Vulnerabilities (CVE)

Filtered by vendor Hp Subscribe
Total 2460 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-2683 1 Hp 1 Remote Graphics Software 2025-04-09 7.1 HIGH N/A
Unspecified vulnerability in the Sender module in HP Remote Graphics Software (RGS) 5.1.3 through 5.2.6 allows remote authenticated users to execute arbitrary code via unknown vectors.
CVE-2007-6419 1 Hp 1 Hp-ux 2025-04-09 7.8 HIGH N/A
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
CVE-2008-4413 1 Hp 2 Hp-ux, System Management Homepage 2025-04-09 6.2 MEDIUM N/A
Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions.
CVE-2007-5604 1 Hp 1 Instant Support 2025-04-09 7.5 HIGH N/A
Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607.
CVE-2009-1418 1 Hp 1 System Management Homepage 2025-04-09 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2007-0206 1 Hp 1 Openview Network Node Manager 2025-04-09 5.0 MEDIUM N/A
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to read arbitrary files via unknown vectors.
CVE-2007-3908 1 Hp 2 Cluster Object Manager, Serviceguard 2025-04-09 4.6 MEDIUM N/A
Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat Enterprise Linux (RHEL) 2.1 SG A.11.14.04 through A.11.14.06; RHEL 3.0 SG A.11.16.04 through A.11.16.10; and ServiceGuard Cluster Object Manager B.03.01.02 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2007-0980.
CVE-2009-3849 1 Hp 1 Openview Network Node Manager 2025-04-09 10.0 HIGH N/A
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long Template parameter to nnmRptConfig.exe, related to the strcat function; or (2) a long Oid parameter to snmp.exe.
CVE-2006-5091 1 Hp 1 Hp-ux 2025-04-09 7.2 HIGH N/A
Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors.
CVE-2009-4179 1 Hp 1 Openview Network Node Manager 2025-04-09 10.0 HIGH N/A
Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.
CVE-2008-1668 1 Hp 1 Hp-ux 2025-04-09 10.0 HIGH N/A
ftpd.c in (1) wu-ftpd 2.4.2 and (2) ftpd in HP HP-UX B.11.11 assigns uid 0 to the FTP client in certain operating-system misconfigurations in which PAM authentication can succeed even though no passwd entry is available for a user, which allows remote attackers to gain privileges, as demonstrated by a login attempt for an LDAP account when nsswitch.conf does not specify LDAP for passwd information.
CVE-2008-1661 1 Hp 1 Storageworks Storage Mirroring 2025-04-09 10.0 HIGH N/A
Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring (SWSM) before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request.
CVE-2007-5946 1 Hp 1 Hp-ux 2025-04-09 7.2 HIGH N/A
Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.
CVE-2009-0714 5 Hp, Microsoft, Novell and 2 more 5 Data Protector Express, Windows, Netware and 2 more 2025-04-09 7.2 HIGH N/A
Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.
CVE-2007-6506 1 Hp 1 Software Update 2025-04-09 9.3 HIGH N/A
The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.
CVE-2008-3357 3 Actian, Hp, Linux 3 Ingres, Hp-ux, Linux Kernel 2025-04-09 7.2 HIGH N/A
Untrusted search path vulnerability in ingvalidpw in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges via a crafted shared library, related to a "pointer overwrite vulnerability."
CVE-2008-0706 2 Compaq, Hp 4 Presario A900, Presario C700, G7000 and 1 more 2025-04-09 7.2 HIGH N/A
Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password.
CVE-2009-4176 1 Hp 1 Openview Network Node Manager 2025-04-09 10.0 HIGH N/A
Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter to ovlogin.exe.
CVE-2009-2685 1 Hp 1 Power Manager 2025-04-09 10.0 HIGH N/A
Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.
CVE-2009-4188 1 Hp 1 Operations Dashboard 2025-04-09 10.0 HIGH N/A
HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.