Filtered by vendor Hp
Subscriptions
Total
2469 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-2401 | 1 Hp | 1 Sitescope | 2025-04-11 | N/A |
| Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2013-4810 | 1 Hp | 2 Application Lifecycle Management, Procurve Manager | 2025-04-11 | 9.8 Critical |
| HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874. | ||||
| CVE-2013-4802 | 1 Hp | 1 Application Lifecycle Management | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Application Lifecycle Management (ALM) Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ZDI-CAN-1565. | ||||
| CVE-2011-1863 | 1 Hp | 2 Service Center, Service Manager | 2025-04-11 | N/A |
| HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allow remote authenticated users to conduct unspecified script injection attacks via unknown vectors. | ||||
| CVE-2013-4805 | 1 Hp | 1 Integrated Lights-out Firmware | 2025-04-11 | N/A |
| Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors. | ||||
| CVE-2011-1864 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-11 | N/A |
| Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2011-1862 | 1 Hp | 2 Service Center, Service Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-4784 | 1 Hp | 1 Integrated Lights-out Bmc | 2025-04-11 | N/A |
| The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. | ||||
| CVE-2013-4806 | 1 Hp | 17 3com Router, 5500-24g-4sfp Hi Switch With 2 Interface Slots, 5500-24g-poe Ei Switch and 14 more | 2025-04-11 | N/A |
| The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | ||||
| CVE-2011-2402 | 1 Hp | 1 Network Automation | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-1860 | 1 Hp | 2 Service Center, Service Manager | 2025-04-11 | N/A |
| Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to capture HTTP session credentials via unknown vectors. | ||||
| CVE-2013-4325 | 2 Hp, Redhat | 2 Linux Imaging And Printing Project, Enterprise Linux | 2025-04-11 | N/A |
| The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process. | ||||
| CVE-2011-1861 | 1 Hp | 2 Service Center, Service Manager | 2025-04-11 | N/A |
| Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors. | ||||
| CVE-2011-1859 | 1 Hp | 2 Service Center, Service Manager | 2025-04-11 | N/A |
| Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2011-1865 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-11 | N/A |
| Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters. | ||||
| CVE-2013-4797 | 1 Hp | 1 Loadrunner | 2025-04-11 | N/A |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690. | ||||
| CVE-2013-4807 | 1 Hp | 18 Hotspot Laserjet Pro M1218nfs Mfp, Hotspot Laserjet Pro M1218nfs Mfp Firmware, Laserjet Pro Cp1025nw and 15 more | 2025-04-11 | N/A |
| Unspecified vulnerability on the HP LaserJet Pro P1102w, P1606dn, M1212nf MFP, M1213nf MFP, M1214nfh MFP, M1216nfh MFP, M1217nfw MFP, M1218nfs MFP, and CP1025nw with firmware before 2013-07-26 20130703 allows remote attackers to modify data via unknown vectors. | ||||
| CVE-2013-4818 | 1 Hp | 4 Icewall File Manager, Icewall Smart Device Option, Icewall Sso Agent and 1 more | 2025-04-11 | N/A |
| Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall SSO Agent Option 8.0 through 10.0, IceWall SSO Smart Device Option 10.0, and IceWall File Manager 3.0 through SP4 allows remote attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2013-3573 | 1 Hp | 1 Insight Diagnostics | 2025-04-11 | N/A |
| HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors. | ||||
| CVE-2011-1853 | 1 Hp | 1 Intelligent Management Center | 2025-04-11 | N/A |
| tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a (1) large or (2) invalid opcode field, related to a function pointer table. | ||||