Filtered by vendor Hp
Subscribe
Total
2498 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6852 | 1 Hp | 1 2620-24-poe\+ Switch | 2025-04-11 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in html/json.html on HP 2620 switches allows remote attackers to hijack the authentication of administrators for requests that change an administrative password via the setPassword method. | |||||
| CVE-2009-4000 | 1 Hp | 1 Power Manager | 2025-04-11 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter. | |||||
| CVE-2010-4025 | 1 Hp | 1 Palm Webos | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted document, as demonstrated by a Word document. | |||||
| CVE-2012-2291 | 3 Apple, Emc, Hp | 4 Mac Os X, Avamar, Avamar Plugin and 1 more | 2025-04-11 | 7.2 HIGH | N/A |
| EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack. | |||||
| CVE-2010-3012 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error. | |||||
| CVE-2012-5204 | 1 Hp | 2 Intelligent Management Center, Intelligent Management Center For Automated Network Manager | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1614. | |||||
| CVE-2010-1586 | 1 Hp | 1 System Management Homepage | 2025-04-11 | 4.3 MEDIUM | N/A |
| Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter. | |||||
| CVE-2013-4807 | 1 Hp | 18 Hotspot Laserjet Pro M1218nfs Mfp, Hotspot Laserjet Pro M1218nfs Mfp Firmware, Laserjet Pro Cp1025nw and 15 more | 2025-04-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability on the HP LaserJet Pro P1102w, P1606dn, M1212nf MFP, M1213nf MFP, M1214nfh MFP, M1216nfh MFP, M1217nfw MFP, M1218nfs MFP, and CP1025nw with firmware before 2013-07-26 20130703 allows remote attackers to modify data via unknown vectors. | |||||
| CVE-2010-0451 | 1 Hp | 1 Hp-ux | 2025-04-11 | 4.0 MEDIUM | N/A |
| The installation process for NFS/ONCplus B.11.31_08 and earlier on HP HP-UX B.11.31 changes the NFS_SERVER setting in the nfsconf file, which might allow remote attackers to obtain filesystem access via NFS requests. | |||||
| CVE-2011-1535 | 1 Hp | 1 Insight Control For Linux | 2025-04-11 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. | |||||
| CVE-2011-3160 | 1 Hp | 2 Data Protector For Personal Computers, Data Protector Notebook Extension | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1228. | |||||
| CVE-2011-0890 | 2 Hp, Microsoft | 2 Discovery\&dependency Mapping Inventory, Windows | 2025-04-11 | 5.0 MEDIUM | N/A |
| HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community. | |||||
| CVE-2011-1536 | 1 Hp | 1 Performance Insight | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Performance Insight 5.0, 5.1x. 5.2x, 5.3x, 5.4, 5.41, and 5.41.002 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2013-6189 | 1 Hp | 1 Application Information Optimizer | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Archive Query Server in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, and 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1666. | |||||
| CVE-2013-2367 | 1 Hp | 1 Sitescope | 2025-04-11 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678. | |||||
| CVE-2010-3989 | 1 Hp | 1 Insight Control Virtual Machine Management | 2025-04-11 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2013-4828 | 1 Hp | 22 Color Laserjet Cm4540, Color Laserjet Cm4540f, Color Laserjet Cm4540fskm and 19 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices do not properly encrypt PDF documents, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2012-3262 | 1 Hp | 1 Sitescope | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464. | |||||
| CVE-2011-2407 | 1 Hp | 1 Openview Performance Insight | 2025-04-11 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors. | |||||
| CVE-2012-0130 | 1 Hp | 1 Onboard Administrator | 2025-04-11 | 5.0 MEDIUM | N/A |
| HP Onboard Administrator (OA) before 3.50 allows remote attackers to obtain sensitive information via unspecified vectors. | |||||