| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1606. |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1734. |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735. |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705. |
| The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690. |
| Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1736. |
| HP ProCurve 5400 zl switches with certain serial numbers include a compact flash card that contains an unspecified virus, which might allow user-assisted remote attackers to execute arbitrary code on a PC by leveraging manual transfer of this card. |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors. |
| Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrary code via unknown vectors. |
| Cross-site scripting (XSS) vulnerability in HP Application Lifecycle Management (ALM) Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ZDI-CAN-1565. |
| HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors. |
| ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en. |
| The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt. |
| The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process. |
| Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1671. |
| Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4155. |
| Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678. |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
