Filtered by vendor Hp
Subscribe
Total
2438 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4358 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-11-21 | 4.8 MEDIUM | 8.1 HIGH |
| HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029. | |||||
| CVE-2016-4357 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
| HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2028. | |||||
| CVE-2016-3710 | 7 Canonical, Citrix, Debian and 4 more | 15 Ubuntu Linux, Xenserver, Debian Linux and 12 more | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
| The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue. | |||||
| CVE-2016-3705 | 5 Canonical, Debian, Hp and 2 more | 6 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references. | |||||
| CVE-2016-3627 | 7 Canonical, Debian, Hp and 4 more | 14 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 11 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document. | |||||
| CVE-2016-3092 | 4 Apache, Canonical, Debian and 1 more | 6 Commons Fileupload, Tomcat, Ubuntu Linux and 3 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string. | |||||
| CVE-2016-2776 | 3 Hp, Isc, Oracle | 5 Hp-ux, Bind, Linux and 2 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. | |||||
| CVE-2016-2775 | 4 Fedoraproject, Hp, Isc and 1 more | 9 Fedora, Hp-ux, Bind and 6 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol. | |||||
| CVE-2016-2246 | 1 Hp | 1 Thinpro | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspecified vectors. | |||||
| CVE-2016-2245 | 1 Hp | 1 Support Assistant | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors. | |||||
| CVE-2016-2244 | 1 Hp | 55 A2w75a, A2w76a, A2w77a and 52 more | 2024-11-21 | 5.0 MEDIUM | 5.9 MEDIUM |
| HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-2243 | 3 Hp, Samsung, Zyxel | 30 1000 Series Firmware, 700 Series Firmware, 800 Series Firmware and 27 more | 2024-11-21 | 5.4 MEDIUM | 7.9 HIGH |
| Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access. | |||||
| CVE-2016-2182 | 3 Hp, Openssl, Oracle | 6 Icewall Federation Agent, Icewall Mcrp, Icewall Sso and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2016-2177 | 3 Hp, Openssl, Oracle | 6 Icewall Mcrp, Icewall Sso, Icewall Sso Agent Option and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. | |||||
| CVE-2016-2107 | 8 Canonical, Debian, Google and 5 more | 15 Ubuntu Linux, Debian Linux, Android and 12 more | 2024-11-21 | 2.6 LOW | 5.9 MEDIUM |
| The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169. | |||||
| CVE-2016-2030 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and CVE-2016-2022. | |||||
| CVE-2016-2029 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4358. | |||||
| CVE-2016-2028 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4357. | |||||
| CVE-2016-2027 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2026. | |||||
| CVE-2016-2026 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2027. | |||||