Filtered by vendor Hp
Subscribe
Total
2438 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3259 | 1 Hp | 1 Sitescope | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461. | |||||
| CVE-2012-3258 | 1 Hp | 1 Operations Orchestration | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2012-3257 | 1 Hp | 1 Business Availability Center | 2024-11-21 | 4.6 MEDIUM | N/A |
| HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors. | |||||
| CVE-2012-3256 | 1 Hp | 1 Business Availability Center | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2012-3255 | 1 Hp | 1 Business Availability Center | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-3254 | 1 Hp | 1 Inode Management Center Pc | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by a stack-based buffer overflow in iNodeMngChecker.exe for a crafted 0x0A0BF007 packet. | |||||
| CVE-2012-3253 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in HP Intelligent Management Center (IMC) before 5.0 E0101P05 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by an integer overflow and heap-based buffer overflow in img.exe for a crafted message packet. | |||||
| CVE-2012-3252 | 1 Hp | 1 Serviceguard | 2024-11-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2012-3251 | 1 Hp | 2 Service Center Web Tier, Service Manager Web Tier | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 7.11, 9.21, and 9.30, and HP Service Center Web Tier 6.28, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-3250 | 1 Hp | 2 Service Center Server, Service Manager Server | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and 9.30, and HP Service Center Server 6.28, allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2012-3249 | 1 Hp | 1 Fortify Software Security Center | 2024-11-21 | 4.0 MEDIUM | N/A |
| HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2012-3248 | 1 Hp | 1 Fortify Software Security Center | 2024-11-21 | 5.0 MEDIUM | N/A |
| HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2012-3247 | 1 Hp | 3 Integrity, Integrity Firmware, Itegrity | 2024-11-21 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability on the HP Integrity Server BL860c i2, BL870c i2, and BL890c i2 with firmware before 26.31 and the HP Integrity Server rx2800 i2 with firmware before 26.30 allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2012-2986 | 1 Hp | 2 San\/iq, Virtual San Appliance | 2024-11-21 | 7.7 HIGH | N/A |
| lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4361. | |||||
| CVE-2012-2960 | 1 Hp | 4 Arcsight Connector Appliance, Arcsight Connector Appliance Firmware, Arcsight Logger Appliance and 1 more | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the import functionality in HP ArcSight Connector appliance 6.2.0.6244.0 and ArcSight Logger appliance 5.2.0.6288.0 allows remote attackers to inject arbitrary web script or HTML via a crafted file. | |||||
| CVE-2012-2561 | 1 Hp | 1 Business Service Management | 2024-11-21 | 10.0 HIGH | N/A |
| HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server component via a crafted request to TCP port 1098, 1099, or 4444. | |||||
| CVE-2012-2291 | 3 Apple, Emc, Hp | 4 Mac Os X, Avamar, Avamar Plugin and 1 more | 2024-11-21 | 7.2 HIGH | N/A |
| EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack. | |||||
| CVE-2012-2022 | 1 Hp | 1 Network Node Manager I | 2024-11-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-2021 | 1 Hp | 1 Assetmanager | 2024-11-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-2020 | 1 Hp | 1 Operations Agent | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326. | |||||