Filtered by vendor Hp
Subscriptions
Total
2545 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-2245 | 1 Hp | 1 Support Assistant | 2025-04-12 | N/A |
| HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors. | ||||
| CVE-2016-1994 | 1 Hp | 1 System Management Homepage | 2025-04-12 | N/A |
| HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-2003 | 1 Hp | 2 P9000 Command View Advanced Edition Software, Xp7 Command View Advanced Edition Suite | 2025-04-12 | N/A |
| HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | ||||
| CVE-2015-6859 | 1 Hp | 54 J8692a, J8693a, J8697a and 51 more | 2025-04-12 | N/A |
| HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6860. | ||||
| CVE-2016-2107 | 8 Canonical, Debian, Google and 5 more | 18 Ubuntu Linux, Debian Linux, Android and 15 more | 2025-04-12 | 5.9 Medium |
| The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169. | ||||
| CVE-2016-2177 | 4 Hp, Openssl, Oracle and 1 more | 9 Icewall Mcrp, Icewall Sso, Icewall Sso Agent Option and 6 more | 2025-04-12 | N/A |
| OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. | ||||
| CVE-2015-6858 | 1 Hp | 1 Insight Management | 2025-04-12 | N/A |
| HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2015-6860 | 1 Hp | 54 J8692a, J8693a, J8697a and 51 more | 2025-04-12 | N/A |
| HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6859. | ||||
| CVE-2015-6029 | 1 Hp | 1 Arcsight Logger | 2025-04-12 | N/A |
| HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach. | ||||
| CVE-2015-5447 | 1 Hp | 1 Storeonce Backup System Software | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2015-6857 | 1 Hp | 2 Loadrunner, Performance Center | 2025-04-12 | N/A |
| Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138. | ||||
| CVE-2015-6862 | 1 Hp | 1 Ucmdb Browser | 2025-04-12 | N/A |
| HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors. | ||||
| CVE-2016-2005 | 1 Hp | 1 Data Protector | 2025-04-12 | N/A |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352. | ||||
| CVE-2015-5445 | 1 Hp | 1 Storeonce Backup System Software | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2015-5442 | 1 Hp | 1 Software Update | 2025-04-12 | N/A |
| Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain privileges via unknown vectors. | ||||
| CVE-2014-2634 | 1 Hp | 1 Service Manager | 2025-04-12 | N/A |
| Unspecified vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to bypass intended access restrictions, and modify data or cause a denial of service, via unknown vectors. | ||||
| CVE-2015-5444 | 1 Hp | 1 Smart Profile Server Data Analytics Layer | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Smart Profile Server Data Analytics Layer (SPS DAL) 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2015-5446 | 1 Hp | 1 Storeonce Backup System Software | 2025-04-12 | N/A |
| HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2015-6864 | 1 Hp | 1 Arcsight Logger | 2025-04-12 | N/A |
| HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. | ||||
| CVE-2016-2010 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2011. | ||||