| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username. |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors. |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Insight Control Server Migration before 6.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter. |
| Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683. |
| Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the act and app parameters. |
| Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on HP-UX B.11.31 allows remote authenticated users to cause a denial of service via unknown vectors. |
| Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors. |
| Unspecified vulnerability on HP ProCurve Access Points, Access Controllers, and Mobility Controllers with software 5.1.x through 5.1.9, 5.2.x through 5.2.7, 5.3.x through 5.3.5, and 5.4.x through 5.4.0 allows remote attackers to execute arbitrary code via unknown vectors. |
| Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors. |
| HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to obtain sensitive information via unspecified vectors. |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3) nnm/protected/ping.jsp, (4) nnm/protected/statuspoll.jsp, or (5) nnm/protected/traceroute.jsp; or (6) field parameter to nmm/validate. NOTE: this might be a duplicate of CVE-2011-4155 or CVE-2011-4156. |
| Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows local users to gain privileges via unknown vectors. |
| Unspecified vulnerability in HP System Insight Manager before 6.0 allows remote authenticated users to gain privileges via unknown vectors. |
| Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to execute arbitrary code via unknown vectors. |
| Cross-site request forgery (CSRF) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. |
| Cross-site scripting (XSS) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| Open redirect vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
| ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en. |
