CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

HP : Security Vulnerabilities (Gain Information)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-2244 200 +Info 2016-03-04 2016-03-10
5.0
None Remote Low Not required Partial None None
HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors.
2 CVE-2016-2001 +Info 2016-04-12 2016-04-21
5.8
None Remote Medium Not required Partial Partial None
HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors.
3 CVE-2016-1996 +Info 2016-03-18 2016-03-18
3.6
None Local Low Not required Partial Partial None
HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors.
4 CVE-2016-1994 200 +Info 2016-03-18 2016-03-18
4.0
None Remote Low Single system Partial None None
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors.
5 CVE-2016-1993 +Info 2016-03-18 2016-03-18
5.5
None Remote Low Single system Partial Partial None
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
6 CVE-2016-1992 200 +Info 2016-03-17 2016-03-21
4.0
None Remote Low Single system Partial None None
HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors.
7 CVE-2016-1989 Exec Code +Info 2016-03-14 2016-03-21
10.0
None Remote Low Not required Complete Complete Complete
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988.
8 CVE-2016-1988 Exec Code +Info 2016-03-14 2016-03-21
10.0
None Remote Low Not required Complete Complete Complete
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989.
9 CVE-2015-6862 284 Bypass +Info 2016-01-07 2016-01-08
7.2
None Local Low Not required Complete Complete Complete
HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors.
10 CVE-2015-6858 200 +Info 2016-01-05 2016-01-05
4.3
None Remote Medium Not required Partial None None
HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensitive information via unspecified vectors.
11 CVE-2015-5443 200 +Info 2015-10-12 2015-10-13
4.0
None Remote Low Single system Partial None None
HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 (GA) SPOCC, and SP 4.3.0-GA-24 (MU1) SPOCC allows remote authenticated users to obtain sensitive information via unspecified vectors.
12 CVE-2015-5440 200 +Info 2015-09-16 2015-09-17
4.9
None Local Low Not required Complete None None
HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21 allows local users to obtain sensitive information via unspecified vectors.
13 CVE-2015-5433 +Info 2015-08-26 2015-08-27
4.0
None Remote Low Single system Partial None None
HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors.
14 CVE-2015-5432 +Info 2015-08-26 2015-08-27
7.5
None Remote Low Not required Partial Partial Partial
HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
15 CVE-2015-5431 +Info 2015-08-26 2015-08-27
6.5
None Remote Low Single system Partial Partial Partial
HP Matrix Operating Environment before 7.5.0 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
16 CVE-2015-5430 200 +Info 2015-08-26 2015-08-27
5.0
None Remote Low Not required Partial None None
HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information via unspecified vectors.
17 CVE-2015-5429 +Info 2015-08-26 2015-08-27
7.5
None Remote Low Not required Partial Partial Partial
HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5428.
18 CVE-2015-5428 +Info 2015-08-26 2015-08-27
7.5
None Remote Low Not required Partial Partial Partial
HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5429.
19 CVE-2015-5427 +Info 2015-08-26 2015-08-27
7.5
None Remote Low Not required Partial Partial Partial
HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5428 and CVE-2015-5429.
20 CVE-2015-5413 264 +Priv +Info 2015-08-26 2015-08-27
4.0
None Remote Low Single system Partial None None
HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain privileges and obtain sensitive information via unspecified vectors.
21 CVE-2015-5411 200 +Info 2015-08-26 2015-08-27
6.8
None Remote Low Single system Complete None None
HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtain sensitive information via unspecified vectors.
22 CVE-2015-5408 +Info 2015-08-22 2015-08-24
6.0
None Local High Single system Complete Complete Complete
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control 2.1, 2.2, and 2.3; CentralView Roaming Fraud Control 2.1, 2.2, and 2.3; and CentralView Subscription Fraud Prevention 2.0 and 2.1 allow remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5406 and CVE-2015-5407.
23 CVE-2015-5407 +Info 2015-08-22 2015-08-24
6.0
None Local High Single system Complete Complete Complete
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control 2.1, 2.2, and 2.3; CentralView Roaming Fraud Control 2.1, 2.2, and 2.3; and CentralView Subscription Fraud Prevention 2.0 and 2.1 allow remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5406 and CVE-2015-5408.
24 CVE-2015-5406 +Info 2015-08-22 2015-08-24
9.0
None Remote Low Single system Complete Complete Complete
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control 2.1, 2.2, and 2.3; CentralView Roaming Fraud Control 2.1, 2.2, and 2.3; and CentralView Subscription Fraud Prevention 2.0 and 2.1 allow remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5407 and CVE-2015-5408.
25 CVE-2015-5405 DoS +Info 2015-08-26 2015-08-27
6.5
None Remote Low Single system Partial Partial Partial
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.
26 CVE-2015-5404 +Info 2015-08-26 2015-08-27
7.5
None Remote Low Not required Partial Partial Partial
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
27 CVE-2015-5403 200 +Info 2015-08-26 2015-08-27
4.0
None Remote Low Single system Partial None None
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-2139.
28 CVE-2015-5402 264 DoS +Priv +Info 2015-08-26 2015-08-27
7.2
None Local Low Not required Complete Complete Complete
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows local users to gain privileges, and consequently obtain sensitive information, modify data, or cause a denial of service, via unspecified vectors.
29 CVE-2015-2902 310 +Info 2015-11-03 2015-11-04
6.8
None Remote Medium Not required Partial Partial Partial
HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate.
30 CVE-2015-2140 20 +Info 2015-08-26 2015-08-27
6.5
None Remote Low Single system Partial Partial Partial
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
31 CVE-2015-2139 200 +Info 2015-08-26 2015-08-27
4.0
None Remote Low Single system Partial None None
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5403.
32 CVE-2015-2136 200 Bypass +Info 2015-09-16 2015-09-17
4.0
None Remote Low Single system Partial None None
HP ArcSight Logger before 6.0 P2 allows remote authenticated users to bypass the intended authorization policy via unspecified vectors.
33 CVE-2015-2121 200 +Info 2015-05-25 2015-05-27
7.8
None Remote Low Not required Complete None None
HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569.
34 CVE-2015-2118 +Info 2015-05-25 2015-05-27
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the Secure Pull Print and Security Pull Print components in HP Access Control (AC) Software 12.x through 14.x before 14.1.2 allows remote authenticated users to obtain sensitive information via unknown vectors.
35 CVE-2015-2115 +Info 2015-04-27 2015-04-27
2.7
None Local Network Low Single system Partial None None
Unspecified vulnerability in HP Capture and Route Software (HPCR) 1.3 before Patch 7, 1.3 FP1 before Patch 1, and 1.4 before Patch 1 allows remote authenticated users to obtain sensitive information via unknown vectors.
36 CVE-2015-2111 +Info 2015-04-03 2015-04-06
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in HP Intelligent Provisioning 1.40 through 1.60 on Windows Server 2008 R2 and 2012 allows local users to obtain sensitive information via unknown vectors.
37 CVE-2015-2109 Bypass +Info 2015-03-31 2015-03-31
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.
38 CVE-2015-2108 200 +Info 2015-03-31 2015-04-02
3.5
None Remote Medium Single system Partial None None
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
39 CVE-2014-7883 200 +Info 2015-02-15 2015-02-20
5.0
None Remote Low Not required Partial None None
HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.
40 CVE-2014-7875 DoS +Info 2014-11-04 2015-01-20
9.0
None Remote Low Not required Partial Partial Complete
Unspecified vulnerability on the HP LaserJet CM3530 Multifunction Printer CC519A and CC520A with firmware before 53.236.2 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
41 CVE-2014-4669 200 +Info 2014-06-28 2015-12-18
3.5
None Remote Medium Single system Partial None None
HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue.
42 CVE-2014-2628 +Info 2014-08-11 2014-08-12
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in HP Enterprise Maps 1 allows remote authenticated users to obtain sensitive information via unknown vectors.
43 CVE-2014-2622 +Info 2014-07-16 2015-12-04
8.5
None Remote Low Single system Complete Complete None
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors, aka ZDI-CAN-2312.
44 CVE-2014-2621 +Info 2014-07-16 2015-12-04
7.8
None Remote Low Not required Complete None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2090.
45 CVE-2014-2620 +Info 2014-07-16 2015-12-04
7.8
None Remote Low Not required Complete None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2089.
46 CVE-2014-2619 +Info 2014-07-16 2015-12-04
7.8
None Remote Low Not required Complete None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2088.
47 CVE-2014-2618 +Info 2014-07-16 2015-12-04
7.8
None Remote Low Not required Complete None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2080.
48 CVE-2014-2617 Exec Code +Info 2014-07-07 2015-12-08
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104.
49 CVE-2014-2616 Exec Code +Info 2014-07-07 2015-12-08
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091.
50 CVE-2014-2615 Exec Code +Info 2014-07-07 2015-12-08
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083.
Total number of vulnerabilities : 171   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.