Filtered by vendor Hp
Subscribe
Total
2459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7896 | 1 Hp | 4 Xp7 Global Link Manager Software, Xp P9000 Device Manager, Xp P9000 Replication Manager and 1 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before 7.6.1-06, and HP XP7 Global Link Manager Software (aka HGLM) 6.x through 8.x before 8.1.2-00, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-2637 | 1 Hp | 1 Sprinter | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2342. | |||||
| CVE-2016-2022 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 4.7 MEDIUM | 8.1 HIGH |
| HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and CVE-2016-2030. | |||||
| CVE-2013-6205 | 1 Hp | 2 Insight Control Server Deployment, Rapid Deployment Pack | 2025-04-12 | 4.1 MEDIUM | N/A |
| Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insight Control Server Deployment allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. | |||||
| CVE-2016-4361 | 1 Hp | 2 Loadrunner, Performance Center | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2016-2000 | 1 Hp | 2 Asset Manager, Asset Manager Cloudsystem Chargeback | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | |||||
| CVE-2015-5440 | 1 Hp | 1 Universal Configuration Management Database | 2025-04-12 | 4.9 MEDIUM | N/A |
| HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21 allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-2003 | 1 Hp | 2 P9000 Command View Advanced Edition Software, Xp7 Command View Advanced Edition Suite | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | |||||
| CVE-2014-7874 | 1 Hp | 2 Hp-ux, System Management Homepage | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2013-6219 | 1 Hp | 2 Hp-ux, Hp-ux Whitelisting | 2025-04-12 | 3.8 LOW | N/A |
| Unspecified vulnerability in HP HP-UX Whitelisting (aka WLI) before A.01.02.02 on HP-UX B.11.31 allows local users to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2015-5418 | 1 Hp | 1 Keyview | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2877. | |||||
| CVE-2016-2011 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2010. | |||||
| CVE-2014-2623 | 1 Hp | 1 Storage Data Protector | 2025-04-12 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2016-2025 | 1 Hp | 1 Service Manager | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components. | |||||
| CVE-2014-2617 | 1 Hp | 1 Universal Configuration Management Database | 2025-04-12 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104. | |||||
| CVE-2014-7882 | 1 Hp | 1 Sitescope | 2025-04-12 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2016-4371 | 1 Hp | 6 Service Manager, Service Manager Mobility, Service Manager Server and 3 more | 2025-04-12 | 6.0 MEDIUM | 8.0 HIGH |
| HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components. | |||||
| CVE-2016-2018 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 6.4 MEDIUM | 9.1 CRITICAL |
| HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2015-3237 | 3 Haxx, Hp, Oracle | 5 Curl, Libcurl, System Management Homepage and 2 more | 2025-04-12 | 6.4 MEDIUM | N/A |
| The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values. | |||||
| CVE-2016-3092 | 4 Apache, Canonical, Debian and 1 more | 6 Commons Fileupload, Tomcat, Ubuntu Linux and 3 more | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string. | |||||