VYPR

Vendor CVEs

Microfocus

All CVEs

2,283 total · sorted by risk
  • CVE-2012-3253Aug 30, 2012
    risk 0.01cvss epss 0.10

    Multiple unspecified vulnerabilities in HP Intelligent Management Center (IMC) before 5.0 E0101P05 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by an integer overflow and heap-based buffer overflow in img.exe for a crafted message packet.

  • CVE-2012-2561May 21, 2012
    risk 0.01cvss epss 0.09

    HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server component via a crafted request to TCP port 1098, 1099, or 4444.

  • CVE-2012-2000May 2, 2012
    risk 0.01cvss epss 0.08

    Multiple unspecified vulnerabilities in HP System Health Application and Command Line Utilities before 9.0.0 allow remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2012-0131Apr 5, 2012
    risk 0.01cvss epss 0.07

    Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2012-0129Apr 5, 2012
    risk 0.01cvss epss 0.09

    HP Onboard Administrator (OA) before 3.50 allows remote attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors.

  • CVE-2012-0123Mar 14, 2012
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1498.

  • CVE-2012-0122Mar 14, 2012
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1393.

  • CVE-2012-0121Mar 14, 2012
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1392.

  • CVE-2011-4791Feb 3, 2012
    risk 0.01cvss epss 0.09

    DBServer.exe in HP Data Protector Media Operations 6.11 and earlier allows remote attackers to execute arbitrary code via a crafted request containing a large value in a length field.

  • CVE-2011-4790Feb 2, 2012
    risk 0.01cvss epss 0.09

    Unspecified vulnerability in HP Network Automation 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2012-0697Jan 13, 2012
    risk 0.01cvss epss 0.08

    HP StorageWorks P2000 G3 MSA array systems have a default account, which makes it easier for remote attackers to perform administrative tasks via unspecified vectors, a different vulnerability than CVE-2011-4788.

  • CVE-2011-4165Dec 29, 2011
    risk 0.01cvss epss 0.09

    Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1263.

  • CVE-2011-4164Dec 29, 2011
    risk 0.01cvss epss 0.09

    Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1214.

  • CVE-2011-4163Dec 29, 2011
    risk 0.01cvss epss 0.09

    Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1213.

  • CVE-2011-4167Dec 27, 2011
    risk 0.01cvss epss 0.07

    Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing Administration before 2.6.4 allows remote attackers to execute arbitrary code via a long filename parameter in an uploadfile action to Default.asp.

  • CVE-2011-4161Dec 1, 2011
    risk 0.01cvss epss 0.14

    The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP,…

  • CVE-2011-4157Nov 16, 2011
    risk 0.01cvss epss 0.13

    Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request.

  • CVE-2011-3166Nov 2, 2011
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1209.

  • CVE-2011-3165Nov 2, 2011
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1208.

  • CVE-2011-3162Oct 19, 2011
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1296.

  • CVE-2011-3161Oct 19, 2011
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1229.

  • CVE-2011-3160Oct 19, 2011
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1228.

  • CVE-2011-3159Oct 19, 2011
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1227.

  • CVE-2011-3158Oct 19, 2011
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1226.

  • CVE-2011-3157Oct 19, 2011
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1225.

  • CVE-2011-3156Oct 19, 2011
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1222.

  • CVE-2011-2412Sep 21, 2011
    risk 0.01cvss epss 0.08

    Unspecified vulnerability in HP Business Service Automation (BSA) Essentials 2.01 allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2011-2697Jul 29, 2011
    risk 0.01cvss epss 0.11

    foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file.

  • CVE-2011-1864Jun 14, 2011
    risk 0.01cvss epss 0.09

    Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2011-2331Jun 2, 2011
    risk 0.01cvss epss 0.13

    Integer overflow in img.exe in HP Intelligent Management Center (IMC) allows remote attackers to execute arbitrary code via a crafted length value in an a packet that triggers a heap-based buffer overflow, possibly related to an "recv" field.

  • CVE-2011-1854May 13, 2011
    risk 0.01cvss epss 0.11

    Use-after-free vulnerability in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long syslog packet, related to an exception handler.

  • CVE-2011-1853May 13, 2011
    risk 0.01cvss epss 0.11

    tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a (1) large or (2) invalid opcode field, related to a function pointer table.

  • CVE-2011-1852May 13, 2011
    risk 0.01cvss epss 0.15

    Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allow remote attackers to execute arbitrary code via crafted packet content accompanying a (1) DATA or (2) ERROR opcode.

  • CVE-2011-1851May 13, 2011
    risk 0.01cvss epss 0.13

    Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field.

  • CVE-2011-1850May 13, 2011
    risk 0.01cvss epss 0.13

    Stack-based buffer overflow in the logging functionality in dbman.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via vectors related to a received action.

  • CVE-2011-1849May 13, 2011
    risk 0.01cvss epss 0.11

    tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request.

  • CVE-2011-1848May 13, 2011
    risk 0.01cvss epss 0.13

    Stack-based buffer overflow in img.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a crafted length field in a packet.

  • CVE-2011-1736May 7, 2011
    risk 0.01cvss epss 0.10

    Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message.

  • CVE-2011-1735May 7, 2011
    risk 0.01cvss epss 0.14

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message.

  • CVE-2011-1734May 7, 2011
    risk 0.01cvss epss 0.15

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message.

  • CVE-2011-1733May 7, 2011
    risk 0.01cvss epss 0.14

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message.

  • CVE-2011-1731May 7, 2011
    risk 0.01cvss epss 0.15

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message.

  • CVE-2011-1730May 7, 2011
    risk 0.01cvss epss 0.14

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message.

  • CVE-2011-1729May 7, 2011
    risk 0.01cvss epss 0.14

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message.

  • CVE-2011-1728May 7, 2011
    risk 0.01cvss epss 0.14

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message.

  • CVE-2011-1541Apr 29, 2011
    risk 0.01cvss epss 0.12

    Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors.

  • CVE-2011-0889Mar 16, 2011
    risk 0.01cvss epss 0.13

    Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA or Radia Notify) 5.11, 7.2, 7.5, 7.8, and 7.9 allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2011-0921Feb 9, 2011
    risk 0.01cvss epss 0.11

    crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the…

  • CVE-2011-0273Jan 25, 2011
    risk 0.01cvss epss 0.13

    Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute arbitrary code via unspecified message types.

  • CVE-2010-4267Jan 20, 2011
    risk 0.01cvss epss 0.11

    Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code…

Page 25 of 46