Filtered by vendor Hp
Subscriptions
Total
2511 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-0924 | 1 Hp | 1 Data Protector | 2025-04-11 | N/A |
| The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omni_chk_ds.sh. | ||||
| CVE-2012-3273 | 1 Hp | 2 Laserjet Pro Mfp M401, Laserjet Pro Mfp M425 | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities on the HP LaserJet Pro 400 MFP M425 with firmware 20120625 and LaserJet 400 M401 with firmware 20120621 allow remote attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2012-3272 | 1 Hp | 7 Color Laserjet Cm3530, Color Laserjet Cm60xx, Color Laserjet Cp3525 and 4 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability on the HP Color LaserJet CM3530 with firmware before 53.190.9, Color LaserJet CM60xx with firmware before 52.210.9, Color LaserJet CP3525 with firmware before 06.140.3 18, Color LaserJet CP4xxx with firmware before 07.120.6, Color LaserJet CP6015 with firmware before 04.160.3, LaserJet P3015 with firmware before 07.140.3, and LaserJet P4xxx with firmware before 04.170.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-3574 | 1 Hp | 1 Insight Diagnostics | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter. | ||||
| CVE-2012-3255 | 1 Hp | 1 Business Availability Center | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-3254 | 1 Hp | 1 Inode Management Center Pc | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by a stack-based buffer overflow in iNodeMngChecker.exe for a crafted 0x0A0BF007 packet. | ||||
| CVE-2011-0267 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | N/A |
| Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266. | ||||
| CVE-2012-3252 | 1 Hp | 1 Serviceguard | 2025-04-11 | N/A |
| Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2012-3250 | 1 Hp | 2 Service Center Server, Service Manager Server | 2025-04-11 | N/A |
| Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and 9.30, and HP Service Center Server 6.28, allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2012-3248 | 1 Hp | 1 Fortify Software Security Center | 2025-04-11 | N/A |
| HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2012-2986 | 1 Hp | 2 San\/iq, Virtual San Appliance | 2025-04-11 | N/A |
| lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361. | ||||
| CVE-2011-0266 | 1 Hp | 1 Openview Network Node Manager | 2025-04-11 | N/A |
| Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long nameParams parameter, a different vulnerability than CVE-2011-0267.2. | ||||
| CVE-2012-0129 | 1 Hp | 1 Onboard Administrator | 2025-04-11 | N/A |
| HP Onboard Administrator (OA) before 3.50 allows remote attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. | ||||
| CVE-2012-2960 | 1 Hp | 4 Arcsight Connector Appliance, Arcsight Connector Appliance Firmware, Arcsight Logger Appliance and 1 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the import functionality in HP ArcSight Connector appliance 6.2.0.6244.0 and ArcSight Logger appliance 5.2.0.6288.0 allows remote attackers to inject arbitrary web script or HTML via a crafted file. | ||||
| CVE-2012-2291 | 3 Apple, Emc, Hp | 4 Mac Os X, Avamar, Avamar Plugin and 1 more | 2025-04-11 | N/A |
| EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack. | ||||
| CVE-2012-4362 | 1 Hp | 2 San\/iq, Virtual San Appliance | 2025-04-11 | N/A |
| hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838. | ||||
| CVE-2012-2021 | 1 Hp | 1 Assetmanager | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-2022 | 1 Hp | 1 Network Node Manager I | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-1378 | 2 Hp, Ibm | 2 Openvms, Websphere Mq | 2025-04-11 | N/A |
| IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM group are established, does not properly verify User Authorization File (UAF) data, which allows local users to kill listener processes and the command server via a control command. | ||||
| CVE-2012-3284 | 1 Hp | 2 Lefthand P4000 Virtual San Appliance, San\/iq | 2025-04-11 | N/A |
| Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512. | ||||