Filtered by vendor Hp
Subscriptions
Total
2433 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4362 | 1 Hp | 1 Insight Control Server Deployment | 2024-08-06 | N/A |
| HPE Insight Control server deployment allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | ||||
| CVE-2016-4406 | 1 Hp | 3 Integrated Lights-out, Integrated Lights-out 3 Firmware, Integrated Lights-out 4 Firmware | 2024-08-06 | N/A |
| A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44. | ||||
| CVE-2016-4399 | 1 Hp | 1 Network Node Manager I | 2024-08-06 | N/A |
| A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10. The vulnerability could result in cross-site scripting (XSS). | ||||
| CVE-2016-4363 | 1 Hp | 1 Insight Control Server Deployment | 2024-08-06 | N/A |
| HPE Insight Control server deployment allows remote attackers to modify data via unspecified vectors. | ||||
| CVE-2016-4405 | 1 Hp | 1 Business Service Management | 2024-08-06 | N/A |
| A remote code execution vulnerability was identified in HP Business Service Management (BSM) using Apache Commons Collection Java Deserialization versions v9.20-v9.26 | ||||
| CVE-2016-4402 | 1 Hp | 1 Keyview | 2024-08-06 | N/A |
| A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow. | ||||
| CVE-2016-4359 | 1 Hp | 2 Loadrunner, Performance Center | 2024-08-06 | N/A |
| Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516. | ||||
| CVE-2016-4365 | 1 Hp | 1 Insight Control Server Deployment | 2024-08-06 | N/A |
| HPE Insight Control server deployment allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-4385 | 1 Hp | 1 Network Automation | 2024-08-06 | N/A |
| The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries. | ||||
| CVE-2016-4384 | 1 Hp | 2 Loadrunner, Performance Center | 2024-08-06 | N/A |
| HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors. | ||||
| CVE-2016-4392 | 1 Hp | 1 Business Service Management | 2024-08-06 | N/A |
| A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 - v9.25IP1. | ||||
| CVE-2016-4379 | 1 Hp | 2 Integrated Lights-out 3, Integrated Lights-out 3 Firmware | 2024-08-06 | N/A |
| The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack. | ||||
| CVE-2016-4397 | 1 Hp | 1 Network Node Manager I | 2024-08-06 | N/A |
| A local code execution security vulnerability was identified in HP Network Node Manager i (NNMi) v10.00, v10.10 and v10.20 Software. | ||||
| CVE-2016-4395 | 1 Hp | 1 System Management Homepage | 2024-08-06 | N/A |
| HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue. | ||||
| CVE-2016-4369 | 1 Hp | 1 Discovery And Dependency Mapping Inventory | 2024-08-06 | N/A |
| HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | ||||
| CVE-2016-4358 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-08-06 | N/A |
| HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029. | ||||
| CVE-2016-4382 | 1 Hp | 1 Performance Center | 2024-08-06 | N/A |
| HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue. | ||||
| CVE-2016-4360 | 1 Hp | 2 Loadrunner, Performance Center | 2024-08-06 | N/A |
| web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555. | ||||
| CVE-2016-4374 | 1 Hp | 1 Release Control | 2024-08-06 | N/A |
| HPE Release Control (RC) 9.13, 9.20, and 9.21 before 9.21.0005 p4 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and consequently obtain sensitive information or cause a denial of service, via unspecified vectors. | ||||
| CVE-2016-4361 | 1 Hp | 2 Loadrunner, Performance Center | 2024-08-06 | N/A |
| HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors. | ||||