Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2013-6218

Summary
Assigner-hp
Assigner Org ID-74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At-19 Apr, 2014 | 21:00
Updated At-06 Aug, 2024 | 17:29
Rejected At-
Credits

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:hp
Assigner Org ID:74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At:19 Apr, 2014 | 21:00
Updated At:06 Aug, 2024 | 17:29
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
vendor-advisory
x_refsource_HP
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
vendor-advisory
x_refsource_HP
Hyperlink: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
Resource:
vendor-advisory
x_refsource_HP
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
vendor-advisory
x_refsource_HP
x_transferred
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:hp-security-alert@hp.com
Published At:19 Apr, 2014 | 21:55
Updated At:12 Apr, 2025 | 10:46

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
HP Inc.
hp
>>network_node_manager_i>>9.0
cpe:2.3:a:hp:network_node_manager_i:9.0:*:*:*:*:*:*:*
HP Inc.
hp
>>network_node_manager_i>>9.01
cpe:2.3:a:hp:network_node_manager_i:9.01:*:*:*:*:*:*:*
HP Inc.
hp
>>network_node_manager_i>>9.02
cpe:2.3:a:hp:network_node_manager_i:9.02:*:*:*:*:*:*:*
HP Inc.
hp
>>network_node_manager_i>>9.03
cpe:2.3:a:hp:network_node_manager_i:9.03:*:*:*:*:*:*:*
HP Inc.
hp
>>network_node_manager_i>>9.10
cpe:2.3:a:hp:network_node_manager_i:9.10:*:*:*:*:*:*:*
HP Inc.
hp
>>network_node_manager_i>>9.20
cpe:2.3:a:hp:network_node_manager_i:9.20:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039hp-security-alert@hp.com
Vendor Advisory
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039hp-security-alert@hp.com
Vendor Advisory
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026039
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

396Records found
CVE-2007-6425
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.82% / 85.61%
||
7 Day CHG~0.00%
Published-23 Jan, 2008 | 20:00
Updated-07 Aug, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-6195
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-22.85% / 95.69%
||
7 Day CHG~0.00%
Published-15 Dec, 2007 | 01:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-6204
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-81.60% / 99.14%
||
7 Day CHG~0.00%
Published-13 Dec, 2007 | 21:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as demonstrated via a long Action parameter to OpenView5.exe.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-7878
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-28.81% / 96.38%
||
7 Day CHG~0.00%
Published-14 Nov, 2014 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.

Action-Not Available
Vendor-n/aHP Inc.
Product-helion_cloud_development_platformn/a
CVE-2007-5610
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-14.69% / 94.22%
||
7 Day CHG~0.00%
Published-04 Jun, 2008 | 20:00
Updated-07 Aug, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument.

Action-Not Available
Vendor-n/aHP Inc.
Product-instant_supportn/a
CVE-2007-6194
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.57% / 84.96%
||
7 Day CHG~0.00%
Published-06 Dec, 2007 | 02:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 and 4.1x before 4.13.003 allows remote attackers to obtain unspecified access via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-select_identityn/a
CVE-2007-5606
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-37.01% / 97.03%
||
7 Day CHG~0.00%
Published-04 Jun, 2008 | 20:00
Updated-07 Aug, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607.

Action-Not Available
Vendor-n/aHP Inc.
Product-instant_supportn/a
CVE-2014-7891
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-30.08% / 96.50%
||
7 Day CHG~0.00%
Published-09 Mar, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSPOSKeyboard.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2509.

Action-Not Available
Vendor-n/aHP Inc.
Product-pos_keyboard_fk221aapos_keyboard_with_msr_fk218aaole_point_of_sale_drivern/a
CVE-2007-5391
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.10% / 88.15%
||
7 Day CHG~0.00%
Published-12 Oct, 2007 | 10:00
Updated-07 Aug, 2024 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 allows remote attackers to obtain unspecified access via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-select_identityn/a
CWE ID-CWE-287
Improper Authentication
CVE-2014-7893
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-30.08% / 96.50%
||
7 Day CHG~0.00%
Published-09 Mar, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCheckScanner.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2507.

Action-Not Available
Vendor-n/aHP Inc.
Product-ole_point_of_sale_driverpusb_thermal_receipt_printer_fk224aahybrid_pos_printer_with_micr_us_fk184aavalue_serial\/usb_receipt_printer_f7m66aaserialusb_thermal_receipt_printer_bm476aapusb_thermal_receipt_printer_f7m67aan/a
CVE-2014-7892
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-28.81% / 96.38%
||
7 Day CHG~0.00%
Published-09 Mar, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMSR.ocx for Mini MSR magnetic stripe readers, Retail Integrated Dual-Head MSR magnetic stripe readers, Integrated Single Head MSR w/o SRED magnetic stripe readers, Integrated Single Head w/o MSR SRED magnetic stripe readers, RP7 Single Head MSR w/o SRED magnetic stripe readers, POS keyboards, and POS keyboards with MSR, aka ZDI-CAN-2508.

Action-Not Available
Vendor-n/aHP Inc.
Product-integrated_single_head_msr_w\/o_sred_j1a33aaole_point_of_sale_driverintegrated_single_head_w\/o_msr_sred_j1a34aaretail_integrated_dual-head_msr_qz673aamini_msr_fk186aarp7_single_head_msr_w\/o_sred_k1k15aapos_keyboard_fk221aapos_keyboard_with_msr_fk218aan/a
CVE-2014-7876
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-25.21% / 95.98%
||
7 Day CHG~0.00%
Published-31 Mar, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-integrated_lights-out_chassis_management_firmwareintegrated_lights-out_4_firmwareintegrated_lights-out_2_firmwaren/a
CVE-2007-4916
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-71.29% / 98.65%
||
7 Day CHG~0.00%
Published-17 Sep, 2007 | 17:00
Updated-07 Aug, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo & Imaging Gallery 1.1 and probably other products, allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long first argument.

Action-Not Available
Vendor-n/aHP Inc.
Product-photo_and_imaging_galleryall-in-on_printern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4241
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-14.61% / 94.21%
||
7 Day CHG~0.00%
Published-08 Aug, 2007 | 22:00
Updated-07 Aug, 2024 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for Cisco Local Director on HP-UX 11.11i allows remote attackers to execute arbitrary code via a long string to TCP port 17781.

Action-Not Available
Vendor-n/aHP Inc.Cisco Systems, Inc.
Product-local_directorhp-uxn/a
CVE-2007-3794
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.51% / 65.24%
||
7 Day CHG~0.00%
Published-15 Jul, 2007 | 23:00
Updated-07 Aug, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.

Action-Not Available
Vendor-n/aHP Inc.Microsoft CorporationLinux Kernel Organization, IncIBM CorporationSun Microsystems (Oracle Corporation)Hitachi, Ltd.
Product-cosminexus_application_serversolarishp-uxucosminexus_operatoraixcosminexus_servercosminexus_clientcosminexus_developerucosminexus_service_architectucosminexus_developerlinux_kernelucosminexus_service_platformucosminexus_application_serverwindowscosminexus_studioucosminexus_clientn/a
CVE-2007-2719
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.72% / 90.08%
||
7 Day CHG~0.00%
Published-16 May, 2007 | 19:00
Updated-07 Aug, 2024 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.

Action-Not Available
Vendor-n/aHP Inc.
Product-systems_insight_managern/a
CWE ID-CWE-287
Improper Authentication
CVE-2007-2281
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-7.12% / 91.17%
||
7 Day CHG~0.00%
Published-18 Dec, 2009 | 19:00
Updated-17 Sep, 2024 | 03:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-189
Not Available
CVE-2020-7170
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-2.83% / 85.66%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:43
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A select expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centerHPE Intelligent Management Center (iMC)
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2007-2791
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-6.67% / 90.85%
||
7 Day CHG~0.00%
Published-22 May, 2007 | 00:00
Updated-07 Aug, 2024 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64n/a
CVE-2007-2736
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.55% / 80.67%
||
7 Day CHG~0.00%
Published-17 May, 2007 | 19:00
Updated-07 Aug, 2024 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.

Action-Not Available
Vendor-achievosanta_cruz_operationwindrivern/aMicrosoft CorporationHP Inc.Apple Inc.Sun Microsystems (Oracle Corporation)IBM CorporationLinux Kernel Organization, Inc
Product-solariswindows_95windows_xpachievohp-uxa_uxos2windows_2000windows_melinux_kernelbsdoswindows_2003_serversco_unixmac_os_xtru64windows_98windows_ntwindows_98sen/a
CVE-2014-7897
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-28.81% / 96.38%
||
7 Day CHG~0.00%
Published-09 Mar, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSScanner.ocx for Imaging Barcode scanners, Linear Barcode scanners, Presentation Barcode scanners, Retail Integrated Barcode scanners, Wireless Barcode scanners, and 2D Value Wireless scanners.

Action-Not Available
Vendor-n/aHP Inc.
Product-ole_point_of_sale_driver2d_value_wireless_scanner_k3l28aalinear_barcode_scanner_qy405aaimaging_barcode_scanner_bw868aapresentation_barcode_scanner_qy439aaretail_integrated_barcode_scanner_e1l07aawireless_barcode_scanner_e6p34aan/a
CVE-2007-1917
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-9.37% / 92.46%
||
7 Day CHG~0.00%
Published-10 Apr, 2007 | 23:00
Updated-07 Aug, 2024 | 13:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Action-Not Available
Vendor-n/aMicrosoft CorporationSAP SEApple Inc.Siemens AGSun Microsystems (Oracle Corporation)IBM CorporationLinux Kernel Organization, IncHP Inc.
Product-os_400windows_serversolarislinux_kernelracfhp-uxtru64reliant_unixmacosrfc_libraryaixn/a
CVE-2007-1093
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-12.59% / 93.70%
||
7 Day CHG~0.00%
Published-26 Feb, 2007 | 17:00
Updated-07 Aug, 2024 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior.

Action-Not Available
Vendor-n/aHP Inc.Sun Microsystems (Oracle Corporation)Hitachi, Ltd.Microsoft Corporation
Product-cm2-network_node_manager_250solarispa-riscjp1-cm2-network_node_manager_starter_250hp-uxjp1-cm2-network_node_managerjp1-cm2-network_node_manager_starterhi_ux_we2ipfilterjp1-cm2-network_node_manager_250cm2-network_node_managerall_windowsn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2007-0980
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.19% / 83.70%
||
7 Day CHG~0.00%
Published-16 Feb, 2007 | 01:00
Updated-07 Aug, 2024 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors.

Action-Not Available
Vendor-n/aSUSEHP Inc.Red Hat, Inc.
Product-suse_united_linuxenterprise_linuxserviceguard_for_linuxsuse_linuxn/a
CVE-2007-0915
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.15% / 86.37%
||
7 Day CHG~0.00%
Published-14 Feb, 2007 | 02:00
Updated-07 Aug, 2024 | 12:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2007-0446
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-63.75% / 98.35%
||
7 Day CHG~0.00%
Published-08 Feb, 2007 | 23:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long server_ip_name field to TCP port 54345, which triggers the overflow in mchan.dll.

Action-Not Available
Vendor-n/aHP Inc.
Product-mercury_performance_center_agentmercury_monitor_over_firewallmercury_loadrunner_agentn/a
CVE-2022-24292
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-8.53% / 92.03%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 19:46
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-officejet_pro_8210_j3p67a_firmwareofficejet_pro_8740_k7s42a_firmwarelaserjet_pro_m453-m454_w1y46a_firmwarelaserjet_pro_mfp_m478-m479_w1a80alaserjet_pro_m304-m305_w1a47alaserjet_pro_m453-m454_w1y45a_firmwarelaserjet_pro_m304-m305_w1a48a_firmwareofficejet_pro_8740_t0g65aofficejet_pro_8210_j3p65aofficejet_pro_8210_d9l63a_firmwarelaserjet_pro_m453-m454_w1y44aofficejet_pro_8740_k7s40aofficejet_pro_8740_j6x83a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a29a_firmwarepagewide_managed_p55250dw_j6u55alaserjet_pro_m304-m305_w1a46aofficejet_pro_8740_k7s43alaserjet_pro_m453-m454_w1y43a_firmwarepagewide_352dw_j6u57a_firmwarelaserjet_pro_m453-m454_w1y47a_firmwarepagewide_pro_477dn_d3q19alaserjet_pro_m304-m305_w1a46a_firmwarelaserjet_pro_m304-m305_w1a66a_firmwarelaserjet_pro_m404-m405_w1a57alaserjet_pro_m404-m405_w1a59alaserjet_pro_m453-m454_w1y41a_firmwarelaserjet_pro_mfp_m478-m479_w1a78a_firmwarelaserjet_pro_m404-m405_w1a56alaserjet_pro_m404-m405_w1a52alaserjet_pro_mfp_m478-m479_w1a82alaserjet_pro_mfp_m428-m429_w1a31apagewide_pro_452dw_d3q16a_firmwarelaserjet_pro_mfp_m478-m479_w1a77a_firmwarepagewide_pro_452dw_d3q16apagewide_pro_452dn_d3q15apagewide_managed_p57750dw_j9v82aofficejet_pro_8740_k7s41aofficejet_pro_8210_d9l63alaserjet_pro_m304-m305_w1a53a_firmwarepagewide_pro_552dw_d3q17a_firmwarelaserjet_pro_mfp_m478-m479_w1a79alaserjet_pro_mfp_m428-m429_w1a31a_firmwareofficejet_pro_8210_j3p68a_firmwareofficejet_pro_8216_t0g70a_firmwarelaserjet_pro_m304-m305_w1a51a_firmwarelaserjet_pro_m304-m305_w1a59a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38alaserjet_pro_m304-m305_w1a48alaserjet_pro_mfp_m428-m429_f_w1a32a_firmwareofficejet_pro_8216_t0g70alaserjet_pro_m453-m454_w1y47alaserjet_pro_m304-m305_w1a56a_firmwarepagewide_pro_577z_k9z76a_firmwarepagewide_managed_p55250dw_j6u55b_firmwareofficejet_pro_8730_k7s32a_firmwareofficejet_pro_8740_j6x83apagewide_pro_577dw_d3q21alaserjet_pro_mfp_m478-m479_w1a80a_firmwarelaserjet_pro_m304-m305_w1a52a_firmwarepagewide_pro_452dn_d3q15a_firmwareofficejet_pro_8210_d9l64alaserjet_pro_m453-m454_w1y46alaserjet_pro_mfp_m428-m429_f_w1a32alaserjet_pro_mfp_m478-m479_w1a81a_firmwarelaserjet_pro_m453-m454_w1y44a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34a_firmwareofficejet_pro_8740_k7s41a_firmwareofficejet_pro_8210_d9l64a_firmwarepagewide_377dw_j9v80a_firmwarelaserjet_pro_m304-m305_w1a57a_firmwareofficejet_pro_8740_d9l21alaserjet_pro_m304-m305_w1a58a_firmwarelaserjet_pro_mfp_m478-m479_w1a75apagewide_managed_p55250dw_j6u55bofficejet_pro_8740_k7s39alaserjet_pro_mfp_m428-m429_f_w1a30alaserjet_pro_m304-m305_w1a66alaserjet_pro_m453-m454_w1y40alaserjet_pro_mfp_m478-m479_w1a77apagewide_managed_p55250dw_j6u55a_firmwarepagewide_pro_477dw_d3q20aofficejet_pro_8210_j3p66alaserjet_pro_m404-m405_w1a60alaserjet_pro_mfp_m428-m429_f_w1a35alaserjet_pro_mfp_m478-m479_w1a76a_firmwarepagewide_pro_577z_k9z76apagewide_managed_p55250dw_j6u51bpagewide_377dw_j9v80alaserjet_pro_mfp_m478-m479_w1a78alaserjet_pro_m304-m305_w1a63a_firmwarelaserjet_pro_m304-m305_w1a60a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34aofficejet_pro_8740_t0g65a_firmwarepagewide_pro_477dw_d3q20a_firmwarelaserjet_pro_m453-m454_w1y40a_firmwareofficejet_pro_8740_k7s39a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a35a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a30a_firmwarepagewide_managed_p55250dw_j6u51b_firmwareofficejet_pro_8730_d9l20a_firmwarelaserjet_pro_mfp_m428-m429_w1a33a_firmwarelaserjet_pro_m404-m405_93m22alaserjet_pro_mfp_m478-m479_w1a76alaserjet_pro_mfp_m478-m479_w1a82a_firmwareofficejet_pro_8210_j3p68alaserjet_pro_mfp_m478-m479_w1a81alaserjet_pro_m404-m405_w1a51alaserjet_pro_mfp_m428-m429_w1a33aofficejet_pro_8210_j3p66a_firmwarelaserjet_pro_m404-m405_w1a53alaserjet_pro_m453-m454_w1y43alaserjet_pro_mfp_m478-m479_w1a79a_firmwarelaserjet_pro_m404-m405_w1a58alaserjet_pro_mfp_m428-m429_w1a28a_firmwareofficejet_pro_8210_j3p67alaserjet_pro_mfp_m428-m429_w1a28aofficejet_pro_8740_k7s42apagewide_pro_552dw_d3q17aofficejet_pro_8210_j3p65a_firmwareofficejet_pro_8740_k7s43a_firmwarelaserjet_pro_m453-m454_w1y41alaserjet_pro_m453-m454_w1y45alaserjet_pro_m304-m305_w1a47a_firmwareofficejet_pro_8730_d9l20aofficejet_pro_8740_d9l21a_firmwareofficejet_pro_8740_k7s40a_firmwareofficejet_pro_8730_k7s32apagewide_managed_p57750dw_j9v82a_firmwarelaserjet_pro_m404-m405_93m22a_firmwarelaserjet_pro_m404-m405_w1a63alaserjet_pro_mfp_m428-m429_f_w1a29alaserjet_pro_mfp_m478-m479_w1a75a_firmwarepagewide_352dw_j6u57apagewide_pro_477dn_d3q19a_firmwarepagewide_pro_577dw_d3q21a_firmwareHP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers
CVE-2017-8947
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-66.25% / 98.46%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE UCMDB version v10.10, v10.11, v10.20, v10.21, v10.22, v10.30, v10.31 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-ucmdb_configuration_managerUCMDB
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2007-2280
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-71.00% / 98.64%
||
7 Day CHG~0.00%
Published-18 Dec, 2009 | 19:00
Updated-16 Sep, 2024 | 21:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSG_PROTOCOL command with long arguments, a different vulnerability than CVE-2009-3844.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8956
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-13.73% / 94.02%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8976
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-moonshot_provisioning_manager_applianceMoonshot Provisioning Manager Appliance
CWE ID-CWE-20
Improper Input Validation
CVE-2007-1916
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-9.37% / 92.46%
||
7 Day CHG~0.00%
Published-10 Apr, 2007 | 23:00
Updated-07 Aug, 2024 | 13:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

Action-Not Available
Vendor-n/aMicrosoft CorporationSAP SEApple Inc.Siemens AGSun Microsystems (Oracle Corporation)IBM CorporationLinux Kernel Organization, IncHP Inc.
Product-os_400windows_serversolarislinux_kernelracfhp-uxtru64reliant_unixmacosrfc_libraryaixn/a
CVE-2017-8981
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-17.05% / 94.73%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8957
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 04:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8948
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-10.61% / 92.99%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Bypass Security Restriction vulnerability in HPE Network Node Manager i (NNMi) Software versions v10.0x, v10.1x, v10.2x was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-network_node_manager_iNetwork Node Manager i (NNMi) Software
CVE-2017-8975
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-moonshot_provisioning_manager_applianceMoonshot Provisioning Manager Appliance
CWE ID-CWE-20
Improper Input Validation
CVE-2018-7076
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-20.34% / 95.31%
||
7 Day CHG~0.00%
Published-17 Oct, 2018 | 13:00
Updated-16 Sep, 2024 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerHPE intelligence Management Center (iMC) PLAT
CWE ID-CWE-287
Improper Authentication
CVE-2017-8954
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5815
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-61.26% / 98.25%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2003-0085
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-86.07% / 99.35%
||
7 Day CHG~0.00%
Published-18 Mar, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.

Action-Not Available
Vendor-n/aSambaHP Inc.
Product-sambacifs-9000_servern/a
CVE-2017-5805
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-58.23% / 98.11%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 03:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5804
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-55.25% / 97.97%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-5638
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-94.27% / 99.93%
||
7 Day CHG~0.00%
Published-11 Mar, 2017 | 02:11
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

Action-Not Available
Vendor-NetApp, Inc.HP Inc.Lenovo Group LimitedAruba NetworksIBM CorporationThe Apache Software FoundationOracle Corporation
Product-strutsstorwize_v7000storage_v5030weblogic_serverstorwize_v3500_firmwareclearpass_policy_manageroncommand_balancestorage_v5030_firmwarestorwize_v7000_firmwarestorwize_v5000storwize_v3500storwize_v5000_firmwareserver_automationApache StrutsStruts
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2017-5790
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-42.75% / 97.38%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 03:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (IMC) PLAT
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2017-2741
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-86.53% / 99.37%
||
7 Day CHG~0.00%
Published-23 Jan, 2018 | 16:00
Updated-17 Sep, 2024 | 03:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmware before 1708D. This vulnerability could potentially be exploited to execute arbitrary code.

Action-Not Available
Vendor-HP Inc.
Product-j9v82cj9v80ad3q15ad3q20a_firmwared3q21dd9l64aj6u57b_firmwarej6u57bd9l64a_firmwarej9v82ad3q21d_firmwared3q16bj6u55a_firmwared3q15a_firmwared3q21cd3q17c_firmwarej6u55d_firmwared3q15dd9l63a_firmwared9l20a_firmwarej9v80a_firmwarej9v80b_firmwared3q17aj9v80bd3q20b_firmwarej6u55bd3q21ad3q21a_firmwarej9v82c_firmwared3q20dd3q20c_firmwared3q19dd3q20d_firmwared3q19aj6u55ad3q20aj3p68a_firmwared9l21a_firmwared3q16c_firmwared3q16dj6u55c_firmwarek9z76a_firmwared3q15bd3q17d_firmwarek9z76ad3q21c_firmwared3q17cd3q17a_firmwarej9v82d_firmwared3q17dd3q16aj9v82dd9l63ad3q16cd3q16d_firmwaret0g70a_firmwarej6u55cj6u55dk9z76d_firmwarek9z76dj6u55b_firmwared3q20bd9l20ad3q15b_firmwared3q15d_firmwared9l21aj9v82b_firmwared3q16b_firmwarej3p68ad3q20cd3q16a_firmwarej9v82bd3q19d_firmwaret0g70aj9v82a_firmwared3q19a_firmwareHP PageWide Printers; HP OfficeJet Pro Printers
CVE-2006-5558
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.35% / 86.81%
||
7 Day CHG~0.00%
Published-27 Oct, 2006 | 16:00
Updated-07 Aug, 2024 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2006-5151
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.53% / 88.73%
||
7 Day CHG~0.00%
Published-03 Oct, 2006 | 23:00
Updated-07 Aug, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2011-3161
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.96% / 97.55%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1229.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protector_for_personal_computersdata_protector_notebook_extensionn/a
CVE-2017-14350
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-1.13% / 77.47%
||
7 Day CHG~0.00%
Published-29 Sep, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code execution.

Action-Not Available
Vendor-Micro Focus International LimitedHP Inc.
Product-application_performance_managementHPE Application Performance Management (APM)
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2017-13983
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.8||CRITICAL
EPSS-14.92% / 94.28%
||
7 Day CHG~0.00%
Published-29 Sep, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication.

Action-Not Available
Vendor-n/aHP Inc.
Product-bsm_platform_application_performance_management_system_healthn/a
CWE ID-CWE-287
Improper Authentication
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 7
  • 8
  • Next
Details not found