Filtered by vendor Hp
Subscribe
Total
2459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0132 | 2 Hp, Microsoft | 2 Business Availability Center, Windows | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 9.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-0129 | 1 Hp | 1 Onboard Administrator | 2017-08-29 | 7.6 HIGH | N/A |
| HP Onboard Administrator (OA) before 3.50 allows remote attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-4157 | 1 Hp | 3 Centralized Management Console Software, San\/iq, Storageworks P4000 Virtual San Appliance | 2017-08-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request. | |||||
| CVE-2011-2331 | 1 Hp | 1 Intelligent Management Center | 2017-08-29 | 10.0 HIGH | N/A |
| Integer overflow in img.exe in HP Intelligent Management Center (IMC) allows remote attackers to execute arbitrary code via a crafted length value in an a packet that triggers a heap-based buffer overflow, possibly related to an "recv" field. | |||||
| CVE-2011-2399 | 1 Hp | 1 Data Protector | 2017-08-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the Media Management Daemon (mmd) in HP Data Protector 6.11 and earlier allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2011-2328 | 1 Hp | 1 Loadrunner | 2017-08-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in HP LoadRunner allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a .usr (aka Virtual User script) file with long directives. | |||||
| CVE-2011-2608 | 1 Hp | 2 Openview Performance Agent, Operations Agent | 2017-08-29 | 6.4 MEDIUM | N/A |
| ovbbccb.exe 6.20.50.0 and other versions in HP OpenView Performance Agent 4.70 and 5.0; and Operations Agent 11.0, 8.60.005, 8.60.006, 8.60.007, 8.60.008, 8.60.501, and 8.53; allows remote attackers to delete arbitrary files via a full pathname in the File field in a Register command. | |||||
| CVE-2011-2401 | 1 Hp | 1 Sitescope | 2017-08-29 | 8.3 HIGH | N/A |
| Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack web sessions via unspecified vectors. | |||||
| CVE-2011-2402 | 1 Hp | 1 Network Automation | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-2400 | 1 Hp | 1 Sitescope | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-2403 | 1 Hp | 1 Network Automation | 2017-08-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2011-2779 | 1 Hp | 7 Arcsight C1000 Appliance, Arcsight C1300 Appliance, Arcsight C3200 Appliance and 4 more | 2017-08-29 | 3.6 LOW | N/A |
| Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 uses world-writable permissions for exported report files, which allows local users to change or delete log data by modifying a file, a different vulnerability than CVE-2011-0770. | |||||
| CVE-2011-2697 | 1 Hp | 1 Linux Imaging And Printing Project | 2017-08-29 | 6.8 MEDIUM | N/A |
| foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file. | |||||
| CVE-2015-0839 | 1 Hp | 1 Linux Imaging And Printing | 2017-08-25 | 6.8 MEDIUM | 8.1 HIGH |
| The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads. | |||||
| CVE-2011-1725 | 1 Hp | 1 Network Automation | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2011-1858 | 1 Hp | 2 Service Center, Service Manager | 2017-08-17 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows local users to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2011-1861 | 1 Hp | 2 Service Center, Service Manager | 2017-08-17 | 8.3 HIGH | N/A |
| Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors. | |||||
| CVE-2011-1531 | 1 Hp | 7 Envy 100 D410, Photosmart B110, Photosmart D110 and 4 more | 2017-08-17 | 4.3 MEDIUM | N/A |
| The webscan component in the Embedded Web Server (EWS) on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to read documents on the scan surface via unspecified vectors. | |||||
| CVE-2011-1533 | 1 Hp | 7 Envy 100 D410, Photosmart B110, Photosmart D110 and 4 more | 2017-08-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1863 | 1 Hp | 2 Service Center, Service Manager | 2017-08-17 | 7.5 HIGH | N/A |
| HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allow remote authenticated users to conduct unspecified script injection attacks via unknown vectors. | |||||