Filtered by vendor Hp
Subscriptions
Total
2449 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-2011 | 1 Hp | 1 Network Node Manager I | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2010. | ||||
| CVE-2016-2010 | 1 Hp | 1 Network Node Manager I | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2011. | ||||
| CVE-2016-2009 | 1 Hp | 1 Network Node Manager I | 2024-11-21 | N/A |
| HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | ||||
| CVE-2016-2008 | 1 Hp | 1 Data Protector | 2024-11-21 | N/A |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2016-2007 | 1 Hp | 1 Data Protector | 2024-11-21 | N/A |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3354. | ||||
| CVE-2016-2006 | 1 Hp | 1 Data Protector | 2024-11-21 | N/A |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353. | ||||
| CVE-2016-2005 | 1 Hp | 1 Data Protector | 2024-11-21 | N/A |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352. | ||||
| CVE-2016-2004 | 1 Hp | 1 Data Protector | 2024-11-21 | N/A |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623. | ||||
| CVE-2016-2003 | 1 Hp | 2 P9000 Command View Advanced Edition Software, Xp7 Command View Advanced Edition Suite | 2024-11-21 | N/A |
| HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | ||||
| CVE-2016-2002 | 1 Hp | 1 Vertica | 2024-11-21 | N/A |
| The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417. | ||||
| CVE-2016-2001 | 1 Hp | 1 Universal Cmbd Foundation | 2024-11-21 | N/A |
| HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors. | ||||
| CVE-2016-2000 | 1 Hp | 2 Asset Manager, Asset Manager Cloudsystem Chargeback | 2024-11-21 | N/A |
| HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | ||||
| CVE-2016-1999 | 1 Hp | 1 Release Control | 2024-11-21 | N/A |
| The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | ||||
| CVE-2016-1998 | 1 Hp | 1 Service Manager | 2024-11-21 | N/A |
| HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | ||||
| CVE-2016-1997 | 1 Hp | 2 Operations Orchestration, Operations Orchestration Content | 2024-11-21 | N/A |
| HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | ||||
| CVE-2016-1996 | 1 Hp | 1 System Management Homepage | 2024-11-21 | N/A |
| HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors. | ||||
| CVE-2016-1995 | 1 Hp | 1 System Management Homepage | 2024-11-21 | N/A |
| HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2016-1994 | 1 Hp | 1 System Management Homepage | 2024-11-21 | N/A |
| HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-1993 | 1 Hp | 1 System Management Homepage | 2024-11-21 | N/A |
| HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | ||||
| CVE-2016-1992 | 1 Hp | 2 Enterprise Security Manager, Enterprise Security Manager Express | 2024-11-21 | N/A |
| HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors. | ||||