Total
8212 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2013 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2019-10-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors. | |||||
| CVE-2012-2016 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2019-10-09 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors. | |||||
| CVE-2012-2014 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2019-10-09 | 9.0 HIGH | N/A |
| HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors. | |||||
| CVE-2010-3637 | 2 Adobe, Microsoft | 2 Flash Player, Windows | 2019-10-09 | 9.3 HIGH | N/A |
| An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 (Flash10h.ocx) on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FLV video. | |||||
| CVE-2010-3004 | 2 Hp, Microsoft | 2 Operations Agent, Windows | 2019-10-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2010-3005 | 2 Hp, Microsoft | 2 Operations Agent, Windows | 2019-10-09 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows local users to gain privileges via unknown vectors. | |||||
| CVE-2010-1967 | 2 Hp, Microsoft | 2 Insight Software Installer, Windows | 2019-10-09 | 3.6 LOW | N/A |
| Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users to read or modify data via unknown vectors. | |||||
| CVE-2010-1969 | 2 Hp, Microsoft | 2 Virtual Connect Enterprise Manager, Windows | 2019-10-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Virtual Connect Enterprise Manager for Windows before 6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2010-1966 | 2 Hp, Microsoft | 2 Insight Control, Windows | 2019-10-09 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in HP Insight Control power management for Windows before 6.1 allows local users to read or modify data, or cause a denial of service, via unknown vectors. | |||||
| CVE-2010-1034 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2019-10-09 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors. | |||||
| CVE-2010-1968 | 2 Hp, Microsoft | 2 Insight Software Installer, Windows | 2019-10-09 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Software Installer for Windows before 6.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, a different vulnerability than CVE-2010-1971. | |||||
| CVE-2010-1971 | 2 Hp, Microsoft | 2 Insight Software Installer, Windows | 2019-10-09 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Software Installer for Windows before 6.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, a different vulnerability than CVE-2010-1968. | |||||
| CVE-2010-1970 | 2 Hp, Microsoft | 2 Insight Software Installer, Windows | 2019-10-09 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users to read or modify data, and consequently gain privileges, via unknown vectors. | |||||
| CVE-2010-1965 | 2 Hp, Microsoft | 2 Insight Orchestration, Windows | 2019-10-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Insight Orchestration for Windows before 6.1 allows remote attackers to read or modify data via unknown vectors. | |||||
| CVE-2009-0714 | 5 Hp, Microsoft, Novell and 2 more | 5 Data Protector Express, Windows, Netware and 2 more | 2019-10-09 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets. | |||||
| CVE-2009-1419 | 2 Hp, Microsoft | 2 Discovery\&dependency Mapping Inventory, Windows | 2019-10-09 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.0.0 through 2.52, 7.50, and 7.51 on Windows allows remote attackers to access DDMI agents via unknown vectors. | |||||
| CVE-2008-4420 | 4 Filestream, Hp, Innermedia and 1 more | 5 Turbozip, Openview Performance Agent, Dynazip Max and 2 more | 2019-10-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in DynaZip Max and DZIPS32.DLL before 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other products; allow user-assisted attackers to execute arbitrary code via a long filename in a ZIP archive during a (1) Fix (aka Repair), (2) Add, (3) Update, or (4) Freshen action, a related issue to CVE-2006-3985. | |||||
| CVE-2007-3285 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2019-10-09 | 6.8 MEDIUM | N/A |
| Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extension, which causes Firefox to treat the requested file differently than Windows would. | |||||
| CVE-2019-17183 | 2 Foxitsoftware, Microsoft | 2 Reader, Windows | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| Foxit Reader before 9.7 allows an Access Violation and crash if insufficient memory exists. | |||||
| CVE-2019-11753 | 2 Microsoft, Mozilla | 3 Windows, Firefox, Firefox Esr | 2019-10-05 | 4.6 MEDIUM | 7.8 HIGH |
| The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can run with elevated privileges during the update process due to a lack of integrity checks. This allows for privilege escalation if the executable has been replaced locally. <br>*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69, Firefox ESR < 60.9, and Firefox ESR < 68.1. | |||||