Vulnerabilities (CVE)

Filtered by vendor Hp Subscribe
Total 2463 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-4357 1 Hp 2 Matrix Operating Environment, Systems Insight Manager 2025-04-12 7.5 HIGH 8.1 HIGH
HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2028.
CVE-2013-4846 1 Hp 1 System Management Homepage 2025-04-12 5.0 MEDIUM N/A
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors.
CVE-2015-5421 1 Hp 1 Keyview 2025-04-12 7.5 HIGH N/A
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2881.
CVE-2016-2011 1 Hp 1 Network Node Manager I 2025-04-12 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2010.
CVE-2016-1986 1 Hp 1 Continuous Delivery Automation 2025-04-12 7.5 HIGH 9.8 CRITICAL
HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVE-2015-5312 6 Apple, Canonical, Debian and 3 more 13 Iphone Os, Mac Os X, Tvos and 10 more 2025-04-12 7.1 HIGH N/A
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
CVE-2015-5406 1 Hp 6 Centralview Credit Risk Control, Centralview Dealer Performance Audit, Centralview Fraud Risk Management and 3 more 2025-04-12 9.0 HIGH N/A
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control 2.1, 2.2, and 2.3; CentralView Roaming Fraud Control 2.1, 2.2, and 2.3; and CentralView Subscription Fraud Prevention 2.0 and 2.1 allow remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5407 and CVE-2015-5408.
CVE-2014-2638 1 Hp 1 Sprinter 2025-04-12 7.5 HIGH N/A
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2344.
CVE-2016-4359 1 Hp 2 Loadrunner, Performance Center 2025-04-12 7.5 HIGH 9.8 CRITICAL
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516.
CVE-2014-5160 1 Hp 1 Data Protector 2025-04-12 6.4 MEDIUM N/A
Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavior is "by design.
CVE-2015-2135 1 Hp 1 Intelligent Provisioning 2025-04-12 10.0 HIGH N/A
Unspecified vulnerability in HP Intelligent Provisioning 1.00 through 1.62(a), 2.00, and 2.10 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2016-2004 1 Hp 1 Data Protector 2025-04-12 9.3 HIGH 9.8 CRITICAL
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.
CVE-2014-2611 1 Hp 1 Executive Scorecard 2025-04-12 9.0 HIGH N/A
Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120.
CVE-2014-2606 1 Hp 10 Storage Management Software, Storevirtual 4130, Storevirtual 4330 and 7 more 2025-04-12 9.0 HIGH N/A
Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVirtual VSA 9.5 through 11.0 allows remote authenticated users to gain privileges via unknown vectors.
CVE-2015-2124 1 Hp 2 Smart Zero Core, Thinpro Linux 2025-04-12 7.2 HIGH N/A
Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors.
CVE-2016-4393 1 Hp 1 System Management Homepage 2025-04-12 3.5 LOW 5.4 MEDIUM
HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue.
CVE-2014-7875 1 Hp 2 Laserjet Cm3530 Multifuction Printer, Laserjet Cm3530 Multifunction Printer Firmware 2025-04-12 9.0 HIGH N/A
Unspecified vulnerability on the HP LaserJet CM3530 Multifunction Printer CC519A and CC520A with firmware before 53.236.2 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVE-2014-7878 1 Hp 1 Helion Cloud Development Platform 2025-04-12 10.0 HIGH N/A
The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.
CVE-2014-2624 1 Hp 1 Network Node Manager I 2025-04-12 10.0 HIGH N/A
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264.
CVE-2015-5445 1 Hp 1 Storeonce Backup System Software 2025-04-12 6.8 MEDIUM 8.8 HIGH
Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.