Filtered by vendor Hp
Subscribe
Total
2460 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1333 | 1 Hp | 1 Deskjet 6840 | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in refresh_rate.htm in the web interface on the HP Deskjet 6840 printer with firmware XF1M131A allows remote attackers to inject arbitrary web script or HTML via the POST request body. | |||||
| CVE-2007-2468 | 1 Hp | 1 Openvms | 2025-04-09 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 allows local users to cause a denial of service (crash) via "Program actions relating to exceptions." | |||||
| CVE-2008-1660 | 1 Hp | 1 Hp-ux | 2025-04-09 | 6.3 MEDIUM | N/A |
| Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors. | |||||
| CVE-2009-0718 | 1 Hp | 1 Storageworks Storage Mirroring | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2008-0976 | 2 Double-take Software, Hp | 2 Double-take, Storageworks Double-take | 2025-04-09 | 5.0 MEDIUM | N/A |
| Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed packet, as demonstrated by a packet of type (1) 0x2722 or (2) 0x272a. | |||||
| CVE-2007-5608 | 1 Hp | 1 Instant Support | 2025-04-09 | 9.3 HIGH | N/A |
| The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953. | |||||
| CVE-2008-4562 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205. | |||||
| CVE-2009-0122 | 1 Hp | 1 Hplip | 2025-04-09 | 6.9 MEDIUM | N/A |
| hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of arbitrary files via unspecified manipulations in advance of an HPLIP installation or upgrade by an administrator, related to the product's attempt to correct the ownership of its configuration files within home directories. | |||||
| CVE-2007-2281 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-09 | 10.0 HIGH | N/A |
| Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter. | |||||
| CVE-2006-5557 | 1 Hp | 1 Hp-ux | 2025-04-09 | 4.6 MEDIUM | N/A |
| Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain. | |||||
| CVE-2009-2686 | 1 Hp | 1 Nonstop Server | 2025-04-09 | 7.2 HIGH | N/A |
| Unspecified vulnerability in HP NonStop G06.12.00 through G06.32.00, H06.08.00 through H06.18.01, and J06.04.00 through J06.07.01 allows local users to gain privileges, cause a denial of service, or obtain "access to data" via unknown vectors. | |||||
| CVE-2009-0208 | 1 Hp | 1 Virtual Rooms | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Virtual Rooms Client before 7.0.1, when running on Windows, allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2007-3554 | 1 Hp | 1 Instant Support | 2025-04-09 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function. | |||||
| CVE-2009-3843 | 1 Hp | 1 Operations Manager | 2025-04-09 | 10.0 HIGH | N/A |
| HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload. | |||||
| CVE-2008-1851 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 5.0 MEDIUM | N/A |
| ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allows remote attackers to cause a denial of service (hang) via certain requests that do not provide all required arguments. | |||||
| CVE-2006-5782 | 1 Hp | 1 Openview Client Configuraton Manager | 2025-04-09 | 7.8 HIGH | N/A |
| radexecd.exe in HP OpenView Client Configuraton Manager (CCM) does not require authentication before executing commands in the installation directory, which allows remote attackers to cause a denial of service (reboot) by calling radbootw.exe or create arbitrary files by calling radcrecv. | |||||
| CVE-2007-3730 | 1 Hp | 1 Openvms | 2025-04-09 | 5.0 MEDIUM | N/A |
| The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 does not log the source IP address or attempted username for login attempts, which might help remote attackers to avoid identification. | |||||
| CVE-2008-1664 | 1 Hp | 1 Hp-ux | 2025-04-09 | 7.8 HIGH | N/A |
| Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2008-5395 | 2 Hp, Linux | 2 Pa-risc, Linux Kernel | 2025-04-09 | 4.9 MEDIUM | N/A |
| The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses. | |||||
| CVE-2008-2940 | 1 Hp | 1 Linux Imaging And Printing Project | 2025-04-09 | 7.2 HIGH | N/A |
| The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to gain privileges and send e-mail messages from the root account via vectors related to the setalerts message, and lack of validation of the device URI associated with an event message. | |||||