Skip to main content

HP

651 CVEs vendor

Monthly

CVE-2012-5216 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability on HP ProCurve 1700-8 (aka J9079A) switches with software before VA.02.09 and 1700-24 (aka J9080A) switches with software before VB.02.09 allows remote. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF HP Procurve Switch Software Procurve Switch 1700 24 Procurve Switch 1700 8
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-1999 HIGH This Week

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Systems Insight Manager
NVD
CVSS 2.0
8.5
EPSS
0.2%
CVE-2012-1998 MEDIUM This Month

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service HP Systems Insight Manager
NVD
CVSS 2.0
6.8
EPSS
0.5%
CVE-2012-1997 HIGH This Week

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Systems Insight Manager
NVD
CVSS 2.0
7.5
EPSS
1.1%
CVE-2012-1996 MEDIUM This Month

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to modify data via unknown vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure HP Systems Insight Manager
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-1995 LOW Monitor

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows local users to obtain sensitive information or modify data via unknown vectors. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure HP Systems Insight Manager
NVD
CVSS 2.0
3.2
EPSS
0.1%
CVE-2012-5215 HIGH This Week

Unspecified vulnerability on the HP LaserJet Pro M1212nf, M1213nf, M1214nfh, M1216nfh, M1217nfw, and M1219nf, and HotSpot LaserJet Pro M1218nfs, with firmware before 20130211; LaserJet Pro CP1025nw. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service HP Hotspot Laserjet Pro M1218Nfs Mfp Laserjet Pro M1212Nf Mfp Laserjet Pro M1213Nf Mfp +17
NVD
CVSS 2.0
8.8
EPSS
2.0%
CVE-2012-5214 HIGH This Week

Unspecified vulnerability in HP ServiceCenter 6.2.8 before 6.2.8.10 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Service Center
NVD
CVSS 2.0
7.5
EPSS
1.1%
CVE-2012-5213 HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Intelligent Management Center For Automated Network Manager Intelligent Management Center
NVD
CVSS 2.0
7.8
EPSS
1.0%
CVE-2012-5212 MEDIUM This Month

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service HP Intelligent Management Center Intelligent Management Center For Automated Network Manager
NVD
CVSS 2.0
6.8
EPSS
0.5%
CVE-2012-5211 HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) User Access Manager (UAM) before 5.2 E0402 allows remote attackers to obtain sensitive information, modify data, or cause a denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Intelligent Management Center User Access Manager
NVD
CVSS 2.0
7.5
EPSS
1.1%
CVE-2012-5210 HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) TACACS+ Authentication Manager (TAM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Tacacs Authentication Manager
NVD
CVSS 2.0
7.5
EPSS
1.5%
CVE-2012-5209 CRITICAL Act Now

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.2% and no vendor patch available.

HP RCE Intelligent Management Center Intelligent Management Center For Automated Network Manager
NVD
CVSS 2.0
10.0
EPSS
24.2%
CVE-2012-5208 HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Intelligent Management Center Intelligent Management Center For Automated Network Manager
NVD
CVSS 2.0
7.5
EPSS
1.1%
CVE-2012-5207 CRITICAL Act Now

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Intelligent Management Center For Automated Network Manager Intelligent Management Center
NVD
CVSS 2.0
9.0
EPSS
1.6%
CVE-2012-5206 HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Intelligent Management Center Intelligent Management Center For Automated Network Manager
NVD
CVSS 2.0
7.5
EPSS
1.1%
CVE-2012-5205 HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Intelligent Management Center For Automated Network Manager Intelligent Management Center
NVD
CVSS 2.0
7.5
EPSS
1.1%
CVE-2012-5204 HIGH POC THREAT Act Now

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 69.4%.

Denial Of Service HP Intelligent Management Center Intelligent Management Center For Automated Network Manager
NVD
CVSS 2.0
7.5
EPSS
69.4%
Threat
5.1
CVE-2012-5203 HIGH POC THREAT Act Now

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 67.5%.

Denial Of Service HP Intelligent Management Center For Automated Network Manager Intelligent Management Center
NVD
CVSS 2.0
7.5
EPSS
67.5%
Threat
5.0
CVE-2012-5202 HIGH POC THREAT Act Now

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 67.5%.

Denial Of Service HP Intelligent Management Center Intelligent Management Center For Automated Network Manager
NVD
CVSS 2.0
7.5
EPSS
67.5%
Threat
5.0
CVE-2012-5201 CRITICAL POC THREAT Emergency

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 74.9%.

HP RCE Intelligent Management Center Intelligent Management Center For Automated Network Manager
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
74.9%
Threat
5.7
CVE-2012-5200 LOW Monitor

Cross-site scripting (XSS) vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Intelligent Management Center Intelligent Management Center For Automated Network Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-0200 LOW PATCH Monitor

HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3). Rated low severity (CVSS 1.9).

Information Disclosure HP Linux Imaging And Printing Project Enterprise Linux
NVD
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-5199 MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2 and earlier allows remote authenticated users to execute arbitrary code via unknown vectors. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

HP RCE Arcsight Connector Appliance Firmware Arcsight Connector Appliance Arcsight Logger
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-5198 MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance before 6.3 and ArcSight Logger 5.2 and earlier allows remote attackers to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Arcsight Connector Appliance Firmware Arcsight Connector Appliance Arcsight Logger
NVD
CVSS 2.0
5.0
EPSS
1.5%
CVE-2012-3286 MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2 and earlier allows remote authenticated users to obtain sensitive information, modify data, or. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Arcsight Connector Appliance Firmware Arcsight Connector Appliance Arcsight Logger
NVD
CVSS 2.0
6.5
EPSS
0.3%
CVE-2012-3280 MEDIUM This Month

Multiple unspecified vulnerabilities on HP NonStop Servers H06.x and J06.x allow remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via an OSS. Rated medium severity (CVSS 6.3). No vendor patch available.

Denial Of Service HP Nonstop Server Software Nonstop Server
NVD
CVSS 2.0
6.3
EPSS
0.1%
CVE-2012-3285 CRITICAL Act Now

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1513. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 26.9% and no vendor patch available.

HP RCE San Iq Lefthand P4000 Virtual San Appliance
NVD
CVSS 2.0
10.0
EPSS
26.9%
CVE-2012-3284 CRITICAL Act Now

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 26.9% and no vendor patch available.

HP RCE San Iq Lefthand P4000 Virtual San Appliance
NVD
CVSS 2.0
10.0
EPSS
26.9%
CVE-2012-3283 CRITICAL Act Now

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1511. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.2% and no vendor patch available.

HP RCE San Iq Lefthand P4000 Virtual San Appliance
NVD
CVSS 2.0
10.0
EPSS
23.2%
CVE-2012-3282 CRITICAL POC THREAT Emergency

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1468. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 35.1%.

HP RCE San Iq Lefthand P4000 Virtual San Appliance
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
35.1%
Threat
4.6
CVE-2012-3281 HIGH This Week

Unspecified vulnerability in Device Manager in HP XP P9000 Command View Advanced Edition before 7.4.0-00 allows remote attackers to cause a denial of service via unknown vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Xp P9000 Command View Advanced Edition
NVD
CVSS 2.0
7.8
EPSS
1.4%
CVE-2012-3279 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Network Node Manager I
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-3268 LOW Monitor

Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller,. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

0235A0Bq 0150A129 0150A12A 0150A12B 0150A12C +672
NVD
CVSS 2.0
3.5
EPSS
1.8%
CVE-2012-3278 CRITICAL Emergency

Stack-based buffer overflow in magentservice.exe in HP Diagnostics Server 8.x through 8.07 and 9.x through 9.21 allows remote attackers to execute arbitrary code via a malformed message packet. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 35.7% and no vendor patch available.

Buffer Overflow HP RCE Diagnostics Server
NVD
CVSS 2.0
10.0
EPSS
35.7%
CVE-2012-2291 HIGH This Week

EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation HP Oracle Avamar Avamar Plugin
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2012-6501 MEDIUM This Month

The KillProcess method in the HP PKI ActiveX control (HPPKI.ocx) before 1.2.0.1 allows remote attackers to cause a denial of service (kill process) via the partial or full name of a process. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service HP Pki Activex Control
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-3277 MEDIUM This Month

HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Openvms
NVD
CVSS 2.0
5.0
EPSS
1.4%
CVE-2012-3276 LOW PATCH Monitor

HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Denial Of Service HP Openvms
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-3275 CRITICAL Act Now

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and 9.20 allows remote attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 25.4% and no vendor patch available.

HP RCE Network Node Manager I
NVD
CVSS 2.0
10.0
EPSS
25.4%
CVE-2012-3274 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (IMC) before 5.1 E0101P01 allows remote attackers to execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 73.4%.

Buffer Overflow HP RCE Intelligent Management Center
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
73.4%
Threat
5.7
CVE-2012-3273 MEDIUM This Month

Multiple unspecified vulnerabilities on the HP LaserJet Pro 400 MFP M425 with firmware 20120625 and LaserJet 400 M401 with firmware 20120621 allow remote attackers to obtain sensitive information via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Laserjet Pro Mfp M401 Laserjet Pro Mfp M425
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-3272 MEDIUM This Month

Cross-site scripting (XSS) vulnerability on the HP Color LaserJet CM3530 with firmware before 53.190.9, Color LaserJet CM60xx with firmware before 52.210.9, Color LaserJet CP3525 with firmware before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Color Laserjet Cm3530 Color Laserjet Cm60Xx Color Laserjet Cp3525 +4
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-3271 CRITICAL PATCH Act Now

Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure HP Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware
NVD
CVSS 2.0
9.3
EPSS
1.4%
CVE-2012-3270 CRITICAL Act Now

Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Performance Insight
NVD
CVSS 2.0
10.0
EPSS
3.3%
CVE-2012-3269 HIGH This Week

Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Performance Insight
NVD
CVSS 2.0
7.5
EPSS
1.7%
CVE-2012-3267 MEDIUM This Month

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.20 allows remote attackers to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Network Node Manager I
NVD
CVSS 2.0
5.0
EPSS
1.5%
CVE-2012-3266 MEDIUM This Month

Unspecified vulnerability in IBRIX 6.1.196 through 6.1.251 on HP IBRIX X9000 Storage allows remote attackers to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Ibrix Ibrix X9300 Ibrix X9320 +1
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-3264 HIGH This Week

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1472. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP RCE Sitescope
NVD
CVSS 2.0
7.5
EPSS
6.6%
CVE-2012-3263 CRITICAL Act Now

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1465. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.2% and no vendor patch available.

HP RCE Sitescope
NVD
CVSS 2.0
10.0
EPSS
24.2%
CVE-2012-3262 CRITICAL Act Now

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.2% and no vendor patch available.

HP RCE Sitescope
NVD
CVSS 2.0
10.0
EPSS
24.2%
CVE-2012-3261 CRITICAL POC THREAT Emergency

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 68.6%.

HP RCE Sitescope
NVD
CVSS 2.0
10.0
EPSS
68.6%
Threat
5.6
CVE-2012-3260 CRITICAL POC THREAT Emergency

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 68.6%.

HP RCE Sitescope
NVD
CVSS 2.0
10.0
EPSS
68.6%
Threat
5.6
CVE-2012-3259 CRITICAL Act Now

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 29.2% and no vendor patch available.

HP RCE Sitescope
NVD
CVSS 2.0
10.0
EPSS
29.2%
CVE-2012-3258 CRITICAL Act Now

Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 29.1% and no vendor patch available.

HP RCE Operations Orchestration
NVD
CVSS 2.0
10.0
EPSS
29.1%
CVE-2012-3257 MEDIUM This Month

HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure HP Business Availability Center
NVD
CVSS 2.0
4.6
EPSS
0.2%
CVE-2012-3256 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF HP Business Availability Center
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-3255 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Business Availability Center
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-3254 CRITICAL Emergency

Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by a stack-based. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 31.0% and no vendor patch available.

Buffer Overflow HP RCE Inode Management Center Pc
NVD
CVSS 2.0
10.0
EPSS
31.0%
CVE-2012-3253 CRITICAL Emergency

Multiple unspecified vulnerabilities in HP Intelligent Management Center (IMC) before 5.0 E0101P05 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by an integer. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 31.0% and no vendor patch available.

Buffer Overflow HP RCE Intelligent Management Center
NVD
CVSS 2.0
10.0
EPSS
31.0%
CVE-2012-4362 MEDIUM POC THREAT This Month

hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 22.1%.

HP Authentication Bypass San Iq
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
22.1%
CVE-2012-4361 HIGH POC THREAT Act Now

lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter. Rated high severity (CVSS 7.7), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 44.8%.

Command Injection HP San Iq
NVD Exploit-DB
CVSS 2.0
7.7
EPSS
44.8%
Threat
4.4
CVE-2012-3252 HIGH This Week

Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote attackers to cause a denial of service via unknown vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Serviceguard
NVD
CVSS 2.0
7.8
EPSS
1.4%
CVE-2012-2986 HIGH POC This Week

lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3). Rated high severity (CVSS 7.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection HP San Iq
NVD Exploit-DB
CVSS 2.0
7.7
EPSS
5.2%
CVE-2012-3251 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 7.11, 9.21, and 9.30, and HP Service Center Web Tier 6.28, allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Service Center Web Tier Service Manager Web Tier
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-3250 MEDIUM This Month

Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and 9.30, and HP Service Center Server 6.28, allows remote attackers to cause a denial of service via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Service Center Server Service Manager Server
NVD
CVSS 2.0
5.0
EPSS
1.4%
CVE-2012-3249 MEDIUM This Month

HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote authenticated users to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Fortify Software Security Center
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2012-3248 MEDIUM This Month

HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote attackers to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Fortify Software Security Center
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-3247 MEDIUM This Month

Unspecified vulnerability on the HP Integrity Server BL860c i2, BL870c i2, and BL890c i2 with firmware before 26.31 and the HP Integrity Server rx2800 i2 with firmware before 26.30 allows local users. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service HP Integrity Firmware Integrity Itegrity
NVD
CVSS 2.0
4.9
EPSS
0.1%
CVE-2012-2960 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the import functionality in HP ArcSight Connector appliance 6.2.0.6244.0 and ArcSight Logger appliance 5.2.0.6288.0 allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Arcsight Connector Appliance Firmware Arcsight Connector Appliance Arcsight Logger Appliance Firmware +1
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2012-2022 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Network Node Manager I
NVD
CVSS 2.0
4.3
EPSS
1.2%
CVE-2012-2021 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Assetmanager
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-2020 CRITICAL POC THREAT Emergency

Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.3%.

HP RCE Operations Agent
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
82.3%
Threat
6.0
CVE-2012-2019 CRITICAL POC THREAT Emergency

Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 75.6%.

HP RCE Operations Agent
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
75.6%
Threat
5.8
CVE-2012-2018 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Network Node Manager I
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-2017 HIGH This Week

Unspecified vulnerability on HP Photosmart Wireless e-All-in-One B110, e-All-in-One D110, Plus e-All-in-One B210, eStation All-in-One C510, Ink Advantage e-All-in-One K510, and Premium Fax. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Photosmart E All In One Printer Series Photosmart Estation All In One Printer Series Photosmart Ink Advantage E All In One +3
NVD
CVSS 2.0
7.8
EPSS
4.6%
CVE-2012-2016 MEDIUM PATCH This Month

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Information Disclosure HP System Management Homepage
NVD
CVSS 2.0
4.9
EPSS
0.1%
CVE-2012-2015 CRITICAL PATCH Act Now

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure HP System Management Homepage
NVD
CVSS 2.0
9.0
EPSS
0.2%
CVE-2012-2014 CRITICAL PATCH Act Now

HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure HP System Management Homepage
NVD
CVSS 2.0
9.0
EPSS
0.2%
CVE-2012-2013 HIGH PATCH This Week

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service HP System Management Homepage
NVD
CVSS 2.0
7.5
EPSS
1.3%
CVE-2012-2012 CRITICAL PATCH Act Now

HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure HP System Management Homepage
NVD
CVSS 2.0
10.0
EPSS
4.5%
CVE-2012-2011 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin 8.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Web Jetadmin
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-2561 CRITICAL Act Now

HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation HP Business Service Management
NVD
CVSS 2.0
10.0
EPSS
4.2%
CVE-2012-2010 MEDIUM This Month

The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha platform, and 8.3, 8.3-1H1, and 8.4 on the Itanium platform, when the SYS$ACM system service is enabled, allows local users to gain. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation HP Openvms
NVD
CVSS 2.0
6.9
EPSS
0.3%
CVE-2012-2009 CRITICAL Act Now

Unspecified vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to gain privileges via unknown vectors. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation HP Performance Insight
NVD
CVSS 2.0
9.0
EPSS
0.2%
CVE-2012-2008 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Performance Insight
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2012-2007 HIGH This Week

SQL injection vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi HP Performance Insight
NVD
CVSS 2.0
7.5
EPSS
0.9%
CVE-2012-2006 MEDIUM This Month

Unspecified vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to modify data or cause a denial of service via unknown vectors. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service HP Microsoft Insight Management Agents
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2012-2005 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP Microsoft XSS Insight Management Agents
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2012-2004 HIGH This Week

Open redirect vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to redirect users to arbitrary web sites and conduct phishing. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect HP Microsoft Insight Management Agents
NVD
CVSS 2.0
8.3
EPSS
1.3%
EPSS 0% CVSS 6.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability on HP ProCurve 1700-8 (aka J9079A) switches with software before VA.02.09 and 1700-24 (aka J9080A) switches with software before VB.02.09 allows remote. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF HP Procurve Switch Software +2
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Systems Insight Manager
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service HP Systems Insight Manager
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Systems Insight Manager
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to modify data via unknown vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure HP Systems Insight Manager
NVD
EPSS 0% CVSS 3.2
LOW Monitor

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows local users to obtain sensitive information or modify data via unknown vectors. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure HP Systems Insight Manager
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Unspecified vulnerability on the HP LaserJet Pro M1212nf, M1213nf, M1214nfh, M1216nfh, M1217nfw, and M1219nf, and HotSpot LaserJet Pro M1218nfs, with firmware before 20130211; LaserJet Pro CP1025nw. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service HP Hotspot Laserjet Pro M1218Nfs Mfp +19
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Unspecified vulnerability in HP ServiceCenter 6.2.8 before 6.2.8.10 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Service Center
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Intelligent Management Center For Automated Network Manager +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service HP Intelligent Management Center +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) User Access Manager (UAM) before 5.2 E0402 allows remote attackers to obtain sensitive information, modify data, or cause a denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Intelligent Management Center User Access Manager
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) TACACS+ Authentication Manager (TAM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Tacacs Authentication Manager
NVD
EPSS 24% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.2% and no vendor patch available.

HP RCE Intelligent Management Center +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Intelligent Management Center +1
NVD
EPSS 2% CVSS 9.0
CRITICAL Act Now

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Intelligent Management Center For Automated Network Manager +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Intelligent Management Center +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Intelligent Management Center For Automated Network Manager +1
NVD
EPSS 69% 5.1 CVSS 7.5
HIGH POC THREAT Act Now

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 69.4%.

Denial Of Service HP Intelligent Management Center +1
NVD
EPSS 67% 5.0 CVSS 7.5
HIGH POC THREAT Act Now

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 67.5%.

Denial Of Service HP Intelligent Management Center For Automated Network Manager +1
NVD
EPSS 67% 5.0 CVSS 7.5
HIGH POC THREAT Act Now

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 67.5%.

Denial Of Service HP Intelligent Management Center +1
NVD
EPSS 75% 5.7 CVSS 10.0
CRITICAL POC THREAT Emergency

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 74.9%.

HP RCE Intelligent Management Center +1
NVD Exploit-DB
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Intelligent Management Center +1
NVD
EPSS 0% CVSS 1.9
LOW PATCH Monitor

HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3). Rated low severity (CVSS 1.9).

Information Disclosure HP Linux Imaging And Printing Project +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2 and earlier allows remote authenticated users to execute arbitrary code via unknown vectors. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

HP RCE Arcsight Connector Appliance Firmware +2
NVD
EPSS 2% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance before 6.3 and ArcSight Logger 5.2 and earlier allows remote attackers to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Arcsight Connector Appliance Firmware +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2 and earlier allows remote authenticated users to obtain sensitive information, modify data, or. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Arcsight Connector Appliance Firmware +2
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

Multiple unspecified vulnerabilities on HP NonStop Servers H06.x and J06.x allow remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via an OSS. Rated medium severity (CVSS 6.3). No vendor patch available.

Denial Of Service HP Nonstop Server Software +1
NVD
EPSS 27% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1513. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 26.9% and no vendor patch available.

HP RCE San Iq +1
NVD
EPSS 27% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 26.9% and no vendor patch available.

HP RCE San Iq +1
NVD
EPSS 23% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1511. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.2% and no vendor patch available.

HP RCE San Iq +1
NVD
EPSS 35% 4.6 CVSS 10.0
CRITICAL POC THREAT Emergency

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1468. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 35.1%.

HP RCE San Iq +1
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH This Week

Unspecified vulnerability in Device Manager in HP XP P9000 Command View Advanced Edition before 7.4.0-00 allows remote attackers to cause a denial of service via unknown vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Xp P9000 Command View Advanced Edition
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Network Node Manager I
NVD
EPSS 2% CVSS 3.5
LOW Monitor

Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller,. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

0235A0Bq 0150A129 0150A12A +674
NVD
EPSS 36% CVSS 10.0
CRITICAL Emergency

Stack-based buffer overflow in magentservice.exe in HP Diagnostics Server 8.x through 8.07 and 9.x through 9.21 allows remote attackers to execute arbitrary code via a malformed message packet. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 35.7% and no vendor patch available.

Buffer Overflow HP RCE +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation HP Oracle +2
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The KillProcess method in the HP PKI ActiveX control (HPPKI.ocx) before 1.2.0.1 allows remote attackers to cause a denial of service (kill process) via the partial or full name of a process. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service HP Pki Activex Control
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Openvms
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha platform does not properly implement the LOGIN and ACME_SERVER ACMELOGIN programs, which allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Denial Of Service HP Openvms
NVD
EPSS 25% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and 9.20 allows remote attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 25.4% and no vendor patch available.

HP RCE Network Node Manager I
NVD
EPSS 73% 5.7 CVSS 10.0
CRITICAL POC THREAT Emergency

Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (IMC) before 5.1 E0101P01 allows remote attackers to execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 73.4%.

Buffer Overflow HP RCE +1
NVD Exploit-DB
EPSS 1% CVSS 5.0
MEDIUM This Month

Multiple unspecified vulnerabilities on the HP LaserJet Pro 400 MFP M425 with firmware 20120625 and LaserJet 400 M401 with firmware 20120621 allow remote attackers to obtain sensitive information via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Laserjet Pro Mfp M401 +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability on the HP Color LaserJet CM3530 with firmware before 53.190.9, Color LaserJet CM60xx with firmware before 52.210.9, Color LaserJet CP3525 with firmware before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Color Laserjet Cm3530 +6
NVD
EPSS 1% CVSS 9.3
CRITICAL PATCH Act Now

Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure HP Integrated Lights Out 3 Firmware +1
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Performance Insight
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Performance Insight
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.20 allows remote attackers to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Network Node Manager I
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in IBRIX 6.1.196 through 6.1.251 on HP IBRIX X9000 Storage allows remote attackers to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Ibrix +3
NVD
EPSS 7% CVSS 7.5
HIGH This Week

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1472. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP RCE Sitescope
NVD
EPSS 24% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1465. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.2% and no vendor patch available.

HP RCE Sitescope
NVD
EPSS 24% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.2% and no vendor patch available.

HP RCE Sitescope
NVD
EPSS 69% 5.6 CVSS 10.0
CRITICAL POC THREAT Emergency

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 68.6%.

HP RCE Sitescope
NVD
EPSS 69% 5.6 CVSS 10.0
CRITICAL POC THREAT Emergency

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 68.6%.

HP RCE Sitescope
NVD
EPSS 29% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 29.2% and no vendor patch available.

HP RCE Sitescope
NVD
EPSS 29% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 29.1% and no vendor patch available.

HP RCE Operations Orchestration
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure HP Business Availability Center
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF HP Business Availability Center
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Business Availability Center
NVD
EPSS 31% CVSS 10.0
CRITICAL Emergency

Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by a stack-based. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 31.0% and no vendor patch available.

Buffer Overflow HP RCE +1
NVD
EPSS 31% CVSS 10.0
CRITICAL Emergency

Multiple unspecified vulnerabilities in HP Intelligent Management Center (IMC) before 5.0 E0101P05 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by an integer. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 31.0% and no vendor patch available.

Buffer Overflow HP RCE +1
NVD
EPSS 22% CVSS 4.0
MEDIUM POC THREAT This Month

hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 22.1%.

HP Authentication Bypass San Iq
NVD Exploit-DB
EPSS 45% 4.4 CVSS 7.7
HIGH POC THREAT Act Now

lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter. Rated high severity (CVSS 7.7), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 44.8%.

Command Injection HP San Iq
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH This Week

Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote attackers to cause a denial of service via unknown vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Serviceguard
NVD
EPSS 5% CVSS 7.7
HIGH POC This Week

lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3). Rated high severity (CVSS 7.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection HP San Iq
NVD Exploit-DB
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 7.11, 9.21, and 9.30, and HP Service Center Web Tier 6.28, allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Service Center Web Tier +1
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and 9.30, and HP Service Center Server 6.28, allows remote attackers to cause a denial of service via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Service Center Server +1
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote authenticated users to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Fortify Software Security Center
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote attackers to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Fortify Software Security Center
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Unspecified vulnerability on the HP Integrity Server BL860c i2, BL870c i2, and BL890c i2 with firmware before 26.31 and the HP Integrity Server rx2800 i2 with firmware before 26.30 allows local users. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service HP Integrity Firmware +2
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the import functionality in HP ArcSight Connector appliance 6.2.0.6244.0 and ArcSight Logger appliance 5.2.0.6288.0 allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Arcsight Connector Appliance Firmware +3
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Network Node Manager I
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Assetmanager
NVD
EPSS 82% 6.0 CVSS 10.0
CRITICAL POC THREAT Emergency

Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.3%.

HP RCE Operations Agent
NVD Exploit-DB
EPSS 76% 5.8 CVSS 10.0
CRITICAL POC THREAT Emergency

Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 75.6%.

HP RCE Operations Agent
NVD Exploit-DB
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Network Node Manager I
NVD
EPSS 5% CVSS 7.8
HIGH This Week

Unspecified vulnerability on HP Photosmart Wireless e-All-in-One B110, e-All-in-One D110, Plus e-All-in-One B210, eStation All-in-One C510, Ink Advantage e-All-in-One K510, and Premium Fax. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Photosmart E All In One Printer Series +5
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Information Disclosure HP System Management Homepage
NVD
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure HP System Management Homepage
NVD
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure HP System Management Homepage
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service HP System Management Homepage
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure HP System Management Homepage
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin 8.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Web Jetadmin
NVD
EPSS 4% CVSS 10.0
CRITICAL Act Now

HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation HP Business Service Management
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha platform, and 8.3, 8.3-1H1, and 8.4 on the Itanium platform, when the SYS$ACM system service is enabled, allows local users to gain. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation HP Openvms
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

Unspecified vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to gain privileges via unknown vectors. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation HP Performance Insight
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Performance Insight
NVD
EPSS 1% CVSS 7.5
HIGH This Week

SQL injection vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi HP Performance Insight
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Unspecified vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to modify data or cause a denial of service via unknown vectors. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service HP Microsoft +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP Microsoft XSS +1
NVD
EPSS 1% CVSS 8.3
HIGH This Week

Open redirect vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to redirect users to arbitrary web sites and conduct phishing. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect HP Microsoft +1
NVD
Prev Page 7 of 8 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy