2025-04-11 4.3 MEDIUM N/A
Unspecified vulnerability in multiple versions of Hitachi JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer, allows remote attackers to cause a denial of service ("abnormal" termination) via vectors related to the display of an "invalid GIF file."
CVE-2009-3999 1 Hp 1 Power Manager 2025-04-11 10.0 HIGH N/A
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.
CVE-2012-5214 1 Hp 1 Service Center 2025-04-11 7.5 HIGH N/A
Unspecified vulnerability in HP ServiceCenter 6.2.8 before 6.2.8.10 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVE-2013-2346 1 Hp 1 Storage Data Protector 2025-04-11 10.0 HIGH N/A
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1870.
CVE-2013-4831 1 Hp 1 Service Manager 2025-04-11 5.5 MEDIUM N/A
HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVE-2011-0924 1 Hp 1 Data Protector 2025-04-11 10.0 HIGH N/A
The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omni_chk_ds.sh.
CVE-2012-3275 1 Hp 1 Network Node Manager I 2025-04-11 10.0 HIGH N/A
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and 9.20 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2012-4362 1 Hp 2 San\/iq, Virtual San Appliance 2025-04-11 4.0 MEDIUM N/A
hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838.
CVE-2010-2612 1 Hp 2 Openvms, Openvms For Integrity Servers 2025-04-11 2.1 LOW N/A
Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3; and OpenVMS for Integrity Servers 8.3 AND 8.3-1H1; allows local users to obtain sensitive information via unknown vectors.
CVE-2012-0135 1 Hp 1 System Management Homepage 2025-04-11 3.5 LOW N/A
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors.
CVE-2012-5216 1 Hp 3 Procurve Switch 1700-24, Procurve Switch 1700-8, Procurve Switch Software 2025-04-11 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability on HP ProCurve 1700-8 (aka J9079A) switches with software before VA.02.09 and 1700-24 (aka J9080A) switches with software before VB.02.09 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2012-0132 2 Hp, Microsoft 2 Business Availability Center, Windows 2025-04-11 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 9.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-2328 1 Hp 1 Storage Data Protector 2025-04-11 10.0 HIGH N/A
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1636.
CVE-2010-3289 1 Hp 1 Systems Insight Manager 2025-04-11 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-0273 1 Hp 1 Openview Storage Data Protector Cell Manager 2025-04-11 9.3 HIGH N/A
Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute arbitrary code via unspecified message types.
CVE-2010-1586 1 Hp 1 System Management Homepage 2025-04-11 4.3 MEDIUM N/A
Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.
CVE-2010-4107 1 Hp 8 9000, Color Laserjet Mfp, Laserjet 4100 and 5 more 2025-04-11 7.8 HIGH N/A
The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack.
CVE-2012-0131 1 Hp 2 Distributed Computing Environment, Hp-ux 2025-04-11 10.0 HIGH N/A
Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.