Filtered by vendor Hp
Subscribe
Total
2498 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-2603 | 1 Hp | 7 8\/20q Fibre Channel Switch 16 Port, 8\/20q Fibre Channel Switch 8 Port, 8gb Simple San Connection Kit and 4 more | 2025-04-12 | 1.7 LOW | N/A |
| Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and 8Gb Simple SAN Connection Kit with firmware before 8.0.14.08.00 allows remote authenticated users to obtain sensitive information via unknown vectors. | |||||
| CVE-2015-2902 | 1 Hp | 1 Arcsight Smartconnectors | 2025-04-12 | 6.8 MEDIUM | N/A |
| HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-2014 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | 8.5 HIGH | 8.1 HIGH |
| HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors. | |||||
| CVE-2016-0728 | 5 Canonical, Debian, Google and 2 more | 5 Ubuntu Linux, Debian Linux, Android and 2 more | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. | |||||
| CVE-2015-5404 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2025-04-12 | 7.5 HIGH | N/A |
| HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2015-5367 | 1 Hp | 39 Elite X2 1010 G2, Elitebook 1040 G1, Elitebook 1040 G2 and 36 more | 2025-04-12 | 6.9 MEDIUM | N/A |
| The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2016-2000 | 1 Hp | 2 Asset Manager, Asset Manager Cloudsystem Chargeback | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | |||||
| CVE-2016-4373 | 1 Hp | 1 Operations Manager | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | |||||
| CVE-2015-5446 | 1 Hp | 1 Storeonce Backup System Software | 2025-04-12 | 5.8 MEDIUM | 7.5 HIGH |
| HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2015-5418 | 1 Hp | 1 Keyview | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2877. | |||||
| CVE-2016-2001 | 1 Hp | 1 Universal Cmbd Foundation | 2025-04-12 | 5.8 MEDIUM | 7.4 HIGH |
| HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors. | |||||
| CVE-2016-4393 | 1 Hp | 1 System Management Homepage | 2025-04-12 | 3.5 LOW | 5.4 MEDIUM |
| HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue. | |||||
| CVE-2016-4386 | 1 Hp | 1 Network Automation | 2025-04-12 | 6.9 MEDIUM | 7.8 HIGH |
| HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified vectors. | |||||
| CVE-2015-4000 | 12 Apple, Canonical, Debian and 9 more | 25 Iphone Os, Mac Os X, Safari and 22 more | 2025-04-12 | 4.3 MEDIUM | 3.7 LOW |
| The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. | |||||
| CVE-2014-4661 | 1 Hp | 1 Records Manager | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-7897 | 1 Hp | 7 2d Value Wireless Scanner K3l28aa, Imaging Barcode Scanner Bw868aa, Linear Barcode Scanner Qy405aa and 4 more | 2025-04-12 | 10.0 HIGH | N/A |
| The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSScanner.ocx for Imaging Barcode scanners, Linear Barcode scanners, Presentation Barcode scanners, Retail Integrated Barcode scanners, Wireless Barcode scanners, and 2D Value Wireless scanners. | |||||
| CVE-2014-2604 | 1 Hp | 2 Icewall Mcrp, Icewall Sso | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP IceWall SSO 10.0 Dfw and IceWall MCRP 2.1 and 3.0 allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2014-2624 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264. | |||||
| CVE-2015-2106 | 1 Hp | 3 Integrated Lights-out 2 Firmware, Integrated Lights-out 3 Firmware, Integrated Lights-out 4 Firmware | 2025-04-12 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors. | |||||
| CVE-2014-3956 | 4 Fedoraproject, Freebsd, Hp and 1 more | 4 Fedora, Freebsd, Hpux and 1 more | 2025-04-12 | 1.9 LOW | N/A |
| The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program. | |||||