| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850. |
| The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765. |
| Unspecified vulnerability in HP Network Node Manager (NNM) 8.10, 8.11, 8.12, and 8.13 allows remote attackers to execute arbitrary commands via unknown vectors. |
| Cross-site scripting (XSS) vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| Unspecified vulnerability in HP Insight Recovery before 6.2 allows remote attackers to read arbitrary files via unknown vectors. |
| Unspecified vulnerability in the client component in HP Application LifeCycle Management (ALM) before 11 p11 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1327. |
| Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326. |
| HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach. |
| SQL injection vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZDI-CAN-1664. |
| Unspecified vulnerability in Device Manager in HP XP P9000 Command View Advanced Edition before 7.4.0-00 allows remote attackers to cause a denial of service via unknown vectors. |
| Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux or ICE-LX) 2.11 and earlier allows local users to gain privileges via unknown vectors. |
| HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writable permissions for /var/log/hp and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operations. |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1659. |
| Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter. |
| Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long HTTP request to nnmrptconfig.exe. |
| Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller, Firewall, Router, Switch, and Switch and Route Processing Unit products; and certain Huawei Firewall/Gateway, Router, Switch, and Wireless products do not properly implement access control as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0, which allows remote authenticated users to discover credentials in UserInfoEntry values via an SNMP request with the read-only community. |
| Open redirect vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
| Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors. |
