HP : Security Vulnerabilities, CVEs, Published In 2015 (Information Leak)
HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 (GA) SPOCC, and SP 4.3.0-GA-24 (MU1) SPOCC allows remote authenticated users to obtain sensitive information via unspecified vectors.
Max CVSS
4.0
EPSS Score
0.11%
Published
2015-10-12
Updated
2015-10-13
HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21 allows local users to obtain sensitive information via unspecified vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2015-09-16
Updated
2016-12-22
HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.26%
Published
2015-08-27
Updated
2015-08-27
HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtain sensitive information via unspecified vectors.
Max CVSS
6.8
EPSS Score
0.10%
Published
2015-08-26
Updated
2016-12-22
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-2139.
Max CVSS
4.0
EPSS Score
0.10%
Published
2015-08-27
Updated
2015-08-27
Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354169 and other products, allows remote attackers to read arbitrary files via an AMF message containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Max CVSS
5.0
EPSS Score
0.88%
Published
2015-08-25
Updated
2022-03-11
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5403.
Max CVSS
4.0
EPSS Score
0.10%
Published
2015-08-27
Updated
2015-08-27
HP ArcSight Logger before 6.0 P2 allows remote authenticated users to bypass the intended authorization policy via unspecified vectors.
Max CVSS
4.0
EPSS Score
0.10%
Published
2015-09-16
Updated
2015-09-17
HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569.
Max CVSS
7.8
EPSS Score
14.42%
Published
2015-05-25
Updated
2016-12-03
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
Max CVSS
3.5
EPSS Score
0.17%
Published
2015-03-31
Updated
2016-11-30
HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.
Max CVSS
5.0
EPSS Score
94.45%
Published
2015-02-15
Updated
2019-10-09
11 vulnerabilities found