Filtered by vendor Hp
Subscriptions
Total
2545 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-2639 | 1 Hp | 1 Mpio Device Specific Module Manager | 2025-04-12 | N/A |
| Unspecified vulnerability in HP MPIO Device Specific Module Manager before 4.02.00 allows local users to gain privileges via unknown vectors. | ||||
| CVE-2015-2902 | 1 Hp | 1 Arcsight Smartconnectors | 2025-04-12 | N/A |
| HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate. | ||||
| CVE-2014-2610 | 1 Hp | 1 Executive Scorecard | 2025-04-12 | N/A |
| Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117. | ||||
| CVE-2016-5387 | 8 Apache, Canonical, Debian and 5 more | 22 Http Server, Ubuntu Linux, Debian Linux and 19 more | 2025-04-12 | 8.1 High |
| The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability. | ||||
| CVE-2014-2607 | 1 Hp | 1 Operations Manager I | 2025-04-12 | N/A |
| Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role. | ||||
| CVE-2015-2113 | 1 Hp | 9 Easy Tools, T510, T520 and 6 more | 2025-04-12 | N/A |
| Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2014-2645 | 1 Hp | 1 Systems Insight Manager | 2025-04-12 | N/A |
| HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to conduct clickjacking attacks via unknown vectors. | ||||
| CVE-2014-2609 | 1 Hp | 1 Executive Scorecard | 2025-04-12 | N/A |
| The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116. | ||||
| CVE-2016-2246 | 1 Hp | 1 Thinpro | 2025-04-12 | N/A |
| HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspecified vectors. | ||||
| CVE-2015-2120 | 1 Hp | 1 Sitescope | 2025-04-12 | N/A |
| Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24.391, and 11.3x before 11.30.521 allows remote authenticated users to gain privileges via unknown vectors, aka ZDI-CAN-2567. | ||||
| CVE-2014-2620 | 1 Hp | 2 Imc Branch Intelligent Management System Software Module, Intelligent Management Center | 2025-04-12 | N/A |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2089. | ||||
| CVE-2015-5413 | 1 Hp | 1 Version Control Repository Manager | 2025-04-12 | N/A |
| HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain privileges and obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-5388 | 4 Apache, Hp, Oracle and 1 more | 13 Tomcat, System Management Homepage, Linux and 10 more | 2025-04-12 | N/A |
| Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability. | ||||
| CVE-2015-8241 | 5 Canonical, Debian, Hp and 2 more | 11 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 8 more | 2025-04-12 | N/A |
| The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data. | ||||
| CVE-2013-6204 | 1 Hp | 1 Application Information Optimizer | 2025-04-12 | N/A |
| The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004. | ||||
| CVE-2014-2604 | 1 Hp | 2 Icewall Mcrp, Icewall Sso | 2025-04-12 | N/A |
| Unspecified vulnerability in HP IceWall SSO 10.0 Dfw and IceWall MCRP 2.1 and 3.0 allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2014-2614 | 1 Hp | 1 Sitescope | 2025-04-12 | N/A |
| Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and 11.2x through 11.24 allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-2140. | ||||
| CVE-2016-2245 | 1 Hp | 1 Support Assistant | 2025-04-12 | N/A |
| HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors. | ||||
| CVE-2015-5402 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | N/A |
| HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows local users to gain privileges, and consequently obtain sensitive information, modify data, or cause a denial of service, via unspecified vectors. | ||||
| CVE-2013-6213 | 1 Hp | 1 Loadrunner | 2025-04-12 | N/A |
| Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833. | ||||