Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-1541

Summary
Assigner-hp
Assigner Org ID-74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At-29 Apr, 2011 | 22:00
Updated At-06 Aug, 2024 | 22:28
Rejected At-
Credits

Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:hp
Assigner Org ID:74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At:29 Apr, 2011 | 22:00
Updated At:06 Aug, 2024 | 22:28
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id?1025414
vdb-entry
x_refsource_SECTRACK
http://marc.info/?l=bugtraq&m=130331363227777&w=2
vendor-advisory
x_refsource_HP
http://www.securityfocus.com/bid/47512
vdb-entry
x_refsource_BID
http://securityreason.com/securityalert/8233
third-party-advisory
x_refsource_SREASON
http://marc.info/?l=bugtraq&m=130331363227777&w=2
vendor-advisory
x_refsource_HP
Hyperlink: http://www.securitytracker.com/id?1025414
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://marc.info/?l=bugtraq&m=130331363227777&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.securityfocus.com/bid/47512
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://securityreason.com/securityalert/8233
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: http://marc.info/?l=bugtraq&m=130331363227777&w=2
Resource:
vendor-advisory
x_refsource_HP
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id?1025414
vdb-entry
x_refsource_SECTRACK
x_transferred
http://marc.info/?l=bugtraq&m=130331363227777&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://www.securityfocus.com/bid/47512
vdb-entry
x_refsource_BID
x_transferred
http://securityreason.com/securityalert/8233
third-party-advisory
x_refsource_SREASON
x_transferred
http://marc.info/?l=bugtraq&m=130331363227777&w=2
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.securitytracker.com/id?1025414
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=130331363227777&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.securityfocus.com/bid/47512
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://securityreason.com/securityalert/8233
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=130331363227777&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:hp-security-alert@hp.com
Published At:29 Apr, 2011 | 22:55
Updated At:11 Apr, 2025 | 00:51

Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
HP Inc.
hp
>>system_management_homepage>>Versions up to 6.2.3.8(inclusive)
cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.0.0
cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.0.1
cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.0.1.104
cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.0.2
cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.0.2.106
cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1
cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.0-103
cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.0-103\(a\)
cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.0-109
cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.0-118
cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.0.121
cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.1
cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.2
cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.2-127
cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.2.127
cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.3
cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.3.132
cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.4
cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.4-143
cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.4.143
cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.5
cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.5-146
cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.5.146
cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.5.146
cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.6
cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.6-156
cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.6.156
cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.7
cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.7-168
cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.7.168
cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.8
cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.8-177
cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.8.179
cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.9
cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.9-178
cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.10
cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.10-186
cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.10.186
cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.10.186
cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.10.186
cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.11
cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.11-197
cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.11.197
cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.12-118
cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.12-200
cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.12.201
cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.14.20
cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.14.204
cpe:2.3:a:hp:system_management_homepage:2.1.14.204:*:*:*:*:*:*:*
HP Inc.
hp
>>system_management_homepage>>2.1.15-210
cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://marc.info/?l=bugtraq&m=130331363227777&w=2hp-security-alert@hp.com
Vendor Advisory
http://marc.info/?l=bugtraq&m=130331363227777&w=2hp-security-alert@hp.com
Vendor Advisory
http://securityreason.com/securityalert/8233hp-security-alert@hp.com
N/A
http://www.securityfocus.com/bid/47512hp-security-alert@hp.com
N/A
http://www.securitytracker.com/id?1025414hp-security-alert@hp.com
N/A
http://marc.info/?l=bugtraq&m=130331363227777&w=2af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://marc.info/?l=bugtraq&m=130331363227777&w=2af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://securityreason.com/securityalert/8233af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/47512af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id?1025414af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://marc.info/?l=bugtraq&m=130331363227777&w=2
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=130331363227777&w=2
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://securityreason.com/securityalert/8233
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/47512
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1025414
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=130331363227777&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=130331363227777&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://securityreason.com/securityalert/8233
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/47512
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1025414
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

396Records found
CVE-2013-2350
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-27.67% / 96.26%
||
7 Day CHG~0.00%
Published-04 Jan, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1897.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-2013-2332
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-63.01% / 98.32%
||
7 Day CHG~0.00%
Published-06 Jun, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1654.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_data_protectorn/a
CVE-1999-0008
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.95% / 87.90%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in NIS+, in Sun's rpc.nisd program.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)HP Inc.
Product-solarissunoshp-uxn/a
CVE-1999-0046
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.53% / 87.20%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow of rlogin program using TERM environmental variable.

Action-Not Available
Vendor-bsdinextdigitaln/aNetBSDIBM CorporationDebian GNU/LinuxOracle CorporationFreeBSD FoundationSun Microsystems (Oracle Corporation)HP Inc.
Product-bsd_osnetbsdhp-uxaixsolarisultrixsunosdebian_linuxfreebsdnextstepn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2011-3166
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-42.81% / 97.39%
||
7 Day CHG~0.00%
Published-02 Nov, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1209.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2001-1162
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-30.17% / 96.52%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.

Action-Not Available
Vendor-n/aSambaHP Inc.
Product-sambacifs-9000_servern/a
CVE-2012-0127
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.17% / 97.51%
||
7 Day CHG~0.00%
Published-31 Mar, 2012 | 14:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-performance_managern/a
CVE-2010-2704
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-40.69% / 97.27%
||
7 Day CHG~0.00%
Published-27 Jul, 2010 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long HTTP request to nnmrptconfig.exe.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-0131
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-15.13% / 94.33%
||
7 Day CHG~0.00%
Published-03 Apr, 2012 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-distributed_computing_environmenthp-uxn/a
CVE-2009-4177
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-21.29% / 95.47%
||
7 Day CHG~0.00%
Published-10 Dec, 2009 | 22:00
Updated-07 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24292
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-8.53% / 92.03%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 19:46
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-officejet_pro_8210_j3p67a_firmwareofficejet_pro_8740_k7s42a_firmwarelaserjet_pro_m453-m454_w1y46a_firmwarelaserjet_pro_mfp_m478-m479_w1a80alaserjet_pro_m304-m305_w1a47alaserjet_pro_m453-m454_w1y45a_firmwarelaserjet_pro_m304-m305_w1a48a_firmwareofficejet_pro_8740_t0g65aofficejet_pro_8210_j3p65aofficejet_pro_8210_d9l63a_firmwarelaserjet_pro_m453-m454_w1y44aofficejet_pro_8740_k7s40aofficejet_pro_8740_j6x83a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a29a_firmwarepagewide_managed_p55250dw_j6u55alaserjet_pro_m304-m305_w1a46aofficejet_pro_8740_k7s43alaserjet_pro_m453-m454_w1y43a_firmwarepagewide_352dw_j6u57a_firmwarelaserjet_pro_m453-m454_w1y47a_firmwarepagewide_pro_477dn_d3q19alaserjet_pro_m304-m305_w1a46a_firmwarelaserjet_pro_m304-m305_w1a66a_firmwarelaserjet_pro_m404-m405_w1a57alaserjet_pro_m404-m405_w1a59alaserjet_pro_m453-m454_w1y41a_firmwarelaserjet_pro_mfp_m478-m479_w1a78a_firmwarelaserjet_pro_m404-m405_w1a56alaserjet_pro_m404-m405_w1a52alaserjet_pro_mfp_m478-m479_w1a82alaserjet_pro_mfp_m428-m429_w1a31apagewide_pro_452dw_d3q16a_firmwarelaserjet_pro_mfp_m478-m479_w1a77a_firmwarepagewide_pro_452dw_d3q16apagewide_pro_452dn_d3q15apagewide_managed_p57750dw_j9v82aofficejet_pro_8740_k7s41aofficejet_pro_8210_d9l63alaserjet_pro_m304-m305_w1a53a_firmwarepagewide_pro_552dw_d3q17a_firmwarelaserjet_pro_mfp_m478-m479_w1a79alaserjet_pro_mfp_m428-m429_w1a31a_firmwareofficejet_pro_8210_j3p68a_firmwareofficejet_pro_8216_t0g70a_firmwarelaserjet_pro_m304-m305_w1a51a_firmwarelaserjet_pro_m304-m305_w1a59a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38alaserjet_pro_m304-m305_w1a48alaserjet_pro_mfp_m428-m429_f_w1a32a_firmwareofficejet_pro_8216_t0g70alaserjet_pro_m453-m454_w1y47alaserjet_pro_m304-m305_w1a56a_firmwarepagewide_pro_577z_k9z76a_firmwarepagewide_managed_p55250dw_j6u55b_firmwareofficejet_pro_8730_k7s32a_firmwareofficejet_pro_8740_j6x83apagewide_pro_577dw_d3q21alaserjet_pro_mfp_m478-m479_w1a80a_firmwarelaserjet_pro_m304-m305_w1a52a_firmwarepagewide_pro_452dn_d3q15a_firmwareofficejet_pro_8210_d9l64alaserjet_pro_m453-m454_w1y46alaserjet_pro_mfp_m428-m429_f_w1a32alaserjet_pro_mfp_m478-m479_w1a81a_firmwarelaserjet_pro_m453-m454_w1y44a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34a_firmwareofficejet_pro_8740_k7s41a_firmwareofficejet_pro_8210_d9l64a_firmwarepagewide_377dw_j9v80a_firmwarelaserjet_pro_m304-m305_w1a57a_firmwareofficejet_pro_8740_d9l21alaserjet_pro_m304-m305_w1a58a_firmwarelaserjet_pro_mfp_m478-m479_w1a75apagewide_managed_p55250dw_j6u55bofficejet_pro_8740_k7s39alaserjet_pro_mfp_m428-m429_f_w1a30alaserjet_pro_m304-m305_w1a66alaserjet_pro_m453-m454_w1y40alaserjet_pro_mfp_m478-m479_w1a77apagewide_managed_p55250dw_j6u55a_firmwarepagewide_pro_477dw_d3q20aofficejet_pro_8210_j3p66alaserjet_pro_m404-m405_w1a60alaserjet_pro_mfp_m428-m429_f_w1a35alaserjet_pro_mfp_m478-m479_w1a76a_firmwarepagewide_pro_577z_k9z76apagewide_managed_p55250dw_j6u51bpagewide_377dw_j9v80alaserjet_pro_mfp_m478-m479_w1a78alaserjet_pro_m304-m305_w1a63a_firmwarelaserjet_pro_m304-m305_w1a60a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34aofficejet_pro_8740_t0g65a_firmwarepagewide_pro_477dw_d3q20a_firmwarelaserjet_pro_m453-m454_w1y40a_firmwareofficejet_pro_8740_k7s39a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a35a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a30a_firmwarepagewide_managed_p55250dw_j6u51b_firmwareofficejet_pro_8730_d9l20a_firmwarelaserjet_pro_mfp_m428-m429_w1a33a_firmwarelaserjet_pro_m404-m405_93m22alaserjet_pro_mfp_m478-m479_w1a76alaserjet_pro_mfp_m478-m479_w1a82a_firmwareofficejet_pro_8210_j3p68alaserjet_pro_mfp_m478-m479_w1a81alaserjet_pro_m404-m405_w1a51alaserjet_pro_mfp_m428-m429_w1a33aofficejet_pro_8210_j3p66a_firmwarelaserjet_pro_m404-m405_w1a53alaserjet_pro_m453-m454_w1y43alaserjet_pro_mfp_m478-m479_w1a79a_firmwarelaserjet_pro_m404-m405_w1a58alaserjet_pro_mfp_m428-m429_w1a28a_firmwareofficejet_pro_8210_j3p67alaserjet_pro_mfp_m428-m429_w1a28aofficejet_pro_8740_k7s42apagewide_pro_552dw_d3q17aofficejet_pro_8210_j3p65a_firmwareofficejet_pro_8740_k7s43a_firmwarelaserjet_pro_m453-m454_w1y41alaserjet_pro_m453-m454_w1y45alaserjet_pro_m304-m305_w1a47a_firmwareofficejet_pro_8730_d9l20aofficejet_pro_8740_d9l21a_firmwareofficejet_pro_8740_k7s40a_firmwareofficejet_pro_8730_k7s32apagewide_managed_p57750dw_j9v82a_firmwarelaserjet_pro_m404-m405_93m22a_firmwarelaserjet_pro_m404-m405_w1a63alaserjet_pro_mfp_m428-m429_f_w1a29alaserjet_pro_mfp_m478-m479_w1a75a_firmwarepagewide_352dw_j6u57apagewide_pro_477dn_d3q19a_firmwarepagewide_pro_577dw_d3q21a_firmwareHP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers
CVE-2017-13983
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-14.92% / 94.28%
||
7 Day CHG~0.00%
Published-29 Sep, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication.

Action-Not Available
Vendor-n/aHP Inc.
Product-bsm_platform_application_performance_management_system_healthn/a
CWE ID-CWE-287
Improper Authentication
CVE-2017-14350
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-1.13% / 77.47%
||
7 Day CHG~0.00%
Published-29 Sep, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code execution.

Action-Not Available
Vendor-Micro Focus International LimitedHP Inc.
Product-application_performance_managementHPE Application Performance Management (APM)
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2017-12557
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-86.67% / 99.38%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 22:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerintelligent Management Center (iMC) PLAT
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2017-12561
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-56.13% / 98.02%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 01:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT version Plat 7.3 E0504P4 and earlier was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerintelligent Management Center (iMC) PLAT
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2017-12542
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-10||CRITICAL
EPSS-94.20% / 99.91%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-integrated_lights-out_4integrated_lights-out_4_firmwareIntegrated Lights-out 4 (iLO 4)
CVE-2017-12558
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-56.04% / 98.01%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 23:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerintelligent Management Center (iMC) PLAT
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2011-3159
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.96% / 97.54%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1227.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protector_for_personal_computersdata_protector_notebook_extensionn/a
CVE-2017-12556
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-56.04% / 98.01%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 20:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerintelligent Management Center (iMC) PLAT
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2017-10992
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.86% / 85.74%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 12:51
Updated-05 Aug, 2024 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In HPE Storage Essentials 9.5.0.142, there is Unauthenticated Java Deserialization with remote code execution via OS commands in a request to invoker/JMXInvokerServlet, aka PSRT110461.

Action-Not Available
Vendor-n/aHP Inc.
Product-storage_essentialsn/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2021-3705
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 62.98%
||
7 Day CHG~0.00%
Published-01 Nov, 2021 | 13:20
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset the device.

Action-Not Available
Vendor-n/aHP Inc.
Product-laserjet_pro_j8h61alaserjet_pro_j8h60a_firmwarelaserjet_pro_j8h61a_firmwarelaserjet_pro_j8h60aHP LaserJet Pro M501 Series J8H61A; HP LaserJet Pro M501 Series J8H60A
CVE-2011-1732
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-47.13% / 97.60%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-8519
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-60.33% / 98.21%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-operations_orchestrationOperations Orchestration
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2010-2710
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-16.29% / 94.58%
||
7 Day CHG~0.00%
Published-20 Aug, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2011-1853
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-15.65% / 94.44%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a (1) large or (2) invalid opcode field, related to a function pointer table.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-4448
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.61% / 81.04%
||
7 Day CHG-0.98%
Published-09 Jun, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

Action-Not Available
Vendor-n/aOracle CorporationMcAfee, LLCTenable, Inc.SlackwareHP Inc.Microsoft CorporationApple Inc.Red Hat, Inc.libxml2 (XMLSoft)
Product-enterprise_linuxenterprise_linux_servermac_os_xwatchositunesenterprise_linux_server_eusvm_serverlinuxtvosenterprise_linux_server_auslibxml2icewall_federation_agententerprise_linux_desktopweb_gatewayenterprise_linux_server_tusenterprise_linux_workstationslackware_linuxlog_correlation_enginewindowsiphone_osicloudn/a
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2011-1728
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-43.82% / 97.44%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-5201
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-74.88% / 98.82%
||
7 Day CHG+2.30%
Published-09 Mar, 2013 | 11:01
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1611.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerintelligent_management_center_for_automated_network_managern/a
CVE-2012-5209
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-28.74% / 96.37%
||
7 Day CHG~0.00%
Published-09 Mar, 2013 | 11:01
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1659.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerintelligent_management_center_for_automated_network_managern/a
CVE-2019-5367
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-20.37% / 95.32%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:45
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2019-5356
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-19.72% / 95.22%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:39
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2019-5402
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.4||CRITICAL
EPSS-3.18% / 86.47%
||
7 Day CHG~0.00%
Published-09 Aug, 2019 | 17:28
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-3par_storeserv_management_consoleHPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5358
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-19.03% / 95.09%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:40
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2016-2245
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-14.45% / 94.18%
||
7 Day CHG~0.00%
Published-19 Mar, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-support_assistantn/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-5390
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-20.35% / 95.31%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:55
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote command injection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2019-5391
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-0.99% / 75.92%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:56
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack buffer overflow vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-5387
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-19.03% / 95.09%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 14:54
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (IMC) PLAT
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2012-3261
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-68.58% / 98.55%
||
7 Day CHG~0.00%
Published-25 Sep, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.

Action-Not Available
Vendor-n/aHP Inc.
Product-sitescopen/a
CVE-2012-3285
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-31.62% / 96.65%
||
7 Day CHG~0.00%
Published-06 Feb, 2013 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1513.

Action-Not Available
Vendor-n/aHP Inc.
Product-san\/iqlefthand_p4000_virtual_san_appliancen/a
CVE-2012-3263
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-24.21% / 95.86%
||
7 Day CHG~0.00%
Published-25 Sep, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1465.

Action-Not Available
Vendor-n/aHP Inc.
Product-sitescopen/a
CVE-2012-3254
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-30.96% / 96.58%
||
7 Day CHG~0.00%
Published-30 Aug, 2012 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by a stack-based buffer overflow in iNodeMngChecker.exe for a crafted 0x0A0BF007 packet.

Action-Not Available
Vendor-n/aHP Inc.
Product-inode_management_center_pcn/a
CVE-2012-3262
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-24.21% / 95.86%
||
7 Day CHG~0.00%
Published-25 Sep, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464.

Action-Not Available
Vendor-n/aHP Inc.
Product-sitescopen/a
CVE-2012-3275
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-25.44% / 96.00%
||
7 Day CHG-4.64%
Published-06 Dec, 2012 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and 9.20 allows remote attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_node_manager_in/a
CVE-2012-3270
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-3.31% / 86.74%
||
7 Day CHG~0.00%
Published-07 Nov, 2012 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-3269.

Action-Not Available
Vendor-n/aHP Inc.
Product-performance_insightn/a
CVE-2012-3278
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-41.01% / 97.29%
||
7 Day CHG~0.00%
Published-25 Jan, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in magentservice.exe in HP Diagnostics Server 8.x through 8.07 and 9.x through 9.21 allows remote attackers to execute arbitrary code via a malformed message packet.

Action-Not Available
Vendor-n/aHP Inc.
Product-diagnostics_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-3260
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-68.58% / 98.55%
||
7 Day CHG~0.00%
Published-25 Sep, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462.

Action-Not Available
Vendor-n/aHP Inc.
Product-sitescopen/a
CVE-2012-3282
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-40.32% / 97.25%
||
7 Day CHG~0.00%
Published-06 Feb, 2013 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1468.

Action-Not Available
Vendor-n/aHP Inc.
Product-san\/iqlefthand_p4000_virtual_san_appliancen/a
CVE-2012-3259
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-34.60% / 96.87%
||
7 Day CHG~0.00%
Published-25 Sep, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461.

Action-Not Available
Vendor-n/aHP Inc.
Product-sitescopen/a
CVE-2012-3284
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-31.62% / 96.65%
||
7 Day CHG~0.00%
Published-06 Feb, 2013 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512.

Action-Not Available
Vendor-n/aHP Inc.
Product-san\/iqlefthand_p4000_virtual_san_appliancen/a
CVE-2012-3283
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-27.67% / 96.26%
||
7 Day CHG~0.00%
Published-06 Feb, 2013 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1511.

Action-Not Available
Vendor-n/aHP Inc.
Product-san\/iqlefthand_p4000_virtual_san_appliancen/a
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • 8
  • Next
Details not found