Filtered by vendor Hp
Subscribe
Total
2459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40750 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2023-11-07 | N/A | 5.4 MEDIUM |
| IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236588. | |||||
| CVE-2022-37931 | 1 Hp | 1 Nonstop Netbatch-plus | 2023-11-07 | N/A | 7.8 HIGH |
| A vulnerability in NetBatch-Plus software allows unauthorized access to the application. HPE has provided a workaround and fix. Please refer to HPE Security Bulletin HPESBNS04388 for details. | |||||
| CVE-2022-31772 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2023-11-07 | N/A | 6.5 MEDIUM |
| IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335. | |||||
| CVE-2021-39298 | 1 Hp | 374 260 G3 Desktop Mini Pc, 260 G3 Desktop Mini Pc Firmware, Elite Dragonfly and 371 more | 2023-11-07 | 7.2 HIGH | 8.8 HIGH |
| A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware. | |||||
| CVE-2020-11853 | 2 Hp, Microfocus | 7 Universal Cmbd Foundation, Application Performance Management, Data Center Automation and 4 more | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) Universal CMDB affecting version: 2020.05, 2019.11, 2019.05, 2019.02, 2018.11, 2018.08, 2018.05, 11, 10.33, 10.32, 10.31, 10.30 6.) Hybrid Cloud Management affecting version 2020.05 7.) Service Management Automation affecting version 2020.5 and 2020.02. The vulnerability could allow to execute arbitrary code. | |||||
| CVE-2019-3480 | 1 Hp | 1 Arcsight Logger | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7. | |||||
| CVE-2019-3482 | 1 Hp | 1 Arcsight Logger | 2023-11-07 | 6.8 MEDIUM | 6.5 MEDIUM |
| Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7. | |||||
| CVE-2019-3486 | 1 Hp | 1 Arcsight Management Center | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mitigates a stored cross site scripting issue in ArcSight Security Management Center versions prior to 2.9.1 | |||||
| CVE-2019-2684 | 7 Apache, Canonical, Debian and 4 more | 17 Cassandra, Tomcat, Ubuntu Linux and 14 more | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N). | |||||
| CVE-2019-3481 | 1 Hp | 1 Arcsight Logger | 2023-11-07 | 7.5 HIGH | 7.1 HIGH |
| Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7. | |||||
| CVE-2019-3479 | 1 Hp | 1 Arcsight Logger | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7. | |||||
| CVE-2019-3485 | 1 Hp | 1 Arcsight Logger | 2023-11-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1 | |||||
| CVE-2019-3484 | 1 Hp | 1 Arcsight Logger | 2023-11-07 | 7.2 HIGH | 7.8 HIGH |
| Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7. | |||||
| CVE-2019-3483 | 1 Hp | 1 Arcsight Logger | 2023-11-07 | 6.8 MEDIUM | 6.5 MEDIUM |
| Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7. | |||||
| CVE-2019-11655 | 1 Hp | 1 Arcsight Logger | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, version 6.7.0 and later. This vulnerability could allow Unrestricted Upload of File with Dangerous type. | |||||
| CVE-2019-11656 | 1 Hp | 1 Arcsight Logger | 2023-11-07 | 3.5 LOW | 5.4 MEDIUM |
| Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. This vulnerability could allow Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). | |||||
| CVE-2019-11135 | 9 Canonical, Debian, Fedoraproject and 6 more | 304 Ubuntu Linux, Debian Linux, Fedora and 301 more | 2023-11-07 | 2.1 LOW | 6.5 MEDIUM |
| TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | |||||
| CVE-2018-6505 | 1 Hp | 1 Arcsight Management Center | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Unauthenticated File Downloads. | |||||
| CVE-2018-6503 | 1 Hp | 1 Arcsight Management Center | 2023-11-07 | 6.8 MEDIUM | 6.5 MEDIUM |
| A potential Access Control vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for vulnerable Access Controls. | |||||
| CVE-2018-6501 | 1 Hp | 1 Arcsight Management Center | 2023-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. This vulnerability could be exploited to allow for insufficient access controls. | |||||