Filtered by vendor Hp
Subscribe
Total
2459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-1996 | 1 Hp | 1 System Management Homepage | 2016-12-03 | 3.6 LOW | 7.7 HIGH |
| HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2016-1994 | 1 Hp | 1 System Management Homepage | 2016-12-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-1989 | 1 Hp | 1 Network Automation | 2016-12-03 | 10.0 HIGH | 9.8 CRITICAL |
| HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988. | |||||
| CVE-2016-2244 | 1 Hp | 55 A2w75a, A2w76a, A2w77a and 52 more | 2016-12-03 | 5.0 MEDIUM | 5.9 MEDIUM |
| HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-1993 | 1 Hp | 1 System Management Homepage | 2016-12-03 | 5.5 MEDIUM | 8.1 HIGH |
| HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2016-1988 | 1 Hp | 1 Network Automation | 2016-12-03 | 10.0 HIGH | 9.8 CRITICAL |
| HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989. | |||||
| CVE-2016-1995 | 1 Hp | 1 System Management Homepage | 2016-12-03 | 10.0 HIGH | 9.8 CRITICAL |
| HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2016-1992 | 1 Hp | 2 Enterprise Security Manager, Enterprise Security Manager Express | 2016-12-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2015-2123 | 1 Hp | 1 Nonstop Safeguard Security | 2016-12-03 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP NonStop Safeguard Security Software H06.x, L15.02, and J06.x before J06.19 allows remote authenticated users to gain privileges by leveraging Expand access. | |||||
| CVE-2015-2116 | 1 Hp | 1 Storage Data Protector | 2016-12-03 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors. | |||||
| CVE-2015-2122 | 1 Hp | 1 Sdn Van Controller | 2016-12-03 | 7.8 HIGH | N/A |
| The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows remote attackers to cause a denial of service via network traffic to the REST port. | |||||
| CVE-2015-2124 | 1 Hp | 2 Smart Zero Core, Thinpro Linux | 2016-12-03 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors. | |||||
| CVE-2015-2115 | 1 Hp | 1 Capture And Route Software | 2016-12-03 | 2.7 LOW | N/A |
| Unspecified vulnerability in HP Capture and Route Software (HPCR) 1.3 before Patch 7, 1.3 FP1 before Patch 1, and 1.4 before Patch 1 allows remote authenticated users to obtain sensitive information via unknown vectors. | |||||
| CVE-2015-2117 | 1 Hp | 2 Tippingpoint Security Management System, Tippingpoint Virtual Security Management System | 2016-12-03 | 7.5 HIGH | N/A |
| HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS) before 4.1 patch 3 and 4.2 before patch 1 do not require authentication for JBoss RMI requests, which allows remote attackers to execute arbitrary code by (1) uploading this code within an archive or (2) instantiating a class. | |||||
| CVE-2015-2121 | 1 Hp | 1 Network Virtualization | 2016-12-03 | 7.8 HIGH | N/A |
| HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569. | |||||
| CVE-2016-2023 | 1 Hp | 1 Restful Interface Tool | 2016-12-01 | 2.1 LOW | 5.5 MEDIUM |
| HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-1999 | 1 Hp | 1 Release Control | 2016-12-01 | 10.0 HIGH | 9.8 CRITICAL |
| The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | |||||
| CVE-2016-2016 | 1 Hp | 4 Base-vxfs-50, Base-vxfs-501, Base-vxfs-51 and 1 more | 2016-12-01 | 2.1 LOW | 5.5 MEDIUM |
| Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and default:user: entries, which allows local users to bypass intended access restrictions by leveraging the configuration of a parent directory. | |||||
| CVE-2016-2025 | 1 Hp | 1 Service Manager | 2016-12-01 | 5.0 MEDIUM | 7.5 HIGH |
| HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components. | |||||
| CVE-2016-1997 | 1 Hp | 2 Operations Orchestration, Operations Orchestration Content | 2016-12-01 | 10.0 HIGH | 9.8 CRITICAL |
| HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | |||||