Filtered by vendor Hp
Subscriptions
Total
2489 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-0890 | 2 Hp, Microsoft | 2 Discovery\&dependency Mapping Inventory, Windows | 2025-04-11 | N/A |
| HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community. | ||||
| CVE-2013-2339 | 1 Hp | 7 Smart Zero Core, T410 All-in-one Smart Zero Client, T410 Smart Zero Client and 4 more | 2025-04-11 | N/A |
| HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. | ||||
| CVE-2011-2608 | 1 Hp | 2 Openview Performance Agent, Operations Agent | 2025-04-11 | N/A |
| ovbbccb.exe 6.20.50.0 and other versions in HP OpenView Performance Agent 4.70 and 5.0; and Operations Agent 11.0, 8.60.005, 8.60.006, 8.60.007, 8.60.008, 8.60.501, and 8.53; allows remote attackers to delete arbitrary files via a full pathname in the File field in a Register command. | ||||
| CVE-2012-6108 | 1 Hp | 1 Linux Imaging And Printing Project | 2025-04-11 | N/A |
| HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writable permissions for /var/log/hp and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operations. | ||||
| CVE-2011-4790 | 1 Hp | 1 Network Automation | 2025-04-11 | N/A |
| Unspecified vulnerability in HP Network Automation 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2013-4827 | 1 Hp | 2 Imc Service Operation Management Software Module, Intelligent Management Center | 2025-04-11 | N/A |
| SQL injection vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZDI-CAN-1664. | ||||
| CVE-2010-0449 | 1 Hp | 1 Soa Registry Foundation | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2012-3274 | 1 Hp | 1 Intelligent Management Center | 2025-04-11 | N/A |
| Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (IMC) before 5.1 E0101P01 allows remote attackers to execute arbitrary code via vectors related to log data. | ||||
| CVE-2012-2002 | 1 Hp | 1 Snmp Agents For Linux | 2025-04-11 | N/A |
| Open redirect vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2010-1586 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter. | ||||
| CVE-2011-1738 | 1 Hp | 1 Palm Webos | 2025-04-11 | N/A |
| HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access. | ||||
| CVE-2013-4821 | 1 Hp | 1 System Management Homepage | 2025-04-11 | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors. | ||||
| CVE-2011-0770 | 1 Hp | 7 Arcsight C1000 Appliance, Arcsight C1300 Appliance, Arcsight C3200 Appliance and 4 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 allows remote attackers to inject arbitrary web script or HTML via the Windows XP variable in a file. | ||||
| CVE-2011-4791 | 1 Hp | 1 Data Protector Media Operations | 2025-04-11 | N/A |
| DBServer.exe in HP Data Protector Media Operations 6.11 and earlier allows remote attackers to execute arbitrary code via a crafted request containing a large value in a length field. | ||||
| CVE-2011-1729 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-11 | N/A |
| Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message. | ||||
| CVE-2010-1555 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | N/A |
| Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter. | ||||
| CVE-2011-1730 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-11 | N/A |
| Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message. | ||||
| CVE-2013-4830 | 1 Hp | 1 Service Manager | 2025-04-11 | N/A |
| HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach. | ||||
| CVE-2011-2408 | 1 Hp | 1 Palm Webos | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-4805 | 1 Hp | 1 Integrated Lights-out Firmware | 2025-04-11 | N/A |
| Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors. | ||||