Filtered by vendor Hp
Subscribe
Total
2438 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8966 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. | |||||
| CVE-2016-8963 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user. | |||||
| CVE-2016-8961 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. | |||||
| CVE-2016-8535 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 3.5 LOW | 3.5 LOW |
| A remote HTTP parameter Pollution vulnerability in HPE Matrix Operating Environment version 7.6 was found. | |||||
| CVE-2016-8534 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A remote privilege elevation vulnerability in HPE Matrix Operating Environment version 7.6 was found. | |||||
| CVE-2016-8533 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A remote priviledge escalation vulnerability in HPE Matrix Operating Environment version 7.6 was found. | |||||
| CVE-2016-8532 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A cross site scripting vulnerability in HPE Matrix Operating Environment version 7.6 was found. | |||||
| CVE-2016-8531 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A remote information disclosure vulnerability in HPE Matrix Operating Environment version 7.6 was found. | |||||
| CVE-2016-8530 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version. | |||||
| CVE-2016-8529 | 1 Hp | 1 Lefthand | 2024-11-21 | 7.3 HIGH | 7.6 HIGH |
| A Remote Arbitrary Command Execution vulnerability in HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS version v12.5 and earlier was found. The problem was resolved in LeftHand OS v12.6 or any subsequent version. | |||||
| CVE-2016-8527 | 1 Hp | 1 Airwave | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to a reflected cross-site scripting (XSS). The vulnerability is present in the VisualRF component of AirWave. By exploiting this vulnerability, an attacker who can trick a logged-in AirWave administrative user into clicking a link could obtain sensitive information, such as session cookies or passwords. The vulnerability requires that an administrative users click on the malicious link while currently logged into AirWave in the same browser. | |||||
| CVE-2016-8526 | 1 Hp | 1 Airwave | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities (XXE). XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the contents of XML files, XXE can be used as an attack vector. Because the XML parser has access to the local filesystem and runs with the permissions of the web server, it can access any file that is readable by the web server and copy it to an external system of the attacker's choosing. This could include files that contain passwords, which could then lead to privilege escalation. | |||||
| CVE-2016-8525 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A Remote Disclosure of Information vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version. | |||||
| CVE-2016-8523 | 1 Hp | 1 Smart Storage Administrator | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| A Remote Arbitrary Code Execution vulnerability in HPE Smart Storage Administrator version before v2.60.18.0 was found. | |||||
| CVE-2016-8522 | 1 Hp | 1 Diagnostics | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found. | |||||
| CVE-2016-8521 | 1 Hp | 1 Diagnostics | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A Remote click jacking vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found. | |||||
| CVE-2016-8519 | 1 Hp | 1 Operations Orchestration | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found. | |||||
| CVE-2016-8518 | 1 Hp | 1 Systems Insight Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found. | |||||
| CVE-2016-8517 | 1 Hp | 1 Systems Insight Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross site scripting vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found. | |||||
| CVE-2016-8516 | 1 Hp | 1 Systems Insight Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found. | |||||