Filtered by vendor Hp
Subscribe
Total
2438 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-3143 | 5 Apple, Canonical, Debian and 2 more | 6 Mac Os X, Ubuntu Linux, Debian Linux and 3 more | 2024-11-21 | 5.0 MEDIUM | N/A |
| cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. | |||||
| CVE-2015-3113 | 8 Adobe, Apple, Hp and 5 more | 18 Flash Player, Mac Os X, Insight Orchestration and 15 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. | |||||
| CVE-2015-2903 | 1 Hp | 1 Arcsight Smartconnectors | 2024-11-21 | 6.9 MEDIUM | N/A |
| The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of this password. | |||||
| CVE-2015-2902 | 1 Hp | 1 Arcsight Smartconnectors | 2024-11-21 | 6.8 MEDIUM | N/A |
| HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-2802 | 4 Hp, Linux, Microsoft and 1 more | 6 Asset Manager, Asset Manager Cloudsystem Chargeback, Sitescope and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability. | |||||
| CVE-2015-2202 | 2 Arubanetworks, Hp | 2 Airwave, Airwave | 2024-11-21 | N/A | 7.2 HIGH |
| Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS. | |||||
| CVE-2015-2201 | 2 Arubanetworks, Hp | 2 Airwave, Airwave | 2024-11-21 | N/A | 7.2 HIGH |
| Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users. | |||||
| CVE-2015-2140 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-11-21 | 6.5 MEDIUM | N/A |
| HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2015-2139 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-11-21 | 4.0 MEDIUM | N/A |
| HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5403. | |||||
| CVE-2015-2137 | 1 Hp | 1 Operations Manager I | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Operations Manager i (OMi) 9.22, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2015-2136 | 1 Hp | 1 Arcsight Logger | 2024-11-21 | 4.0 MEDIUM | N/A |
| HP ArcSight Logger before 6.0 P2 allows remote authenticated users to bypass the intended authorization policy via unspecified vectors. | |||||
| CVE-2015-2135 | 1 Hp | 1 Intelligent Provisioning | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Intelligent Provisioning 1.00 through 1.62(a), 2.00, and 2.10 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2015-2134 | 1 Hp | 1 System Management Homepage | 2024-11-21 | 6.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2015-2132 | 1 Hp | 1 Operations Manager I | 2024-11-21 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in the execve system-call implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors. | |||||
| CVE-2015-2126 | 1 Hp | 1 Hp-ux | 2024-11-21 | 7.2 HIGH | N/A |
| Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions. | |||||
| CVE-2015-2125 | 1 Hp | 1 Webinspect | 2024-11-21 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2015-2124 | 1 Hp | 2 Smart Zero Core, Thinpro Linux | 2024-11-21 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors. | |||||
| CVE-2015-2123 | 1 Hp | 1 Nonstop Safeguard Security | 2024-11-21 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP NonStop Safeguard Security Software H06.x, L15.02, and J06.x before J06.19 allows remote authenticated users to gain privileges by leveraging Expand access. | |||||
| CVE-2015-2122 | 1 Hp | 1 Sdn Van Controller | 2024-11-21 | 7.8 HIGH | N/A |
| The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows remote attackers to cause a denial of service via network traffic to the REST port. | |||||
| CVE-2015-2121 | 1 Hp | 1 Network Virtualization | 2024-11-21 | 7.8 HIGH | N/A |
| HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569. | |||||