Filtered by vendor Hp
Subscribe
Total
2279 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5401 | 1 Hp | 2 Hp2910al-48g, Hp2910al-48g Firmware | 2019-08-08 | 3.5 LOW | 4.8 MEDIUM |
| A potential security vulnerability has been identified in HP2910al-48G version W.15.14.0016. The attack exploits an xss injection by setting the attack vector in one of the switch persistent configuration fields (management URL, location, contact). But admin privileges are required to configure these fields thereby reducing the likelihood of exploit. HPE Aruba has provided firmware updates to resolve the vulnerability in HP 2910-48G al Switch. Please update to W.15.14.0017. | |||||
| CVE-2019-11991 | 1 Hp | 2 3par Service Processor, 3par Service Processor Firmware | 2019-07-16 | 9.7 HIGH | 9.8 CRITICAL |
| HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays. | |||||
| CVE-2016-2006 | 1 Hp | 1 Data Protector | 2019-07-16 | 10.0 HIGH | 9.8 CRITICAL |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353. | |||||
| CVE-2016-2005 | 1 Hp | 1 Data Protector | 2019-07-16 | 10.0 HIGH | 9.8 CRITICAL |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352. | |||||
| CVE-2016-2008 | 1 Hp | 1 Data Protector | 2019-07-16 | 7.5 HIGH | 9.8 CRITICAL |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2016-2007 | 1 Hp | 1 Data Protector | 2019-07-16 | 10.0 HIGH | 9.8 CRITICAL |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3354. | |||||
| CVE-2016-2004 | 1 Hp | 1 Data Protector | 2019-07-12 | 9.3 HIGH | 9.8 CRITICAL |
| HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623. | |||||
| CVE-2019-6325 | 1 Hp | 20 T6b80a, T6b80a Firmware, T6b81a and 17 more | 2019-06-18 | 6.8 MEDIUM | 8.8 HIGH |
| HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an embedded web server that is potentially vulnerable to Cross-site Request Forgery. | |||||
| CVE-2019-6324 | 1 Hp | 20 T6b80a, T6b80a Firmware, T6b81a and 17 more | 2019-06-18 | 3.5 LOW | 4.8 MEDIUM |
| HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page | |||||
| CVE-2019-6323 | 1 Hp | 20 T6b80a, T6b80a Firmware, T6b81a and 17 more | 2019-06-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an embedded web server potentially vulnerable to reflected XSS in wireless configuration page. | |||||
| CVE-2019-6326 | 1 Hp | 20 T6b80a, T6b80a Firmware, T6b81a and 17 more | 2019-06-18 | 6.5 MEDIUM | 7.2 HIGH |
| HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have embedded web server attributes which may be potentially vulnerable to Buffer Overflow. | |||||
| CVE-2019-11983 | 1 Hp | 39 Integrated Lights-out 4 Firmware, Integrated Lights-out 5 Firmware, Proliant Bl460c Gen10 and 36 more | 2019-06-07 | 8.3 HIGH | 7.0 HIGH |
| A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39. | |||||
| CVE-2019-11982 | 1 Hp | 39 Integrated Lights-out 4 Firmware, Integrated Lights-out 5 Firmware, Proliant Bl460c Gen10 and 36 more | 2019-06-07 | 7.6 HIGH | 8.3 HIGH |
| A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39. | |||||
| CVE-2019-11978 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11971 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11972 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11977 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11976 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11975 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||
| CVE-2019-11974 | 1 Hp | 1 Intelligent Management Center | 2019-06-07 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | |||||