Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 31.6% and no vendor patch available.
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.7% and no vendor patch available.
Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to execute arbitrary code via HTTP traffic to port (1) 4999 or (2) 80. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors,. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.
Unspecified vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to cause a denial of service (CPU consumption) via unknown vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.
Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to hijack web sessions via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Directory traversal vulnerability in the LYSESOFT AndExplorer application before 20140403 and AndExplorerPro application before 20140405 for Android allows attackers to overwrite or create arbitrary. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows remote attackers to cause a denial of service (daemon reload) via a malformed DHCPv6 packet, aka Bug ID CSCuo07437. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a denial of service (web-interface outage) via crafted HTTP requests to port (1) 4999 or (2) 80. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Multiple directory traversal vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to access arbitrary files via HTTP traffic to port (1) 4999 or. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
TCPUploader module listens on Port 10651/TCP for incoming connections. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Unspecified vulnerability in HP HP-UX Whitelisting (aka WLI) before A.01.02.02 on HP-UX B.11.31 allows local users to bypass intended access restrictions via unknown vectors. Rated low severity (CVSS 3.8). No vendor patch available.