Vulnerabilities (CVE)

Filtered by vendor Hp Subscribe
Total 2463 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-5431 1 Hp 1 Matrix Operating Environment 2025-04-12 6.5 MEDIUM N/A
HP Matrix Operating Environment before 7.5.0 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-4395 1 Hp 1 System Management Homepage 2025-04-12 7.8 HIGH 7.5 HIGH
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
CVE-2016-5385 8 Debian, Drupal, Fedoraproject and 5 more 14 Debian Linux, Drupal, Fedora and 11 more 2025-04-12 5.1 MEDIUM 8.1 HIGH
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
CVE-2016-0777 5 Apple, Hp, Openbsd and 2 more 7 Mac Os X, Remote Device Access Virtual Customer Access System, Openssh and 4 more 2025-04-12 4.0 MEDIUM 6.5 MEDIUM
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CVE-2014-2629 1 Hp 1 Nonstop Safeguard Security 2025-04-12 4.0 MEDIUM N/A
HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time.
CVE-2016-4396 1 Hp 1 System Management Homepage 2025-04-12 7.8 HIGH 7.5 HIGH
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
CVE-2016-1996 1 Hp 1 System Management Homepage 2025-04-12 3.6 LOW 7.7 HIGH
HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors.
CVE-2015-6860 1 Hp 54 J8692a, J8693a, J8697a and 51 more 2025-04-12 7.2 HIGH 8.4 HIGH
HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6859.
CVE-2013-6209 1 Hp 1 Hp-ux 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
CVE-2015-5446 1 Hp 1 Storeonce Backup System Software 2025-04-12 5.8 MEDIUM 7.5 HIGH
HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2016-4375 1 Hp 5 Integrated Lights-out 3, Integrated Lights-out 3 Firmware, Integrated Lights-out 4 and 2 more 2025-04-12 7.5 HIGH 9.8 CRITICAL
Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVE-2014-2635 1 Hp 1 Sprinter 2025-04-12 7.5 HIGH N/A
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2343.
CVE-2013-6212 1 Hp 1 Database And Middleware Automation 2025-04-12 6.5 MEDIUM N/A
Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVE-2014-2621 1 Hp 2 Imc Branch Intelligent Management System Software Module, Intelligent Management Center 2025-04-12 7.8 HIGH N/A
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2090.
CVE-2014-7889 1 Hp 7 Graphical Pos Pole Display Qz704aa, Lcd Pole Display F7a93aa, Ole Point Of Sale Driver and 4 more 2025-04-12 10.0 HIGH N/A
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSLineDisplay.ocx for Retail RP7 VFD Customer Display monitors, Retail Integrated 2x20 Display monitors, Retail Integrated 2x20 Complex monitors, POS Pole Display monitors, Graphical POS Pole Display monitors, and LCD Pole Display monitors, aka ZDI-CAN-2511.
CVE-2016-2012 1 Hp 1 Network Node Manager I 2025-04-12 7.5 HIGH 6.5 MEDIUM
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to bypass authentication via unspecified vectors.
CVE-2015-5417 1 Hp 1 Keyview 2025-04-12 7.5 HIGH N/A
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2876.
CVE-2015-2108 1 Hp 1 Operations Orchestration 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
CVE-2015-5410 1 Hp 1 Version Control Repository Manager 2025-04-12 6.5 MEDIUM N/A
HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to execute arbitrary code or cause a denial of service via unspecified vectors.
CVE-2015-5423 1 Hp 1 Keyview 2025-04-12 7.5 HIGH N/A
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2884.