Filtered by vendor Hp
Subscribe
Total
2475 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4810 | 1 Hp | 2 Application Lifecycle Management, Procurve Manager | 2025-10-22 | 10.0 HIGH | 9.8 CRITICAL |
| HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874. | |||||
| CVE-2012-1823 | 8 Apple, Debian, Fedoraproject and 5 more | 17 Mac Os X, Debian Linux, Fedora and 14 more | 2025-10-22 | 7.5 HIGH | 9.8 CRITICAL |
| sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. | |||||
| CVE-2005-2773 | 1 Hp | 1 Openview Network Node Manager | 2025-10-22 | 7.5 HIGH | 9.8 CRITICAL |
| HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl. | |||||
| CVE-2017-5638 | 7 Apache, Arubanetworks, Hp and 4 more | 13 Struts, Clearpass Policy Manager, Server Automation and 10 more | 2025-10-22 | 10.0 HIGH | 9.8 CRITICAL |
| The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. | |||||
| CVE-2015-8651 | 9 Adobe, Apple, Google and 6 more | 22 Air, Air Sdk, Air Sdk \& Compiler and 19 more | 2025-10-22 | 9.3 HIGH | 8.8 HIGH |
| Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2015-3113 | 8 Adobe, Apple, Hp and 5 more | 18 Flash Player, Mac Os X, Insight Orchestration and 15 more | 2025-10-22 | 10.0 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. | |||||
| CVE-2025-43489 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 5.2 MEDIUM |
| A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could deserialize untrusted data without validation. HP has addressed the issue in the latest software update. | |||||
| CVE-2025-43020 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 6.8 MEDIUM |
| A potential command injection vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could allow a privileged user to submit arbitrary input. HP has addressed the issue in the latest software update. | |||||
| CVE-2025-43021 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 5.7 MEDIUM |
| A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update. | |||||
| CVE-2025-43022 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 7.2 HIGH |
| A potential SQL injection vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow a privileged user to execute SQL commands. HP has addressed the issue in the latest software update. | |||||
| CVE-2025-43483 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 5.7 MEDIUM |
| A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the retrieval of hardcoded cryptographic keys. HP has addressed the issue in the latest software update. | |||||
| CVE-2025-43484 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 6.1 MEDIUM |
| A potential reflected cross-site scripting vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The website does not validate or sanitize the user input before rendering it in the response. HP has addressed the issue in the latest software update. | |||||
| CVE-2025-43485 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 4.5 MEDIUM |
| A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could potentially allow a privileged user to retrieve credentials from the log files. HP has addressed the issue in the latest software update. | |||||
| CVE-2025-43486 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 4.8 MEDIUM |
| A potential stored cross-site scripting vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The website allows user input to be stored and rendered without proper sanitization. HP has addressed the issue in the latest software update. | |||||
| CVE-2025-43487 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 6.8 MEDIUM |
| A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The firmware flaw does not properly implement access controls. HP has addressed the issue in the latest software update. | |||||
| CVE-2025-43488 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 4.8 MEDIUM |
| A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could allow a bypass of the application's XSS filter by submitting untrusted characters. HP has addressed the issue in the latest software update. | |||||
| CVE-2024-41913 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 8.8 HIGH |
| A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly sanitize User input. | |||||
| CVE-2024-41911 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 5.4 MEDIUM |
| A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation. | |||||
| CVE-2024-41912 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 9.8 CRITICAL |
| A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly implement access controls. | |||||
| CVE-2024-41910 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 6.1 MEDIUM |
| A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XSS vulnerabilities in the version of JavaScript used. | |||||