CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

HP : Security Vulnerabilities Published In 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-18910 20 Exec Code 2019-11-22 2020-03-25
4.6
None Local Low Not required Partial Partial Partial
The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.
2 CVE-2019-18909 20 Exec Code 2019-11-22 2020-03-25
7.7
None Local Network Low ??? Complete Complete Complete
The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges.
3 CVE-2019-16287 Exec Code +Priv Bypass 2019-11-22 2020-08-24
7.2
None Local Low Not required Complete Complete Complete
In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges.
4 CVE-2019-16286 287 Exec Code Bypass 2019-11-22 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.
5 CVE-2019-16285 200 +Info 2019-11-22 2020-08-24
2.1
None Local Low Not required Partial None None
If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.
6 CVE-2019-11995 2019-12-18 2020-08-24
5.0
None Remote Low Not required Partial None None
Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: For customers with release UIoT 1.2.4.2 fixes are made available with 1.2.4.2 RP3 HF1. For customers with release older than 1.2.4.2, such as 1.2.4.1, 1.2.4.0, the resolution will be to upgrade to 1.2.4.2 RP3 HF1 Customers are requested to upgrade to the updated versions or contact HPE support for further assistance.
7 CVE-2019-11992 79 XSS 2019-12-18 2019-12-23
4.3
None Remote Medium Not required None Partial None
A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting.
8 CVE-2019-11990 2019-07-19 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
Security vulnerabilities in HPE UIoT versions 1.6, 1.5, 1.4.2, 1.4.1, 1.4.0, and 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: * For customers with release UIoT 1.6, fixes are made available with 1.6 RP603 * For customers with release UIoT 1.5, fixes are made available with 1.5 RP503 HF3 * For customers with release older than 1.5, such as 1.4.0, 1.4.1, 1.4.2 and 1.2.4.2, the resolution will be to upgrade to 1.5 RP503 HF3 or 1.6 RP603 Customers are requested to upgrade to the updated versions or contact HPE support for further assistance.
9 CVE-2019-11986 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
10 CVE-2019-11985 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
11 CVE-2019-11984 89 Exec Code Sql 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
12 CVE-2019-11980 20 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A remote code exection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
13 CVE-2019-11979 89 Exec Code Sql 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
14 CVE-2019-11978 89 Exec Code Sql 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
15 CVE-2019-11977 89 Exec Code Sql 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
16 CVE-2019-11976 89 Exec Code Sql 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
17 CVE-2019-11975 89 Exec Code Sql 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
18 CVE-2019-11974 89 Exec Code Sql 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
19 CVE-2019-11973 89 Exec Code Sql 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
20 CVE-2019-11972 89 Exec Code Sql 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
21 CVE-2019-11971 89 Exec Code Sql 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
22 CVE-2019-11970 89 Exec Code Sql 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
23 CVE-2019-11969 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
24 CVE-2019-11968 20 Exec Code 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
25 CVE-2019-11967 20 Exec Code 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
26 CVE-2019-11966 312 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote privilege escalation vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
27 CVE-2019-11965 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
28 CVE-2019-11964 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
29 CVE-2019-11963 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
30 CVE-2019-11962 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
31 CVE-2019-11961 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
32 CVE-2019-11960 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
33 CVE-2019-11959 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
34 CVE-2019-11958 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
35 CVE-2019-11957 787 Exec Code 2019-06-05 2020-08-24
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
36 CVE-2019-11956 502 Exec Code 2019-06-05 2019-06-07
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
37 CVE-2019-11955 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
38 CVE-2019-11954 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
39 CVE-2019-11953 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
40 CVE-2019-11952 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
41 CVE-2019-11951 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
42 CVE-2019-11950 502 Exec Code 2019-06-05 2019-06-06
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
43 CVE-2019-11949 917 Exec Code 2019-06-05 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
44 CVE-2019-11948 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
45 CVE-2019-11947 798 Exec Code 2019-06-05 2019-06-06
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
46 CVE-2019-11946 310 2019-06-05 2019-06-06
6.8
None Remote Low ??? Complete None None
A remote credential disclosure vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
47 CVE-2019-11945 502 Exec Code 2019-06-05 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
48 CVE-2019-11944 502 Exec Code 2019-06-05 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
49 CVE-2019-11943 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
50 CVE-2019-11942 917 Exec Code 2019-06-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
Total number of vulnerabilities : 141   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.