VYPR

Vendor CVEs

Microfocus

All CVEs

2,277 total · sorted by risk
  • CVE-2012-3256Sep 8, 2012
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2012-3255Sep 8, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-3252Aug 20, 2012
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote attackers to cause a denial of service via unknown vectors.

  • CVE-2012-3251Aug 16, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 7.11, 9.21, and 9.30, and HP Service Center Web Tier 6.28, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-3250Aug 16, 2012
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and 9.30, and HP Service Center Server 6.28, allows remote attackers to cause a denial of service via unknown vectors.

  • CVE-2012-3249Aug 16, 2012
    risk 0.00cvss epss 0.01

    HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote authenticated users to obtain sensitive information via unspecified vectors.

  • CVE-2012-3248Aug 16, 2012
    risk 0.00cvss epss 0.02

    HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote attackers to obtain sensitive information via unspecified vectors.

  • CVE-2012-3247Aug 16, 2012
    risk 0.00cvss epss 0.00

    Unspecified vulnerability on the HP Integrity Server BL860c i2, BL870c i2, and BL890c i2 with firmware before 26.31 and the HP Integrity Server rx2800 i2 with firmware before 26.30 allows local users to cause a denial of service via unknown vectors.

  • CVE-2012-2960Aug 8, 2012
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in the import functionality in HP ArcSight Connector appliance 6.2.0.6244.0 and ArcSight Logger appliance 5.2.0.6288.0 allows remote attackers to inject arbitrary web script or HTML via a crafted file.

  • CVE-2012-2022Aug 7, 2012
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-2021Jul 16, 2012
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-2018Jul 5, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-2017Jun 30, 2012
    risk 0.00cvss epss 0.02

    Unspecified vulnerability on HP Photosmart Wireless e-All-in-One B110, e-All-in-One D110, Plus e-All-in-One B210, eStation All-in-One C510, Ink Advantage e-All-in-One K510, and Premium Fax e-All-in-One C410 printers allows remote attackers to cause a denial of service via…

  • CVE-2012-2016Jun 29, 2012
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors.

  • CVE-2012-2015Jun 29, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors.

  • CVE-2012-2014Jun 29, 2012
    risk 0.00cvss epss 0.03

    HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors.

  • CVE-2012-2013Jun 29, 2012
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors.

  • CVE-2012-2012Jun 29, 2012
    risk 0.00cvss epss 0.05

    HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

  • CVE-2012-2011Jun 13, 2012
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin 8.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2011-2722May 25, 2012
    risk 0.00cvss epss 0.00

    The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.

  • CVE-2012-2010May 18, 2012
    risk 0.00cvss epss 0.00

    The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha platform, and 8.3, 8.3-1H1, and 8.4 on the Itanium platform, when the SYS$ACM system service is enabled, allows local users to gain privileges via unspecified vectors.

  • CVE-2012-2009May 9, 2012
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to gain privileges via unknown vectors.

  • CVE-2012-2008May 9, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-2007May 9, 2012
    risk 0.00cvss epss 0.03

    SQL injection vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2012-2006May 2, 2012
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to modify data or cause a denial of service via unknown vectors.

  • CVE-2012-2005May 2, 2012
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-2004May 2, 2012
    risk 0.00cvss epss 0.04

    Open redirect vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

  • CVE-2012-2003May 2, 2012
    risk 0.00cvss epss 0.02

    Cross-site request forgery (CSRF) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2012-2002May 2, 2012
    risk 0.00cvss epss 0.04

    Open redirect vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

  • CVE-2012-2001May 2, 2012
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-0134Apr 19, 2012
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64 platform allows local users to cause a denial of service via unknown vectors.

  • CVE-2012-1993Apr 18, 2012
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors.

  • CVE-2012-0135Apr 18, 2012
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors.

  • CVE-2012-0133Apr 12, 2012
    risk 0.00cvss epss 0.01

    HP ProCurve 5400 zl switches with certain serial numbers include a compact flash card that contains an unspecified virus, which might allow user-assisted remote attackers to execute arbitrary code on a PC by leveraging manual transfer of this card.

  • CVE-2011-3846Apr 12, 2012
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.

  • CVE-2012-0130Apr 5, 2012
    risk 0.00cvss epss 0.04

    HP Onboard Administrator (OA) before 3.50 allows remote attackers to obtain sensitive information via unspecified vectors.

  • CVE-2012-0128Apr 5, 2012
    risk 0.00cvss epss 0.03

    HP Onboard Administrator (OA) before 3.50 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

  • CVE-2012-0132Apr 5, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 9.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-0126Mar 28, 2012
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attackers to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0125.

  • CVE-2012-0125Mar 28, 2012
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.31 allows local users to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0126.

  • CVE-2011-4788Jan 13, 2012
    risk 0.00cvss epss 0.05

    Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI.

  • CVE-2011-4787Jan 12, 2012
    risk 0.00cvss epss 0.04

    A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and…

  • CVE-2011-4785Jan 10, 2012
    risk 0.00cvss epss 0.04

    Directory traversal vulnerability in the HP-ChaiSOE/1.0 web server on the HP LaserJet P3015 printer with firmware before 07.080.3, LaserJet 4650 printer with firmware 07.006.0, and LaserJet 2430 printer with firmware 08.113.0_I35128 allows remote attackers to read arbitrary…

  • CVE-2011-4169Dec 27, 2011
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.

  • CVE-2011-4168Dec 27, 2011
    risk 0.00cvss epss 0.05

    Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.

  • CVE-2011-4002Nov 30, 2011
    risk 0.00cvss epss 0.02

    HP no Mawashimono Nikki 6.6 and earlier allows remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability."

  • CVE-2011-4160Nov 24, 2011
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors.

  • CVE-2011-4159Nov 19, 2011
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in System Administration Manager (SAM) in EMS before A.04.20.11.04_01 on HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.

  • CVE-2011-4156Nov 16, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4155.

  • CVE-2011-4155Nov 16, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4156.

Page 34 of 46