CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

HP : Security Vulnerabilities (Gain Information)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-4669 200 +Info 2014-06-28 2014-07-08
3.5
None Remote Medium Single system Partial None None
HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue.
2 CVE-2014-2622 +Info 2014-07-16 2014-07-24
8.5
None Remote Low Single system Complete Complete None
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors, aka ZDI-CAN-2312.
3 CVE-2014-2621 +Info 2014-07-16 2014-07-24
7.8
None Remote Low Not required Complete None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2090.
4 CVE-2014-2620 +Info 2014-07-16 2014-07-24
7.8
None Remote Low Not required Complete None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2089.
5 CVE-2014-2619 +Info 2014-07-16 2014-07-24
7.8
None Remote Low Not required Complete None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2088.
6 CVE-2014-2618 +Info 2014-07-16 2014-07-24
7.8
None Remote Low Not required Complete None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2080.
7 CVE-2014-2617 Exec Code +Info 2014-07-07 2014-07-24
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104.
8 CVE-2014-2616 Exec Code +Info 2014-07-07 2014-07-24
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091.
9 CVE-2014-2615 Exec Code +Info 2014-07-07 2014-07-24
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083.
10 CVE-2014-2612 +Info 2014-06-28 2014-07-24
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information via unknown vectors.
11 CVE-2014-2611 22 Exec Code Dir. Trav. +Info 2014-06-19 2014-06-26
9.0
None Remote Low Single system Complete Complete Complete
Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120.
12 CVE-2014-2605 +Info 2014-07-16 2014-07-24
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVirtual VSA 9.5 through 11.0 allows remote attackers to obtain sensitive information via unknown vectors.
13 CVE-2014-2603 +Info 2014-05-09 2014-05-12
1.7
None Remote High Multiple systems Partial None None
Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and 8Gb Simple SAN Connection Kit with firmware before 8.0.14.08.00 allows remote authenticated users to obtain sensitive information via unknown vectors.
14 CVE-2013-6214 +Info 2014-04-19 2014-04-21
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via unknown vectors, aka ZDI-CAN-2042.
15 CVE-2013-6212 +Info 2014-04-19 2014-04-21
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors.
16 CVE-2013-6211 DoS +Info 2014-03-28 2014-03-31
7.8
None Remote Medium Not required Partial None Complete
Unspecified vulnerability in HP StoreOnce Virtual Storage Appliance (VSA) before 3.7.2, StoreOnce 26xx and 4210 iSCSI Backup System before 3.9.0, StoreOnce 4210 FC Backup System before 3.9.0, and StoreOnce 4xxx Backup System before 3.9.0 allows remote attackers to obtain sensitive information or cause a denial of service via unknown vectors.
17 CVE-2013-6206 DoS +Info 2014-03-14 2014-03-14
9.0
None Remote Low Not required Complete Partial Partial
Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insight Control Server Deployment allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
18 CVE-2013-6205 DoS +Info 2014-03-14 2014-03-14
4.1
None Local Medium Single system Partial Partial Partial
Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insight Control Server Deployment allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
19 CVE-2013-6204 Exec Code +Info 2014-02-26 2014-02-26
7.5
None Remote Low Not required Partial Partial Partial
The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004.
20 CVE-2013-6203 Exec Code +Info 2014-02-26 2014-02-26
7.5
None Remote Low Not required Partial Partial Partial
The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-1656.
21 CVE-2013-6200 +Info 2014-03-11 2014-03-16
6.2
None Local Low Single system Complete Complete None
Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors.
22 CVE-2013-4846 +Info 2014-03-14 2014-03-14
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors.
23 CVE-2013-4843 +Info 2013-11-17 2013-11-19
6.8
None Remote Low Single system Complete None None
Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors.
24 CVE-2013-4839 DoS +Info 2013-11-04 2013-11-08
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851.
25 CVE-2013-4832 200 +Info 2013-10-16 2013-10-16
4.0
None Remote Low Single system Partial None None
HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors.
26 CVE-2013-4831 +Info 2013-10-16 2013-10-16
5.5
None Remote Low Single system Partial Partial None
HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
27 CVE-2013-4829 200 +Info 2013-10-04 2013-10-08
1.5
None Local Medium Single system Partial None None
HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices allow local users to read images of arbitrary scanned documents via unspecified vectors.
28 CVE-2013-4828 310 +Info 2013-10-04 2013-10-08
4.3
None Remote Medium Not required Partial None None
HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices do not properly encrypt PDF documents, which allows remote attackers to obtain sensitive information via unspecified vectors.
29 CVE-2013-4826 200 +Info 2013-10-13 2014-07-11
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647.
30 CVE-2013-4823 +Info 2013-10-13 2013-10-15
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607.
31 CVE-2013-4820 +Info 2013-09-23 2013-09-25
2.1
None Remote High Single system Partial None None
Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall SSO Agent Option 8.0 through 10.0, IceWall SSO Smart Device Option 10.0, IceWall SSO SAML2 Agent Option 8.0, IceWall SSO JAVA Agent Library 8.0 through 10.0, IceWall Federation Agent 3.0, and IceWall File Manager 3.0 through SP4 allows remote authenticated users to obtain sensitive information via unknown vectors.
32 CVE-2013-4819 +Info 2013-09-23 2013-09-25
3.5
None Remote Medium Single system Partial None None
Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 10.0 allows remote authenticated users to obtain sensitive information via unknown vectors.
33 CVE-2013-4818 +Info 2013-09-23 2013-09-25
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall SSO Agent Option 8.0 through 10.0, IceWall SSO Smart Device Option 10.0, and IceWall File Manager 3.0 through SP4 allows remote attackers to obtain sensitive information via unknown vectors.
34 CVE-2013-4817 +Info 2013-09-23 2013-09-25
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 10.0 allows remote attackers to obtain sensitive information via unknown vectors.
35 CVE-2013-4806 DoS +Info 2013-08-12 2014-01-03
7.0
None Remote Medium Single system Partial None Complete
The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
36 CVE-2013-2365 +Info 2013-07-22 2013-07-26
7.9
None Local Network Medium Not required Complete Complete Complete
HP Database and Middleware Automation (DMA) 10.x before 10.10, when SSL is used, allows remote attackers to obtain sensitive information via unspecified vectors.
37 CVE-2013-2363 +Info 2013-07-22 2013-07-22
5.0
None Remote Low Not required Partial None None
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356.
38 CVE-2013-2356 +Info 2013-07-22 2013-07-22
5.0
None Remote Low Not required Partial None None
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363.
39 CVE-2013-2355 264 Bypass +Info 2013-07-22 2013-07-22
5.0
None Remote Low Not required Partial None None
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217.
40 CVE-2013-2351 DoS +Info 2013-07-13 2013-07-15
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
41 CVE-2013-2341 Exec Code +Info 2013-07-06 2013-07-08
7.1
None Remote High Single system Complete Complete Complete
Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote authenticated users to execute arbitrary code or obtain sensitive information via unknown vectors.
42 CVE-2013-2340 Exec Code +Info 2013-07-06 2013-07-08
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors.
43 CVE-2013-2339 DoS +Info 2013-06-30 2013-07-01
4.6
None Local Low Not required Partial Partial Partial
HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
44 CVE-2013-2336 +Info 2013-06-14 2013-06-17
5.0
None Remote Low Not required Partial None None
HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to obtain sensitive information via unspecified vectors.
45 CVE-2013-2322 200 +Info 2013-06-28 2013-10-11
3.5
None Remote Medium Single system Partial None None
HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue.
46 CVE-2012-5222 200 +Info 2013-05-01 2013-10-16
5.0
None Remote Low Not required Partial None None
HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to obtain sensitive information via unspecified vectors.
47 CVE-2012-5217 264 Bypass +Info 2013-07-22 2013-07-26
5.0
None Remote Low Not required Partial None None
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2355.
48 CVE-2012-5214 DoS +Info 2013-03-09 2013-03-17
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP ServiceCenter 6.2.8 before 6.2.8.10 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
49 CVE-2012-5213 +Info 2013-03-09 2013-03-16
7.8
None Remote Low Not required Complete None None
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1662.
50 CVE-2012-5212 DoS +Info 2013-03-09 2013-03-16
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1663.
Total number of vulnerabilities : 129   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.