Multiple unspecified vulnerabilities in the POP implementation in HP OpenVMS TCP/IP 5.7 before ECO5 allow remote attackers to cause a denial of service via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.73%
Published
2014-12-17
Updated
2017-01-03
HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors.
Max CVSS
8.5
EPSS Score
0.35%
Published
2014-12-10
Updated
2019-10-09
The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.
Max CVSS
10.0
EPSS Score
6.16%
Published
2014-11-14
Updated
2017-09-08
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2014-10-30
Updated
2017-09-08
Unspecified vulnerability on the HP LaserJet CM3530 Multifunction Printer CC519A and CC520A with firmware before 53.236.2 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
Max CVSS
9.0
EPSS Score
2.46%
Published
2014-11-04
Updated
2017-09-08
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Max CVSS
6.8
EPSS Score
0.19%
Published
2014-10-19
Updated
2017-09-08
Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavior is "by design.
Max CVSS
6.4
EPSS Score
96.04%
Published
2014-08-01
Updated
2024-03-21
HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue.
Max CVSS
3.5
EPSS Score
0.18%
Published
2014-06-28
Updated
2015-12-18
Cross-site scripting (XSS) vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
1.40%
Published
2014-10-10
Updated
2019-10-09
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
Max CVSS
1.9
EPSS Score
0.04%
Published
2014-06-04
Updated
2017-12-29
Unspecified vulnerability in HP Operations Manager 9.20 on UNIX allows remote attackers to execute arbitrary code via unknown vectors.
Max CVSS
7.5
EPSS Score
2.88%
Published
2014-10-10
Updated
2019-10-09
Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on UNIX allows remote attackers to execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
4.54%
Published
2014-10-10
Updated
2023-09-28
Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP Operations Manager (formerly OpenView Communications Broker) before 11.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.21%
Published
2014-10-19
Updated
2019-10-09
Unspecified vulnerability in HP Network Automation 9.10 and 9.20 allows local users to bypass intended access restrictions via unknown vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2014-10-10
Updated
2019-10-09
HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to conduct clickjacking attacks via unknown vectors.
Max CVSS
4.3
EPSS Score
1.06%
Published
2014-10-05
Updated
2019-10-09
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Max CVSS
4.3
EPSS Score
5.40%
Published
2014-10-06
Updated
2019-10-09
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote authenticated users to gain privileges via unknown vectors.
Max CVSS
6.5
EPSS Score
0.38%
Published
2014-10-05
Updated
2019-10-09
HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
Max CVSS
4.3
EPSS Score
1.06%
Published
2014-10-02
Updated
2019-10-09
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Max CVSS
6.0
EPSS Score
0.11%
Published
2014-10-02
Updated
2019-10-09
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
29.89%
Published
2014-10-02
Updated
2019-10-09
Unspecified vulnerability in HP MPIO Device Specific Module Manager before 4.02.00 allows local users to gain privileges via unknown vectors.
Max CVSS
4.6
EPSS Score
0.04%
Published
2014-09-28
Updated
2019-10-09
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2344.
Max CVSS
7.5
EPSS Score
93.12%
Published
2014-10-10
Updated
2019-10-09
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2342.
Max CVSS
7.5
EPSS Score
93.12%
Published
2014-10-10
Updated
2019-10-09
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2336.
Max CVSS
7.5
EPSS Score
93.12%
Published
2014-10-10
Updated
2019-10-09
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2343.
Max CVSS
7.5
EPSS Score
93.12%
Published
2014-10-10
Updated
2019-10-09
103 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!