Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2008-5120

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-18 Nov, 2008 | 00:00
Updated At-07 Aug, 2024 | 10:40
Rejected At-
Credits

Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote attackers to execute arbitrary code via a long request string.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:18 Nov, 2008 | 00:00
Updated At:07 Aug, 2024 | 10:40
Rejected At:
▼CVE Numbering Authority (CNA)

Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote attackers to execute arbitrary code via a long request string.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/archive/1/495207/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://securityreason.com/securityalert/4602
third-party-advisory
x_refsource_SREASON
http://www.securityfocus.com/bid/30589
vdb-entry
x_refsource_BID
Hyperlink: http://www.securityfocus.com/archive/1/495207/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://securityreason.com/securityalert/4602
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: http://www.securityfocus.com/bid/30589
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/archive/1/495207/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://securityreason.com/securityalert/4602
third-party-advisory
x_refsource_SREASON
x_transferred
http://www.securityfocus.com/bid/30589
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/495207/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://securityreason.com/securityalert/4602
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: http://www.securityfocus.com/bid/30589
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:18 Nov, 2008 | 00:30
Updated At:23 Apr, 2026 | 00:35

Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote attackers to execute arbitrary code via a long request string.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
HP Inc.
hp
>>openvms>>8.3
cpe:2.3:a:hp:openvms:8.3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://securityreason.com/securityalert/4602cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/495207/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/30589cve@mitre.org
N/A
http://securityreason.com/securityalert/4602af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/495207/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/30589af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://securityreason.com/securityalert/4602
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/495207/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/30589
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/4602
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/495207/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/30589
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

2066Records found
CVE-2008-4562
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.57% / 90.33%
||
7 Day CHG~0.00%
Published-08 Feb, 2009 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-7114
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-61.65% / 98.35%
||
7 Day CHG~0.00%
Published-03 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerHPE Intelligent Management Center (IMC)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1734
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-44.52% / 97.59%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1730
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-49.46% / 97.81%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1735
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-51.70% / 97.92%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1553
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-83.93% / 99.30%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-4178
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-86.10% / 99.40%
||
7 Day CHG~0.00%
Published-10 Dec, 2009 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-3848
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-19.58% / 95.44%
||
7 Day CHG-1.80%
Published-10 Dec, 2009 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2003-1496
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.26% / 49.78%
||
7 Day CHG~0.00%
Published-25 Oct, 2007 | 19:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-2110
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-33.76% / 96.97%
||
7 Day CHG~0.00%
Published-25 May, 2015 | 17:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP LoadRunner 11.52 allows remote attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-0898
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-6.51% / 91.15%
||
7 Day CHG-0.73%
Published-10 Dec, 2009 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted HTTP request.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-6195
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-22.85% / 95.92%
||
7 Day CHG~0.00%
Published-15 Dec, 2007 | 01:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-2685
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-85.43% / 99.37%
||
7 Day CHG~0.00%
Published-06 Nov, 2009 | 15:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.

Action-Not Available
Vendor-n/aHP Inc.
Product-power_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1866
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-56.81% / 98.15%
||
7 Day CHG~0.00%
Published-01 Jul, 2011 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXEC_CMD functionality.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1851
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-29.84% / 96.66%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1985
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||CRITICAL
EPSS-2.41% / 85.15%
||
7 Day CHG~0.00%
Published-30 Jan, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-operations_managerwindowsn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2016-1989
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-13.50% / 94.25%
||
7 Day CHG~0.00%
Published-15 Mar, 2016 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_automationn/a
CVE-2011-0922
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-82.01% / 99.22%
||
7 Day CHG~0.00%
Published-09 Feb, 2011 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protectorn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-2245
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-14.45% / 94.46%
||
7 Day CHG~0.00%
Published-19 Mar, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-support_assistantn/a
CWE ID-CWE-287
Improper Authentication
CVE-2016-1997
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.58% / 85.65%
||
7 Day CHG~0.00%
Published-22 Mar, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Action-Not Available
Vendor-n/aHP Inc.
Product-operations_orchestrationoperations_orchestration_contentn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1998
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.67% / 82.19%
||
7 Day CHG~0.00%
Published-22 Mar, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5356
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-19.72% / 95.46%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:39
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2016-2005
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-47.25% / 97.71%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protectorn/a
CVE-2008-0704
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.67% / 85.87%
||
7 Day CHG~0.00%
Published-28 Mar, 2008 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain unspecified access via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-integrityalphaopen_vms_tcp-ip_servicesn/a
CVE-2001-0552
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.35% / 87.37%
||
7 Day CHG~0.00%
Published-29 Aug, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.

Action-Not Available
Vendor-n/aIBM CorporationHP Inc.
Product-tivoli_netviewopenview_network_node_managern/a
CVE-2016-1999
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.23% / 87.13%
||
7 Day CHG~0.00%
Published-30 May, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Action-Not Available
Vendor-n/aHP Inc.
Product-release_controln/a
CWE ID-CWE-284
Improper Access Control
CVE-2014-7898
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-23.36% / 95.98%
||
7 Day CHG~0.00%
Published-09 Mar, 2015 | 17:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-windowsole_point_of_sale_drivern/a
CVE-2016-4448
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.20% / 79.03%
||
7 Day CHG~0.00%
Published-09 Jun, 2016 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

Action-Not Available
Vendor-n/aApple Inc.SlackwareOracle CorporationMcAfee, LLCRed Hat, Inc.HP Inc.Microsoft Corporationlibxml2 (XMLSoft)Tenable, Inc.
Product-vm_servermac_os_xenterprise_linux_server_tusenterprise_linux_desktopweb_gatewayenterprise_linux_server_eusenterprise_linux_server_auslog_correlation_enginetvosslackware_linuxituneswatchoslibxml2enterprise_linux_serverenterprise_linux_workstationicewall_federation_agentwindowsiphone_oslinuxicloudenterprise_linuxn/a
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2020-24650
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-7.21% / 91.64%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:36
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A legend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2020-24648
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-22.10% / 95.82%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:36
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A accessmgrservlet classname deserialization of untrusted data remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2020-24646
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-9.17% / 92.72%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:34
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-24651
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-8.60% / 92.44%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:36
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A syslogtempletselectwin expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2022-24292
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.04% / 83.94%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 19:46
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-officejet_pro_8210_j3p67a_firmwareofficejet_pro_8740_k7s42a_firmwarelaserjet_pro_m453-m454_w1y46a_firmwarelaserjet_pro_mfp_m478-m479_w1a80alaserjet_pro_m304-m305_w1a47alaserjet_pro_m453-m454_w1y45a_firmwarelaserjet_pro_m304-m305_w1a48a_firmwareofficejet_pro_8740_t0g65aofficejet_pro_8210_j3p65aofficejet_pro_8210_d9l63a_firmwarelaserjet_pro_m453-m454_w1y44aofficejet_pro_8740_k7s40aofficejet_pro_8740_j6x83a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a29a_firmwarepagewide_managed_p55250dw_j6u55alaserjet_pro_m304-m305_w1a46aofficejet_pro_8740_k7s43alaserjet_pro_m453-m454_w1y43a_firmwarepagewide_352dw_j6u57a_firmwarelaserjet_pro_m453-m454_w1y47a_firmwarepagewide_pro_477dn_d3q19alaserjet_pro_m304-m305_w1a46a_firmwarelaserjet_pro_m304-m305_w1a66a_firmwarelaserjet_pro_m404-m405_w1a57alaserjet_pro_m404-m405_w1a59alaserjet_pro_m453-m454_w1y41a_firmwarelaserjet_pro_mfp_m478-m479_w1a78a_firmwarelaserjet_pro_m404-m405_w1a56alaserjet_pro_m404-m405_w1a52alaserjet_pro_mfp_m478-m479_w1a82alaserjet_pro_mfp_m428-m429_w1a31apagewide_pro_452dw_d3q16a_firmwarelaserjet_pro_mfp_m478-m479_w1a77a_firmwarepagewide_pro_452dw_d3q16apagewide_pro_452dn_d3q15apagewide_managed_p57750dw_j9v82aofficejet_pro_8740_k7s41aofficejet_pro_8210_d9l63alaserjet_pro_m304-m305_w1a53a_firmwarepagewide_pro_552dw_d3q17a_firmwarelaserjet_pro_mfp_m478-m479_w1a79alaserjet_pro_mfp_m428-m429_w1a31a_firmwareofficejet_pro_8210_j3p68a_firmwareofficejet_pro_8216_t0g70a_firmwarelaserjet_pro_m304-m305_w1a51a_firmwarelaserjet_pro_m304-m305_w1a59a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38alaserjet_pro_m304-m305_w1a48alaserjet_pro_mfp_m428-m429_f_w1a32a_firmwareofficejet_pro_8216_t0g70alaserjet_pro_m453-m454_w1y47alaserjet_pro_m304-m305_w1a56a_firmwarepagewide_pro_577z_k9z76a_firmwarepagewide_managed_p55250dw_j6u55b_firmwareofficejet_pro_8730_k7s32a_firmwareofficejet_pro_8740_j6x83apagewide_pro_577dw_d3q21alaserjet_pro_mfp_m478-m479_w1a80a_firmwarelaserjet_pro_m304-m305_w1a52a_firmwarepagewide_pro_452dn_d3q15a_firmwareofficejet_pro_8210_d9l64alaserjet_pro_m453-m454_w1y46alaserjet_pro_mfp_m428-m429_f_w1a32alaserjet_pro_mfp_m478-m479_w1a81a_firmwarelaserjet_pro_m453-m454_w1y44a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34a_firmwareofficejet_pro_8740_k7s41a_firmwareofficejet_pro_8210_d9l64a_firmwarepagewide_377dw_j9v80a_firmwarelaserjet_pro_m304-m305_w1a57a_firmwareofficejet_pro_8740_d9l21alaserjet_pro_m304-m305_w1a58a_firmwarelaserjet_pro_mfp_m478-m479_w1a75apagewide_managed_p55250dw_j6u55bofficejet_pro_8740_k7s39alaserjet_pro_mfp_m428-m429_f_w1a30alaserjet_pro_m304-m305_w1a66alaserjet_pro_m453-m454_w1y40alaserjet_pro_mfp_m478-m479_w1a77apagewide_managed_p55250dw_j6u55a_firmwarepagewide_pro_477dw_d3q20aofficejet_pro_8210_j3p66alaserjet_pro_m404-m405_w1a60alaserjet_pro_mfp_m428-m429_f_w1a35alaserjet_pro_mfp_m478-m479_w1a76a_firmwarepagewide_pro_577z_k9z76apagewide_managed_p55250dw_j6u51bpagewide_377dw_j9v80alaserjet_pro_mfp_m478-m479_w1a78alaserjet_pro_m304-m305_w1a63a_firmwarelaserjet_pro_m304-m305_w1a60a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34aofficejet_pro_8740_t0g65a_firmwarepagewide_pro_477dw_d3q20a_firmwarelaserjet_pro_m453-m454_w1y40a_firmwareofficejet_pro_8740_k7s39a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a35a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a30a_firmwarepagewide_managed_p55250dw_j6u51b_firmwareofficejet_pro_8730_d9l20a_firmwarelaserjet_pro_mfp_m428-m429_w1a33a_firmwarelaserjet_pro_m404-m405_93m22alaserjet_pro_mfp_m478-m479_w1a76alaserjet_pro_mfp_m478-m479_w1a82a_firmwareofficejet_pro_8210_j3p68alaserjet_pro_mfp_m478-m479_w1a81alaserjet_pro_m404-m405_w1a51alaserjet_pro_mfp_m428-m429_w1a33aofficejet_pro_8210_j3p66a_firmwarelaserjet_pro_m404-m405_w1a53alaserjet_pro_m453-m454_w1y43alaserjet_pro_mfp_m478-m479_w1a79a_firmwarelaserjet_pro_m404-m405_w1a58alaserjet_pro_mfp_m428-m429_w1a28a_firmwareofficejet_pro_8210_j3p67alaserjet_pro_mfp_m428-m429_w1a28aofficejet_pro_8740_k7s42apagewide_pro_552dw_d3q17aofficejet_pro_8210_j3p65a_firmwareofficejet_pro_8740_k7s43a_firmwarelaserjet_pro_m453-m454_w1y41alaserjet_pro_m453-m454_w1y45alaserjet_pro_m304-m305_w1a47a_firmwareofficejet_pro_8730_d9l20aofficejet_pro_8740_d9l21a_firmwareofficejet_pro_8740_k7s40a_firmwareofficejet_pro_8730_k7s32apagewide_managed_p57750dw_j9v82a_firmwarelaserjet_pro_m404-m405_93m22a_firmwarelaserjet_pro_m404-m405_w1a63alaserjet_pro_mfp_m428-m429_f_w1a29alaserjet_pro_mfp_m478-m479_w1a75a_firmwarepagewide_352dw_j6u57apagewide_pro_477dn_d3q19a_firmwarepagewide_pro_577dw_d3q21a_firmwareHP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers
CVE-2013-6218
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-31.62% / 96.82%
||
7 Day CHG~0.00%
Published-19 Apr, 2014 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_node_manager_in/a
CVE-2009-3845
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-16.97% / 95.00%
||
7 Day CHG-1.62%
Published-10 Dec, 2009 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2013-6221
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-84.14% / 99.31%
||
7 Day CHG~0.00%
Published-18 Jun, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_virtualizationn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2013-4841
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-28.40% / 96.54%
||
7 Day CHG~0.00%
Published-26 Feb, 2014 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in HP StoreVirtual 4000 and StoreVirtual VSA Software (formerly LeftHand Virtual SAN Appliance) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1509.

Action-Not Available
Vendor-n/aHP Inc.
Product-storevirtual_virtual_storage_appliancelefthandstorevirtual_4000n/a
CVE-2013-4808
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-4.20% / 88.78%
||
7 Day CHG~0.00%
Published-18 Aug, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31 and Service Center 6.2.8 allows remote attackers to obtain privileged access via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_managerservice_centern/a
CVE-2013-4813
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-6.40% / 91.08%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_manageridentity_driven_managern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-4812
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-74.00% / 98.85%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_manageridentity_driven_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4838
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-27.67% / 96.47%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnern/a
CVE-2013-4798
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-83.19% / 99.28%
||
7 Day CHG~0.00%
Published-26 Jul, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.

Action-Not Available
Vendor-n/aHP Inc.
Product-loadrunnern/a
CVE-2013-4810
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-89.70% / 99.57%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-21 Apr, 2026 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874.

Action-Not Available
Vendor-n/aHP Inc.
Product-application_lifecycle_managementprocurve_managern/aProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-4811
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-83.54% / 99.29%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_manageridentity_driven_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3573
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-1.11% / 78.27%
||
7 Day CHG~0.00%
Published-14 Jun, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-insight_diagnosticsn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-2324
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-38.30% / 97.25%
||
7 Day CHG~0.00%
Published-06 Jun, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1629.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2013-2349
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-27.67% / 96.47%
||
7 Day CHG~0.00%
Published-04 Jan, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1896.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2013-2326
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-20.80% / 95.64%
||
7 Day CHG~0.00%
Published-06 Jun, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1634.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2013-2335
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-20.80% / 95.64%
||
7 Day CHG~0.00%
Published-06 Jun, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2013-2347
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-76.79% / 98.97%
||
7 Day CHG~0.00%
Published-04 Jan, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 41
  • 42
  • Next
Details not found