VYPR

Vendor CVEs

Microfocus

All CVEs

2,274 total · sorted by risk
  • CVE-2011-1532Apr 15, 2011
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the SNMP component on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to obtain sensitive information or modify data via vectors related to…

  • CVE-2011-1531Apr 15, 2011
    risk 0.00cvss epss 0.02

    The webscan component in the Embedded Web Server (EWS) on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to read documents on the scan surface via unspecified vectors.

  • CVE-2011-0898Apr 15, 2011
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.00 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2011-0897Apr 15, 2011
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00 allows local users to read arbitrary files via unknown vectors.

  • CVE-2011-0896Apr 15, 2011
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on HP-UX B.11.31 allows remote authenticated users to cause a denial of service via unknown vectors.

  • CVE-2011-0895Apr 6, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and 8.1x allows remote authenticated users to obtain sensitive information via unknown vectors.

  • CVE-2011-0894Apr 4, 2011
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in HP Operations 9.10 on UNIX platforms allows remote authenticated users to bypass intended access restrictions via unknown vectors.

  • CVE-2011-0893Apr 4, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX platforms allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2011-0891Apr 4, 2011
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors.

  • CVE-2011-0892Mar 29, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Diagnostics 7.5x and 8.0x before 8.05.54.225 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

  • CVE-2011-0890Mar 25, 2011
    risk 0.00cvss epss 0.03

    HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging…

  • CVE-2011-0280Mar 14, 2011
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3)…

  • CVE-2011-0279Mar 7, 2011
    risk 0.00cvss epss 0.01

    HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication.

  • CVE-2011-0278Mar 1, 2011
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 and 4 allows local users to bypass intended access restrictions via unknown vectors.

  • CVE-2011-0924Feb 9, 2011
    risk 0.00cvss epss 0.05

    The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omni_chk_ds.sh.

  • CVE-2011-0277Feb 9, 2011
    risk 0.00cvss epss 0.02

    Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.

  • CVE-2011-0275Jan 28, 2011
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to cause a denial of service via unknown vectors.

  • CVE-2011-0274Jan 24, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 and 8.x through 8.05, and Business Service Management (BSM) through 9.01, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2010-4114Dec 22, 2010
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2010-4112Dec 22, 2010
    risk 0.00cvss epss 0.02

    HP Insight Management Agents before 8.6 allows remote attackers to obtain sensitive information via an unspecified request that triggers disclosure of the full path.

  • CVE-2010-4110Dec 22, 2010
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform on Integrity servers allows local users to gain privileges or cause a denial of service via unknown vectors.

  • CVE-2010-4115Dec 17, 2010
    risk 0.00cvss epss 0.03

    HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, TS100R025, TS100P002, TS200R005, TS201R014, and TS201R015 installs an undocumented admin account with a default "!admin" password, which allows remote attackers to gain privileges.

  • CVE-2010-4109Dec 8, 2010
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file.

  • CVE-2010-4108Dec 8, 2010
    risk 0.00cvss epss 0.03

    HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors.

  • CVE-2010-4106Nov 2, 2010
    risk 0.00cvss epss 0.02

    Cross-site request forgery (CSRF) vulnerability in HP Insight Control for Linux before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2010-4105Nov 2, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to bypass intended access restrictions, and obtain sensitive information or modify data, via unknown vectors.

  • CVE-2010-4104Nov 2, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to read arbitrary files via unknown vectors.

  • CVE-2010-4103Nov 2, 2010
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in HP Insight Managed System Setup Wizard before 6.2 allows remote attackers to read arbitrary files via unknown vectors.

  • CVE-2010-4102Nov 2, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Insight Recovery before 6.2 allows remote attackers to read arbitrary files via unknown vectors.

  • CVE-2010-4101Nov 2, 2010
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Insight Recovery before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2010-4100Nov 2, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Insight Control Performance Management before 6.1 update 2 allows remote attackers to read arbitrary files via unknown vectors.

  • CVE-2010-4032Nov 2, 2010
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2010-4031Nov 2, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Insight Control Performance Management before 6.2 allows remote authenticated users to gain privileges via unknown vectors.

  • CVE-2010-4030Nov 2, 2010
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2010-4029Oct 28, 2010
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in HP Storage Essentials before 6.3.0, when LDAP authentication is enabled, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.

  • CVE-2010-4028Oct 28, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remote attackers to cause a denial of service, and possibly obtain sensitive information or modify data, via unknown vectors.

  • CVE-2010-4027Oct 28, 2010
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the camera application in HP Palm webOS 1.4.1 allows local users to overwrite arbitrary files via unknown vectors.

  • CVE-2010-4026Oct 28, 2010
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 allows local users to gain privileges by leveraging the ability to perform certain service calls.

  • CVE-2010-4024Oct 28, 2010
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in HP Insight Control Power Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2010-4023Oct 28, 2010
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in HP Insight Control Power Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2010-3994Oct 28, 2010
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2010-3993Oct 28, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to obtain sensitive information or modify data via unknown vectors.

  • CVE-2010-3992Oct 28, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote authenticated users to gain privileges via unknown vectors.

  • CVE-2010-3991Oct 28, 2010
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2010-3990Oct 28, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Virtual Server Environment before 6.2 allows remote attackers to read arbitrary files via unknown vectors.

  • CVE-2010-3989Oct 28, 2010
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2010-3988Oct 28, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to bypass intended access restrictions and cause a denial of service via unknown vectors.

  • CVE-2010-3987Oct 28, 2010
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2010-3985Oct 26, 2010
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2010-3986Oct 26, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Virtual Connect Enterprise Manager (VCEM) 6.0 and 6.1 allows remote attackers to read arbitrary files via unknown vectors.

Page 36 of 46