ReportizFlow
Filtered by vendor Hp
Subscriptions
Total
2489 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5289 | 1 Hp | 2 Mercury Quality Center, Testdirector | 2025-04-09 | N/A |
| HP Mercury Quality Center (QC) 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture (OTA) API, as demonstrated by modifying (1) common.tds, (2) defects.tds, (3) manrun.tds, (4) req.tds, (5) testlab.tds, or (6) testplan.tds in %tmp%\TD_80, and then setting the file's properties to read-only. | ||||
| CVE-2007-3062 | 1 Hp | 1 System Management Homepage | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-1093 | 4 Hitachi, Hp, Microsoft and 1 more | 12 Cm2-network Node Manager, Cm2-network Node Manager 250, Hi Ux We2 and 9 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior. | ||||
| CVE-2007-3487 | 1 Hp | 1 Photo Digital Imaging Activex Control | 2025-04-09 | N/A |
| Absolute path traversal in a certain ActiveX control in hpqxml.dll 2.0.0.133 in Hewlett-Packard (HP) Photo Digital Imaging allows remote attackers to create or overwrite arbitrary files via the argument to the saveXMLAsFile method. | ||||
| CVE-2009-4179 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | N/A |
| Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action. | ||||
| CVE-2006-7034 | 9 Apple, Hp, Ibm and 6 more | 18 Mac Os X, Hp-ux, Tru64 and 15 more | 2025-04-09 | N/A |
| SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. | ||||
| CVE-2008-4415 | 1 Hp | 1 Service Manager | 2025-04-09 | N/A |
| Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 allows remote authenticated users to execute arbitrary code via unknown vectors. | ||||
| CVE-2009-3841 | 2 Hp, Microsoft | 2 Discovery\&dependency Mapping Inventory, Windows | 2025-04-09 | N/A |
| Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.60 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors. | ||||
| CVE-2007-1043 | 9 Apple, Ezboo, Hp and 6 more | 18 Mac Os X, Webstats, Hp-ux and 15 more | 2025-04-09 | N/A |
| Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php. | ||||
| CVE-2006-6418 | 1 Hp | 1 Tru64 | 2025-04-09 | N/A |
| Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable. | ||||
| CVE-2006-6742 | 1 Hp | 3 Ftp Print Server, Laserjet 5000, Laserjet 5100 | 2025-04-09 | N/A |
| Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote attackers to cause a denial of service (device crash) via a long string in the (1) LIST or (2) NLST command. | ||||
| CVE-2009-0940 | 1 Hp | 154 8100c Digital Sender, 9100c Digital Sender, 9200c Digital Sender and 151 more | 2025-04-09 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config. | ||||
| CVE-2007-0866 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-09 | N/A |
| Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors. | ||||
| CVE-2009-0921 | 1 Hp | 1 Network Node Manager | 2025-04-09 | N/A |
| Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.dll, or (2) a long Accept-Language HTTP header, which triggers the error in ovwww.dll or libovwww.so.4. | ||||
| CVE-2008-0214 | 1 Hp | 1 Select Identity | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to gain access via unknown vectors. | ||||
| CVE-2008-0213 | 1 Hp | 1 Virtual Rooms | 2025-04-09 | N/A |
| Unspecified vulnerability in a certain ActiveX control for HP Virtual Rooms (HPVR) 6 and earlier allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2007-0394 | 1 Hp | 1 Hp-ux | 2025-04-09 | N/A |
| HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. | ||||
| CVE-2007-0139 | 1 Hp | 1 Openvms | 2025-04-09 | N/A |
| Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to (1) [SYSEXE]CTF$UI.EXE, (2) [SYSMSG]CTF$MESSAGES.EXE, (3) [SYSHLP]CTF$HELP.HLB, and (4) [SYSMGR]CTF$STARTUP.COM. | ||||
| CVE-2007-0358 | 1 Hp | 1 Jetdirect Firmware | 2025-04-09 | N/A |
| Unspecified vulnerability in the FTP server implementation in HP Jetdirect firmware x.20.nn through x.24.nn allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2008-0068 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | N/A |
| Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter. | ||||