Filtered by vendor Hp
Subscriptions
Total
2486 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-2644 | 1 Hp | 1 Systems Insight Manager | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2014-2645 | 1 Hp | 1 Systems Insight Manager | 2025-04-12 | N/A |
| HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to conduct clickjacking attacks via unknown vectors. | ||||
| CVE-2014-7884 | 1 Hp | 1 Arcsight Logger | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors. | ||||
| CVE-2014-4661 | 1 Hp | 1 Records Manager | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-5160 | 1 Hp | 1 Data Protector | 2025-04-12 | N/A |
| Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavior is "by design. | ||||
| CVE-2014-7883 | 1 Hp | 1 Universal Configuration Management Database | 2025-04-12 | N/A |
| HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response. | ||||
| CVE-2014-7882 | 1 Hp | 1 Sitescope | 2025-04-12 | N/A |
| Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows remote authenticated users to gain privileges via unknown vectors. | ||||
| CVE-2014-7890 | 1 Hp | 3 Ole Point Of Sale Driver, Pos Keyboard Fk221aa, Pos Keyboard With Msr Fk218aa | 2025-04-12 | N/A |
| The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSToneIndicator.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2510. | ||||
| CVE-2014-2610 | 1 Hp | 1 Executive Scorecard | 2025-04-12 | N/A |
| Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117. | ||||
| CVE-2014-2636 | 1 Hp | 1 Sprinter | 2025-04-12 | N/A |
| Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2336. | ||||
| CVE-2014-2635 | 1 Hp | 1 Sprinter | 2025-04-12 | N/A |
| Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2343. | ||||
| CVE-2014-7898 | 2 Hp, Microsoft | 2 Ole Point Of Sale Driver, Windows | 2025-04-12 | N/A |
| The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2014-2637 | 1 Hp | 1 Sprinter | 2025-04-12 | N/A |
| Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2342. | ||||
| CVE-2015-2117 | 1 Hp | 2 Tippingpoint Security Management System, Tippingpoint Virtual Security Management System | 2025-04-12 | N/A |
| HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS) before 4.1 patch 3 and 4.2 before patch 1 do not require authentication for JBoss RMI requests, which allows remote attackers to execute arbitrary code by (1) uploading this code within an archive or (2) instantiating a class. | ||||
| CVE-2014-2638 | 1 Hp | 1 Sprinter | 2025-04-12 | N/A |
| Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2344. | ||||
| CVE-2015-2903 | 1 Hp | 1 Arcsight Smartconnectors | 2025-04-12 | N/A |
| The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of this password. | ||||
| CVE-2014-2624 | 1 Hp | 1 Network Node Manager I | 2025-04-12 | N/A |
| Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264. | ||||
| CVE-2015-5420 | 1 Hp | 1 Keyview | 2025-04-12 | N/A |
| Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2880. | ||||
| CVE-2014-2604 | 1 Hp | 2 Icewall Mcrp, Icewall Sso | 2025-04-12 | N/A |
| Unspecified vulnerability in HP IceWall SSO 10.0 Dfw and IceWall MCRP 2.1 and 3.0 allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2014-2611 | 1 Hp | 1 Executive Scorecard | 2025-04-12 | N/A |
| Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120. | ||||