Filtered by vendor Hp
Subscribe
Total
2421 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4836 | 1 Hp | 2 Alm Synchronizer, Application Lifecycle Management | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759. | |||||
| CVE-2011-0898 | 1 Hp | 1 Network Node Manager I | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.00 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-6197 | 1 Hp | 3 Service Manager, Service Manager Web Client, Service Manager Web Tier | 2025-04-11 | 5.2 MEDIUM | N/A |
| Unspecified vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote authenticated users to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-1727 | 1 Hp | 1 Sitescope | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue. | |||||
| CVE-2011-1738 | 1 Hp | 1 Palm Webos | 2025-04-11 | 7.2 HIGH | N/A |
| HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access. | |||||
| CVE-2013-6193 | 1 Hp | 25 Color Laserjet Cm1312nfi Multifunction Printer, Color Laserjet Cm2320n Multifunction Printer, Color Laserjet Cp1515 and 22 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability on HP LaserJet M1522n and M2727; LaserJet Pro 100, 300, 400, CM1415fnw, CP1*, M121*, M1536dnf, and P1*; Color LaserJet CM* and CP*; and TopShot LaserJet Pro M275 printers allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2011-1857 | 1 Hp | 2 Service Center, Service Manager | 2025-04-11 | 8.2 HIGH | N/A |
| Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote authenticated users to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2013-4797 | 1 Hp | 1 Loadrunner | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690. | |||||
| CVE-2011-2408 | 1 Hp | 1 Palm Webos | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-3257 | 1 Hp | 1 Business Availability Center | 2025-04-11 | 4.6 MEDIUM | N/A |
| HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors. | |||||
| CVE-2013-2336 | 1 Hp | 2 Service Center, Service Manager | 2025-04-11 | 5.0 MEDIUM | N/A |
| HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-4835 | 1 Hp | 1 Sitescope | 2025-04-11 | 7.5 HIGH | N/A |
| The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765. | |||||
| CVE-2011-1544 | 1 Hp | 1 Insight Control Performance Management | 2025-04-11 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Insight Control Performance Management before 6.3 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2012-3248 | 1 Hp | 1 Fortify Software Security Center | 2025-04-11 | 5.0 MEDIUM | N/A |
| HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2012-2014 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2025-04-11 | 9.0 HIGH | N/A |
| HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors. | |||||
| CVE-2011-1537 | 1 Hp | 1 Proliant Support Pack | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-5206 | 1 Hp | 2 Intelligent Management Center, Intelligent Management Center For Automated Network Manager | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1660. | |||||
| CVE-2011-1867 | 1 Hp | 3 Endpoint Admission Defense, Intelligent Management Center, User Access Manager | 2025-04-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in iNodeMngChecker.exe in the User Access Manager (UAM) 5.0 before SP1 E0101P03 and Endpoint Admission Defense (EAD) 5.0 before SP1 E0101P03 components in HP Intelligent Management Center (aka iNode Management Center) allows remote attackers to execute arbitrary code via a 0x0A0BF007 packet. | |||||
| CVE-2011-1860 | 1 Hp | 2 Service Center, Service Manager | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to capture HTTP session credentials via unknown vectors. | |||||
| CVE-2013-6191 | 1 Hp | 1 Operations Orchestration | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||