Filtered by vendor Hp
Subscribe
Total
2438 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4805 | 1 Hp | 1 Integrated Lights-out Firmware | 2024-11-21 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors. | |||||
| CVE-2013-4802 | 1 Hp | 1 Application Lifecycle Management | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Application Lifecycle Management (ALM) Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ZDI-CAN-1565. | |||||
| CVE-2013-4801 | 1 Hp | 1 Loadrunner | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1736. | |||||
| CVE-2013-4800 | 1 Hp | 1 Loadrunner | 2024-11-21 | 9.3 HIGH | N/A |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735. | |||||
| CVE-2013-4799 | 1 Hp | 1 Loadrunner | 2024-11-21 | 7.6 HIGH | N/A |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1734. | |||||
| CVE-2013-4798 | 1 Hp | 1 Loadrunner | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705. | |||||
| CVE-2013-4797 | 1 Hp | 1 Loadrunner | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690. | |||||
| CVE-2013-4784 | 1 Hp | 1 Integrated Lights-out Bmc | 2024-11-21 | 10.0 HIGH | N/A |
| The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. | |||||
| CVE-2013-4325 | 1 Hp | 1 Linux Imaging And Printing Project | 2024-11-21 | 6.9 MEDIUM | N/A |
| The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process. | |||||
| CVE-2013-4002 | 9 Apache, Canonical, Hp and 6 more | 21 Xerces2 Java, Ubuntu Linux, Hp-ux and 18 more | 2024-11-21 | 7.1 HIGH | N/A |
| XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names. | |||||
| CVE-2013-3576 | 1 Hp | 1 System Management Homepage | 2024-11-21 | 9.0 HIGH | N/A |
| ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en. | |||||
| CVE-2013-3575 | 1 Hp | 1 Insight Diagnostics | 2024-11-21 | 5.0 MEDIUM | N/A |
| hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter. | |||||
| CVE-2013-3574 | 1 Hp | 1 Insight Diagnostics | 2024-11-21 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter. | |||||
| CVE-2013-3573 | 1 Hp | 1 Insight Diagnostics | 2024-11-21 | 10.0 HIGH | N/A |
| HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors. | |||||
| CVE-2013-2370 | 1 Hp | 1 Loadrunner | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1671. | |||||
| CVE-2013-2369 | 1 Hp | 1 Loadrunner | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1670. | |||||
| CVE-2013-2368 | 1 Hp | 1 Loadrunner | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to cause a denial of service via unknown vectors, aka ZDI-CAN-1669. | |||||
| CVE-2013-2367 | 1 Hp | 1 Sitescope | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678. | |||||
| CVE-2013-2365 | 1 Hp | 1 Database And Middleware Automation | 2024-11-21 | 7.9 HIGH | N/A |
| HP Database and Middleware Automation (DMA) 10.x before 10.10, when SSL is used, allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-2364 | 1 Hp | 1 System Management Homepage | 2024-11-21 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||