Filtered by vendor Hp
Subscribe
Total
2438 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5796 | 1 Hp | 10 J9623a, J9623a Firmware, J9624a and 7 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| A Remote Cross Site Request Forgery (CSRF) vulnerability in HPE 2620 Series Network Switches version RA.15.05.0006 was found. | |||||
| CVE-2017-5795 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 7.1 HIGH | 6.5 MEDIUM |
| A Local Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) version PLAT 7.2 E0403P06 was found. | |||||
| CVE-2017-5794 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| A Remote Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found. | |||||
| CVE-2017-5793 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| A Remote Arbitrary Code Execution vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found. | |||||
| CVE-2017-5792 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. | |||||
| CVE-2017-5791 | 1 Hp | 1 Intelligent Management Center Plat | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI. | |||||
| CVE-2017-5790 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found. | |||||
| CVE-2017-5789 | 1 Hp | 2 Loadrunner, Performance Center | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow. | |||||
| CVE-2017-5788 | 1 Hp | 2 Nonstop Server, Nonstop Server Software | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found. | |||||
| CVE-2017-5787 | 1 Hp | 1 Version Control Repository Manager | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| A remote denial of service vulnerability in HPE Version Control Repository Manager (VCRM) in all versions prior to 7.6 was found. | |||||
| CVE-2017-5786 | 1 Hp | 12 Officeconnect 1820 24g Poe\+ \(185w\) Switch J9983a, Officeconnect 1820 24g Poe\+ \(185w\) Switch J9983a Firmware, Officeconnect 1820 24g Switch J9980a and 9 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A local Unauthorized Data Modification vulnerability in HPE OfficeConnect Network Switches version PT.02.01 including PT.01.03 through PT.01.14 | |||||
| CVE-2017-5785 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| A remote information disclosure vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-5784 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 5.8 MEDIUM | 6.5 MEDIUM |
| A missing HSTS Header vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-5783 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A remote clickjacking vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-5782 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| A missing HSTS Header vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-5781 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A CSRF vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-5780 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A remote clickjacking vulnerability in HPE Matrix Operating Environment version v7.6 was found. | |||||
| CVE-2017-5641 | 2 Apache, Hp | 2 Flex Blazeds, Xp Command View Advanced Edition | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution. | |||||
| CVE-2017-5638 | 7 Apache, Arubanetworks, Hp and 4 more | 13 Struts, Clearpass Policy Manager, Server Automation and 10 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. | |||||
| CVE-2017-3733 | 2 Hp, Openssl | 2 Operations Agent, Openssl | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected. | |||||