Filtered by vendor Hp
Subscriptions
Total
2469 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-7069 | 1 Hp | 1 Centralview Fraud Risk Management | 2024-11-21 | N/A |
| HPE has identified a remote unauthenticated access to files vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version. | ||||
| CVE-2018-7068 | 1 Hp | 1 Centralview Fraud Risk Management | 2024-11-21 | N/A |
| HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version. | ||||
| CVE-2018-7059 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | N/A |
| Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the "mon" permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is only present when authenticated as a user with "mon" permission. | ||||
| CVE-2018-7058 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | N/A |
| Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent. | ||||
| CVE-2018-6653 | 2 Comforte, Hp | 2 Swap, Nonstop Server | 2024-11-21 | N/A |
| comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL T0910, and in the comforte SecurCS, SecurFTP, SecurLib/SSL-AT, and SecurTN products), after executing the RELOAD CERTIFICATES command, does not ensure that clients use a strong TLS cipher suite, which makes it easier for remote attackers to defeat intended cryptographic protection mechanisms by sniffing the network. This is fixed in 21.6.0. | ||||
| CVE-2018-6505 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | N/A |
| A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Unauthenticated File Downloads. | ||||
| CVE-2018-6503 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | N/A |
| A potential Access Control vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for vulnerable Access Controls. | ||||
| CVE-2018-6502 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | N/A |
| A potential Reflected Cross-Site Scripting (XSS) Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Reflected Cross-site Scripting (XSS). | ||||
| CVE-2018-6501 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | N/A |
| Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. This vulnerability could be exploited to allow for insufficient access controls. | ||||
| CVE-2018-6500 | 1 Hp | 1 Arcsight Management Center | 2024-11-21 | N/A |
| A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal. | ||||
| CVE-2018-6493 | 1 Hp | 2 Network Automation, Network Operations Management Ultimate | 2024-11-21 | 8.8 High |
| SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection. | ||||
| CVE-2018-6492 | 1 Hp | 2 Network Automation, Network Operations Management Ultimate | 2024-11-21 | N/A |
| Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow persistent cross-site scripting, and non-persistent HTML Injection. | ||||
| CVE-2018-6490 | 1 Hp | 1 Operations Orchestration | 2024-11-21 | N/A |
| Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service. | ||||
| CVE-2018-5927 | 1 Hp | 1 Support Assistant | 2024-11-21 | N/A |
| HP Support Assistant before 8.7.50.3 allows an unauthorized person with local access to load arbitrary code. | ||||
| CVE-2018-5926 | 1 Hp | 1 Remote Graphics Software | 2024-11-21 | N/A |
| A potential vulnerability has been identified in HP Remote Graphics Software’s certificate authentication process version 7.5.0 and earlier. | ||||
| CVE-2018-5925 | 1 Hp | 540 1dt61a, 1dt61a Firmware, 1jl02a and 537 more | 2024-11-21 | N/A |
| A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution. | ||||
| CVE-2018-5924 | 1 Hp | 540 1dt61a, 1dt61a Firmware, 1jl02a and 537 more | 2024-11-21 | N/A |
| A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution. | ||||
| CVE-2018-5923 | 1 Hp | 276 Color Laserjet Cm4540 Mfp, Color Laserjet Cm4540 Mfp Firmware, Color Laserjet Cp5525 and 273 more | 2024-11-21 | N/A |
| In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code. | ||||
| CVE-2018-5921 | 1 Hp | 387 A2w75a, A2w75a Firmware, A2w76a and 384 more | 2024-11-21 | N/A |
| A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and could potentially be exploited remotely to allow elevation of privilege. | ||||
| CVE-2018-5740 | 7 Canonical, Debian, Hp and 4 more | 12 Ubuntu Linux, Debian Linux, Hp-ux and 9 more | 2024-11-21 | 7.5 High |
| "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. | ||||