VYPR

Vendor CVEs

Microfocus

All CVEs

2,281 total · sorted by risk
  • CVE-2014-7888Mar 9, 2015
    risk 0.01cvss epss 0.10

    The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMICR.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value…

  • CVE-2014-7878Nov 14, 2014
    risk 0.01cvss epss 0.10

    The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by…

  • CVE-2014-2649Oct 10, 2014
    risk 0.01cvss epss 0.06

    Unspecified vulnerability in HP Operations Manager 9.20 on UNIX allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2014-2648Oct 10, 2014
    risk 0.01cvss epss 0.09

    Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on UNIX allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2014-2638Oct 10, 2014
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2344.

  • CVE-2014-2637Oct 10, 2014
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2342.

  • CVE-2014-2636Oct 10, 2014
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2336.

  • CVE-2014-2635Oct 10, 2014
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2343.

  • CVE-2014-2634Aug 23, 2014
    risk 0.01cvss epss 0.06

    Unspecified vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to bypass intended access restrictions, and modify data or cause a denial of service, via unknown vectors.

  • CVE-2014-2632Aug 23, 2014
    risk 0.01cvss epss 0.13

    Unspecified vulnerability in the WebTier component in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2014-2625Jul 26, 2014
    risk 0.01cvss epss 0.10

    Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to read arbitrary files via crafted input, aka ZDI-CAN-2023.

  • CVE-2014-2617Jul 7, 2014
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104.

  • CVE-2014-2616Jul 7, 2014
    risk 0.01cvss epss 0.08

    Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091.

  • CVE-2014-2615Jul 7, 2014
    risk 0.01cvss epss 0.08

    Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083.

  • CVE-2014-2611Jun 19, 2014
    risk 0.01cvss epss 0.12

    Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120.

  • CVE-2014-2609Jun 19, 2014
    risk 0.01cvss epss 0.13

    The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.

  • CVE-2013-6218Apr 19, 2014
    risk 0.01cvss epss 0.09

    Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2013-6213Apr 19, 2014
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833.

  • CVE-2013-6210Mar 16, 2014
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in HP Unified Functional Testing before 12.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1932.

  • CVE-2013-4841Feb 26, 2014
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in HP StoreVirtual 4000 and StoreVirtual VSA Software (formerly LeftHand Virtual SAN Appliance) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1509.

  • CVE-2014-0418Jan 15, 2014
    risk 0.01cvss epss 0.06

    Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and…

  • CVE-2013-5906Jan 15, 2014
    risk 0.01cvss epss 0.06

    Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905.

  • CVE-2013-6195Jan 4, 2014
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-2008.

  • CVE-2013-2350Jan 4, 2014
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1897.

  • CVE-2013-2349Jan 4, 2014
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1896.

  • CVE-2013-2348Jan 4, 2014
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1892.

  • CVE-2013-2346Jan 4, 2014
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1870.

  • CVE-2013-2345Jan 4, 2014
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1869.

  • CVE-2013-2344Jan 4, 2014
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1866.

  • CVE-2013-6189Dec 29, 2013
    risk 0.01cvss epss 0.17

    Unspecified vulnerability in the Archive Query Server in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, and 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1666.

  • CVE-2013-4838Nov 4, 2013
    risk 0.01cvss epss 0.11

    Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.

  • CVE-2013-4813Sep 16, 2013
    risk 0.01cvss epss 0.09

    The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.

  • CVE-2013-4801Jul 29, 2013
    risk 0.01cvss epss 0.08

    Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1736.

  • CVE-2013-4799Jul 29, 2013
    risk 0.01cvss epss 0.08

    Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1734.

  • CVE-2013-4797Jul 29, 2013
    risk 0.01cvss epss 0.06

    Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690.

  • CVE-2013-2368Jul 29, 2013
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to cause a denial of service via unknown vectors, aka ZDI-CAN-1669.

  • CVE-2013-2340Jul 6, 2013
    risk 0.01cvss epss 0.11

    Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote attackers to execute arbitrary code or obtain sensitive…

  • CVE-2013-2338Jun 14, 2013
    risk 0.01cvss epss 0.11

    Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2012-5209Mar 9, 2013
    risk 0.01cvss epss 0.09

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1659.

  • CVE-2012-3285Feb 6, 2013
    risk 0.01cvss epss 0.09

    Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1513.

  • CVE-2012-3284Feb 6, 2013
    risk 0.01cvss epss 0.09

    Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512.

  • CVE-2012-3283Feb 6, 2013
    risk 0.01cvss epss 0.10

    Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1511.

  • CVE-2012-3278Jan 25, 2013
    risk 0.01cvss epss 0.11

    Stack-based buffer overflow in magentservice.exe in HP Diagnostics Server 8.x through 8.07 and 9.x through 9.21 allows remote attackers to execute arbitrary code via a malformed message packet.

  • CVE-2012-3275Dec 6, 2012
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and 9.20 allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2012-3263Sep 25, 2012
    risk 0.01cvss epss 0.09

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1465.

  • CVE-2012-3262Sep 25, 2012
    risk 0.01cvss epss 0.09

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464.

  • CVE-2012-3258Sep 19, 2012
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2012-3254Aug 30, 2012
    risk 0.01cvss epss 0.10

    Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by a stack-based buffer overflow in iNodeMngChecker.exe for a crafted 0x0A0BF007 packet.

  • CVE-2012-3253Aug 30, 2012
    risk 0.01cvss epss 0.10

    Multiple unspecified vulnerabilities in HP Intelligent Management Center (IMC) before 5.0 E0101P05 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by an integer overflow and heap-based buffer overflow in img.exe for a crafted message packet.

  • CVE-2012-2561May 21, 2012
    risk 0.01cvss epss 0.09

    HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server component via a crafted request to TCP port 1098, 1099, or 4444.

Page 24 of 46