Filtered by vendor Hp
Subscriptions
Total
2509 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-2291 | 3 Apple, Emc, Hp | 4 Mac Os X, Avamar, Avamar Plugin and 1 more | 2025-04-11 | N/A |
| EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack. | ||||
| CVE-2011-0274 | 1 Hp | 2 Business Availability Center, Business Service Management | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 and 8.x through 8.05, and Business Service Management (BSM) through 9.01, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-2331 | 1 Hp | 1 Intelligent Management Center | 2025-04-11 | N/A |
| Integer overflow in img.exe in HP Intelligent Management Center (IMC) allows remote attackers to execute arbitrary code via a crafted length value in an a packet that triggers a heap-based buffer overflow, possibly related to an "recv" field. | ||||
| CVE-2011-2328 | 1 Hp | 1 Loadrunner | 2025-04-11 | N/A |
| Buffer overflow in HP LoadRunner allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a .usr (aka Virtual User script) file with long directives. | ||||
| CVE-2013-2367 | 1 Hp | 1 Sitescope | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678. | ||||
| CVE-2013-2361 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-1963 | 1 Hp | 1 Servicecenter | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP ServiceCenter allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-0271 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | N/A |
| The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability." | ||||
| CVE-2013-2363 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356. | ||||
| CVE-2013-2368 | 1 Hp | 1 Loadrunner | 2025-04-11 | N/A |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to cause a denial of service via unknown vectors, aka ZDI-CAN-1669. | ||||
| CVE-2012-2022 | 1 Hp | 1 Network Node Manager I | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-2350 | 1 Hp | 1 Storage Data Protector | 2025-04-11 | N/A |
| Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1897. | ||||
| CVE-2013-2352 | 3 Dell, Hp, Ibm | 20 Poweredge 2950, Dl320s, Lefthand Nsm2060 and 17 more | 2025-04-11 | N/A |
| LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of an unused one-time password. | ||||
| CVE-2011-0270 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | N/A |
| Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name. | ||||
| CVE-2013-2348 | 1 Hp | 1 Storage Data Protector | 2025-04-11 | N/A |
| Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1892. | ||||
| CVE-2013-2353 | 1 Hp | 1 Storeonce D2d | 2025-04-11 | N/A |
| Unspecified vulnerability in HP StoreOnce D2D Backup System 1.x before 1.2.19 and 2.x before 2.3.0 allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2011-1483 | 2 Hp, Redhat | 8 Network Node Manager I, Jboss Communications Platform, Jboss Enterprise Application Platform and 5 more | 2025-04-11 | N/A |
| wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564. | ||||
| CVE-2013-4845 | 1 Hp | 2 Officejet Pro 8500, Officejet Pro 8500 Firmware | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability on HP Officejet Pro 8500 (aka A909) All-in-One printers allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-2021 | 1 Hp | 1 Assetmanager | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-2359 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360. | ||||