Filtered by vendor Hp
Subscribe
Total
2475 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2013 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors. | |||||
| CVE-2013-2359 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360. | |||||
| CVE-2011-5184 | 1 Hp | 1 Network Node Manager I | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3) nnm/protected/ping.jsp, (4) nnm/protected/statuspoll.jsp, or (5) nnm/protected/traceroute.jsp; or (6) field parameter to nmm/validate. NOTE: this might be a duplicate of CVE-2011-4155 or CVE-2011-4156. | |||||
| CVE-2011-3157 | 1 Hp | 2 Data Protector For Personal Computers, Data Protector Notebook Extension | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1225. | |||||
| CVE-2013-2361 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-4830 | 1 Hp | 1 Service Manager | 2025-04-11 | 7.5 HIGH | N/A |
| HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach. | |||||
| CVE-2011-2400 | 1 Hp | 1 Sitescope | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-2722 | 1 Hp | 1 Linux Imaging And Printing Project | 2025-04-11 | 1.2 LOW | N/A |
| The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file. | |||||
| CVE-2011-3168 | 1 Hp | 1 Tcp Ip Services Openvms | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the POP and IMAP service implementations in HP TCP/IP Services 5.6 and 5.7 for OpenVMS allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2010-4032 | 1 Hp | 1 Insight Control Performance Management | 2025-04-11 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2013-2364 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-2352 | 3 Dell, Hp, Ibm | 20 Poweredge 2950, Dl320s, Lefthand Nsm2060 and 17 more | 2025-04-11 | 9.4 HIGH | N/A |
| LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of an unused one-time password. | |||||
| CVE-2011-2779 | 1 Hp | 7 Arcsight C1000 Appliance, Arcsight C1300 Appliance, Arcsight C3200 Appliance and 4 more | 2025-04-11 | 3.6 LOW | N/A |
| Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 uses world-writable permissions for exported report files, which allows local users to change or delete log data by modifying a file, a different vulnerability than CVE-2011-0770. | |||||
| CVE-2013-2358 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360. | |||||
| CVE-2011-0889 | 1 Hp | 1 Client Automation Enterprise | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA or Radia Notify) 5.11, 7.2, 7.5, 7.8, and 7.9 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2010-4112 | 1 Hp | 1 Insight Management Agents | 2025-04-11 | 5.0 MEDIUM | N/A |
| HP Insight Management Agents before 8.6 allows remote attackers to obtain sensitive information via an unspecified request that triggers disclosure of the full path. | |||||
| CVE-2011-0261 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in jovgraph.exe in jovgraph in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a malformed displayWidth option in the arg parameter. | |||||
| CVE-2011-1857 | 1 Hp | 2 Service Center, Service Manager | 2025-04-11 | 8.2 HIGH | N/A |
| Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote authenticated users to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2013-4841 | 1 Hp | 3 Lefthand, Storevirtual 4000, Storevirtual Virtual Storage Appliance | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in HP StoreVirtual 4000 and StoreVirtual VSA Software (formerly LeftHand Virtual SAN Appliance) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1509. | |||||
| CVE-2010-1557 | 1 Hp | 1 Insight Control Server Migration For Windows | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Insight Control Server Migration before 6.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||