Filtered by vendor Hp
Subscriptions
Total
2449 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4364 | 1 Hp | 1 Insight Control Server Deployment | 2024-11-21 | N/A |
| HPE Insight Control server deployment allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2016-4363 | 1 Hp | 1 Insight Control Server Deployment | 2024-11-21 | N/A |
| HPE Insight Control server deployment allows remote attackers to modify data via unspecified vectors. | ||||
| CVE-2016-4362 | 1 Hp | 1 Insight Control Server Deployment | 2024-11-21 | N/A |
| HPE Insight Control server deployment allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | ||||
| CVE-2016-4361 | 1 Hp | 2 Loadrunner, Performance Center | 2024-11-21 | N/A |
| HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors. | ||||
| CVE-2016-4360 | 1 Hp | 2 Loadrunner, Performance Center | 2024-11-21 | N/A |
| web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555. | ||||
| CVE-2016-4359 | 1 Hp | 2 Loadrunner, Performance Center | 2024-11-21 | N/A |
| Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516. | ||||
| CVE-2016-4358 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-11-21 | N/A |
| HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029. | ||||
| CVE-2016-4357 | 1 Hp | 2 Matrix Operating Environment, Systems Insight Manager | 2024-11-21 | N/A |
| HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2028. | ||||
| CVE-2016-3710 | 7 Canonical, Citrix, Debian and 4 more | 17 Ubuntu Linux, Xenserver, Debian Linux and 14 more | 2024-11-21 | 8.8 High |
| The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue. | ||||
| CVE-2016-3705 | 6 Canonical, Debian, Hp and 3 more | 8 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 5 more | 2024-11-21 | N/A |
| The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references. | ||||
| CVE-2016-3627 | 7 Canonical, Debian, Hp and 4 more | 15 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 12 more | 2024-11-21 | 7.5 High |
| The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document. | ||||
| CVE-2016-3092 | 5 Apache, Canonical, Debian and 2 more | 9 Commons Fileupload, Tomcat, Ubuntu Linux and 6 more | 2024-11-21 | N/A |
| The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string. | ||||
| CVE-2016-2776 | 4 Hp, Isc, Oracle and 1 more | 10 Hp-ux, Bind, Linux and 7 more | 2024-11-21 | N/A |
| buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. | ||||
| CVE-2016-2775 | 4 Fedoraproject, Hp, Isc and 1 more | 11 Fedora, Hp-ux, Bind and 8 more | 2024-11-21 | 5.9 Medium |
| ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol. | ||||
| CVE-2016-2246 | 1 Hp | 1 Thinpro | 2024-11-21 | N/A |
| HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspecified vectors. | ||||
| CVE-2016-2245 | 1 Hp | 1 Support Assistant | 2024-11-21 | N/A |
| HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors. | ||||
| CVE-2016-2244 | 1 Hp | 55 A2w75a, A2w76a, A2w77a and 52 more | 2024-11-21 | N/A |
| HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-2243 | 3 Hp, Samsung, Zyxel | 30 1000 Series Firmware, 700 Series Firmware, 800 Series Firmware and 27 more | 2024-11-21 | N/A |
| Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access. | ||||
| CVE-2016-2182 | 4 Hp, Openssl, Oracle and 1 more | 8 Icewall Federation Agent, Icewall Mcrp, Icewall Sso and 5 more | 2024-11-21 | N/A |
| The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2016-2177 | 4 Hp, Openssl, Oracle and 1 more | 9 Icewall Mcrp, Icewall Sso, Icewall Sso Agent Option and 6 more | 2024-11-21 | N/A |
| OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. | ||||