Filtered by vendor Hp
Subscribe
Total
2463 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5206 | 1 Hp | 2 Intelligent Management Center, Intelligent Management Center For Automated Network Manager | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1660. | |||||
| CVE-2010-4031 | 1 Hp | 1 Insight Control Performance Management | 2025-04-11 | 8.0 HIGH | N/A |
| Unspecified vulnerability in HP Insight Control Performance Management before 6.2 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2010-4023 | 1 Hp | 1 Insight Control Power Management | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Insight Control Power Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1851 | 1 Hp | 1 Intelligent Management Center | 2025-04-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field. | |||||
| CVE-2012-3269 | 1 Hp | 1 Performance Insight | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-3270. | |||||
| CVE-2011-4788 | 1 Hp | 3 Storageworks P2000 G3 Msa Fc\/iscsi Dual Combo Controller Lff Array System, Storageworks P2000 G3 Msa Fibre Channel Dual Controller Lff Array System, Storageworks P2000 G3 Msa Fibre Channel Dual Controller Sff Array System | 2025-04-11 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI. | |||||
| CVE-2011-0271 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
| The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability." | |||||
| CVE-2011-1860 | 1 Hp | 2 Service Center, Service Manager | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to capture HTTP session credentials via unknown vectors. | |||||
| CVE-2013-4814 | 1 Hp | 1 Xp 9000 Command View | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP XP P9000 Command View Advanced Edition Suite Software 7.x before 7.5.0-02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-3575 | 1 Hp | 1 Insight Diagnostics | 2025-04-11 | 5.0 MEDIUM | N/A |
| hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter. | |||||
| CVE-2010-3012 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error. | |||||
| CVE-2010-3006 | 1 Hp | 13 Proliant Dl120 G6, Proliant Dl160 G6, Proliant Dl160se G6 and 10 more | 2025-04-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability on the HP ProLiant G6 Lights-Out 100 Remote Management card with firmware before 4.06 allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2013-2355 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 5.0 MEDIUM | N/A |
| HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217. | |||||
| CVE-2010-1964 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 7.5 HIGH | N/A |
| Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683. | |||||
| CVE-2010-1969 | 2 Hp, Microsoft | 2 Virtual Connect Enterprise Manager, Windows | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Virtual Connect Enterprise Manager for Windows before 6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2012-0131 | 1 Hp | 2 Distributed Computing Environment, Hp-ux | 2025-04-11 | 10.0 HIGH | N/A |
| Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-1032 | 1 Hp | 1 Hp-ux | 2025-04-11 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in HP HP-UX B.11.11 allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2011-4789 | 1 Hp | 1 Diagnostics | 2025-04-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it was originally reported that the affected product is HP Diagnostics Server, but HP states that "the vulnerable product is actually HP LoadRunner." | |||||
| CVE-2010-4109 | 1 Hp | 1 Palm Webos | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file. | |||||
| CVE-2011-0280 | 1 Hp | 1 Power Manager | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information. | |||||