Filtered by vendor Hp
Subscribe
Total
2419 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8977 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2017-02-13 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system. | |||||
| CVE-2016-8967 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2017-02-09 | 2.1 LOW | 5.5 MEDIUM |
| IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user. | |||||
| CVE-2014-2631 | 1 Hp | 1 Application Lifecycle Management | 2017-01-07 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in HP Application Lifecycle Management (aka Quality Center) 11.5x and 12.0x allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2138. | |||||
| CVE-2014-2629 | 1 Hp | 1 Nonstop Safeguard Security | 2017-01-07 | 4.0 MEDIUM | N/A |
| HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time. | |||||
| CVE-2014-2626 | 1 Hp | 1 Network Virtualization | 2017-01-07 | 9.4 HIGH | N/A |
| Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024. | |||||
| CVE-2014-2625 | 1 Hp | 1 Network Virtualization | 2017-01-07 | 8.5 HIGH | N/A |
| Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to read arbitrary files via crafted input, aka ZDI-CAN-2023. | |||||
| CVE-2014-2623 | 1 Hp | 1 Storage Data Protector | 2017-01-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2014-2617 | 1 Hp | 1 Universal Configuration Management Database | 2017-01-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104. | |||||
| CVE-2014-2616 | 1 Hp | 1 Universal Configuration Management Database | 2017-01-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091. | |||||
| CVE-2014-2615 | 1 Hp | 1 Universal Configuration Management Database | 2017-01-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083. | |||||
| CVE-2014-2614 | 1 Hp | 1 Sitescope | 2017-01-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and 11.2x through 11.24 allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-2140. | |||||
| CVE-2014-7880 | 1 Hp | 1 Tcp Ip Services Openvms | 2017-01-03 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the POP implementation in HP OpenVMS TCP/IP 5.7 before ECO5 allow remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2015-2120 | 1 Hp | 1 Sitescope | 2016-12-31 | 8.7 HIGH | N/A |
| Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24.391, and 11.3x before 11.30.521 allows remote authenticated users to gain privileges via unknown vectors, aka ZDI-CAN-2567. | |||||
| CVE-2015-2126 | 1 Hp | 1 Hp-ux | 2016-12-28 | 7.2 HIGH | N/A |
| Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions. | |||||
| CVE-2016-4361 | 1 Hp | 2 Loadrunner, Performance Center | 2016-12-24 | 5.0 MEDIUM | 7.5 HIGH |
| HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2015-5435 | 1 Hp | 2 Integrated Lights-out 3 Firmware, Integrated Lights-out 4 Firmware | 2016-12-24 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors. | |||||
| CVE-2015-3200 | 3 Hp, Lighttpd, Oracle | 3 Virtual Customer Access System, Lighttpd, Solaris | 2016-12-24 | 5.0 MEDIUM | 7.5 HIGH |
| mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character. | |||||
| CVE-2015-5440 | 1 Hp | 1 Universal Configuration Management Database | 2016-12-22 | 4.9 MEDIUM | N/A |
| HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21 allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2015-5426 | 1 Hp | 1 Loadrunner | 2016-12-22 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in HP LoadRunner Controller before 12.50 allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2756. | |||||
| CVE-2015-5413 | 1 Hp | 1 Version Control Repository Manager | 2016-12-22 | 4.0 MEDIUM | N/A |
| HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain privileges and obtain sensitive information via unspecified vectors. | |||||