Filtered by vendor Hp
Subscribe
Total
2463 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5796 | 1 Hp | 10 J9623a, J9623a Firmware, J9624a and 7 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| A Remote Cross Site Request Forgery (CSRF) vulnerability in HPE 2620 Series Network Switches version RA.15.05.0006 was found. | |||||
| CVE-2017-5795 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 7.1 HIGH | 6.5 MEDIUM |
| A Local Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) version PLAT 7.2 E0403P06 was found. | |||||
| CVE-2017-5794 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| A Remote Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found. | |||||
| CVE-2017-5793 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| A Remote Arbitrary Code Execution vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found. | |||||
| CVE-2017-5792 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. | |||||
| CVE-2017-5790 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found. | |||||
| CVE-2017-5788 | 1 Hp | 2 Nonstop Server, Nonstop Server Software | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found. | |||||
| CVE-2017-5787 | 1 Hp | 1 Version Control Repository Manager | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| A remote denial of service vulnerability in HPE Version Control Repository Manager (VCRM) in all versions prior to 7.6 was found. | |||||
| CVE-2017-5786 | 1 Hp | 12 Officeconnect 1820 24g Poe\+ \(185w\) Switch J9983a, Officeconnect 1820 24g Poe\+ \(185w\) Switch J9983a Firmware, Officeconnect 1820 24g Switch J9980a and 9 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A local Unauthorized Data Modification vulnerability in HPE OfficeConnect Network Switches version PT.02.01 including PT.01.03 through PT.01.14 | |||||
| CVE-2017-5785 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| A remote information disclosure vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-5784 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 5.8 MEDIUM | 6.5 MEDIUM |
| A missing HSTS Header vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-5783 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A remote clickjacking vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-5782 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| A missing HSTS Header vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-5781 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A CSRF vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-5780 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A remote clickjacking vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-3210 | 4 Fujitsu, Hp, Philips and 1 more | 6 Displayview Click, Displayview Click Suite, Display Assistant and 3 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26. | |||||
| CVE-2017-2752 | 1 Hp | 1 Tommy Hilfiger Th24\/7 | 2024-11-21 | 2.1 LOW | 2.1 LOW |
| A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. HP has no access to customer data as a result of this issue. | |||||
| CVE-2017-2751 | 1 Hp | 68 Compaq 14-h000, Compaq 14-h000 Firmware, Compaq 14-s000 and 65 more | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
| A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. The BIOS password was stored in CMOS in a way that allowed it to be extracted. This applies to consumer notebooks launched in early 2014. | |||||
| CVE-2017-2750 | 1 Hp | 346 A2w75a, A2w75a Firmware, A2w76a and 343 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code in HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP OfficeJet Enterprise printers before 2308937_578479, 2405087_018548, and other firmware versions. | |||||
| CVE-2017-2748 | 1 Hp | 1 Isaac Mizrahi Smartwatch | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue. | |||||