HP Security Vulnerabilities
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than...
8.1CVSS
8.4AI Score
0.003EPSS
HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than...
8.1CVSS
7.4AI Score
0.001EPSS
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and...
8.1CVSS
7.3AI Score
0.001EPSS
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than...
9.1CVSS
7.8AI Score
0.003EPSS
HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than...
8.1CVSS
7.4AI Score
0.001EPSS
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than...
7.5CVSS
7.3AI Score
0.002EPSS
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than...
7.5CVSS
7.3AI Score
0.002EPSS
HPE Insight Control before 7.5.1 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified...
9.8CVSS
9.1AI Score
0.004EPSS
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and...
8.1CVSS
7.3AI Score
0.001EPSS
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2022, and...
8.1CVSS
7.3AI Score
0.001EPSS
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2021, CVE-2016-2022, and...
8.1CVSS
7.3AI Score
0.001EPSS
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and...
8.1CVSS
7.3AI Score
0.001EPSS
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified...
9.1CVSS
8.8AI Score
0.002EPSS
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and...
8.1CVSS
7.3AI Score
0.001EPSS
HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility...
7.5CVSS
7.3AI Score
0.002EPSS
HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified...
5.5CVSS
5AI Score
0.0004EPSS
The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections...
9.8CVSS
9.6AI Score
0.004EPSS
Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and default:user:...
5.5CVSS
5.4AI Score
0.0004EPSS
HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified...
7.1CVSS
6.7AI Score
0.0004EPSS
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal"...
8.8CVSS
8.7AI Score
0.002EPSS
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified...
8.1CVSS
7.5AI Score
0.003EPSS
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to obtain sensitive information via unspecified...
6.5CVSS
5.9AI Score
0.001EPSS
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to bypass authentication via unspecified...
6.5CVSS
6.6AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...
5.4CVSS
5.1AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...
5.4CVSS
5.1AI Score
0.001EPSS
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC)...
8.8CVSS
8.6AI Score
0.002EPSS
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified...
9.8CVSS
9.7AI Score
0.016EPSS
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka...
9.8CVSS
9.8AI Score
0.522EPSS
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka...
9.8CVSS
9.8AI Score
0.522EPSS
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka...
9.8CVSS
9.8AI Score
0.522EPSS
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for...
9.8CVSS
9.6AI Score
0.522EPSS
HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC)...
9.8CVSS
9.7AI Score
0.003EPSS
The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka...
9.8CVSS
9.8AI Score
0.933EPSS
HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified...
7.4CVSS
7.1AI Score
0.001EPSS
HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC)...
9.8CVSS
9.6AI Score
0.003EPSS
HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections...
9.8CVSS
9.7AI Score
0.003EPSS
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections...
9.8CVSS
9.6AI Score
0.003EPSS
HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified...
9.8CVSS
9.5AI Score
0.01EPSS
HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified...
7.7CVSS
7.5AI Score
0.001EPSS
HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified...
9.8CVSS
9.7AI Score
0.02EPSS
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified...
6.5CVSS
6.4AI Score
0.001EPSS
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified...
8.1CVSS
7.7AI Score
0.001EPSS
HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified...
6.5CVSS
5.9AI Score
0.001EPSS
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than...
9.8CVSS
9.7AI Score
0.015EPSS
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than...
9.8CVSS
9.7AI Score
0.015EPSS
HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified...
5.9CVSS
5.5AI Score
0.002EPSS
Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative...
7.9CVSS
7.3AI Score
0.0004EPSS
HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remote attackers to cause a denial of service via unspecified UDP...
5.9CVSS
5.8AI Score
0.005EPSS
HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections...
9.8CVSS
9.6AI Score
0.002EPSS
HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections...
10CVSS
9.6AI Score
0.007EPSS