Hp

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-0777 5Apple HpOpenbsd+2 more 6Linux Mac Os XOpenssh+3 more May 29, 2026 Jan 14, 2016 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buff...Show more The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.Show less
CVE-2015-6862 1Hp 1Ucmdb Browser May 6, 2026 Jan 8, 2016 N/A· v4 8.4 HIGH· v3 7.2 HIGH· v2 HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors.
CVE-2015-6860 1Hp 54J8692a J8693aJ8697a+51 more May 6, 2026 Jan 5, 2016 N/A· v4 8.4 HIGH· v3 7.2 HIGH· v2 HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6859.
CVE-2015-6859 1Hp 1Network Switch Software May 6, 2026 Jan 5, 2016 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6860.
CVE-2015-6858 1Hp 1Insight Management May 6, 2026 Jan 5, 2016 N/A· v4 3.7 LOW· v3 4.3 MEDIUM· v2 HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2015-5447 1Hp 1Storeonce Backup System Software May 6, 2026 Jan 5, 2016 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-5446 1Hp 1Storeonce Backup System Software May 6, 2026 Jan 5, 2016 N/A· v4 7.5 HIGH· v3 5.8 MEDIUM· v2 HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2015-5445 1Hp 1Storeonce Backup System Software May 6, 2026 Jan 5, 2016 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
CVE-2015-5434 1Hp 87Jc072b Hp 12500 Main Processing Unit Jc085a Hp A12518 Switch ChassisJc086a Hp A12508 Switch Chassis+84 more May 6, 2026 Jan 5, 2016 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hoppin...Show more HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping."Show less
CVE-2015-8651 5Adobe HpOpensuse+2 more 17Air Air SdkAir Sdk & Compiler+14 more Apr 22, 2026 Dec 28, 2015 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe A...Show more Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.Show less
CVE-2015-8317 5Canonical DebianHp+2 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+6 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, wh...Show more The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.Show less
CVE-2015-8242 5Apple CanonicalHp+2 more 12Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+9 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.8 MEDIUM· v2 The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash)...Show more The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.Show less
CVE-2015-8241 5Canonical DebianHp+2 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+6 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 6.4 MEDIUM· v2 The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive i...Show more The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.Show less
CVE-2015-7500 6Apple CanonicalDebian+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+10 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and...Show more The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.Show less
CVE-2015-7499 7Apple CanonicalDebian+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+12 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVE-2015-7498 5Canonical DebianHp+2 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+6 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an...Show more Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.Show less
CVE-2015-7497 5Canonical DebianHp+2 more 9Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+6 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
CVE-2015-5312 6Apple CanonicalDebian+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+10 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 7.1 HIGH· v2 The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted...Show more The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.Show less
CVE-2015-3196 7Canonical DebianFedoraproject+4 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Server+10 more May 6, 2026 Dec 6, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers...Show more ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.Show less
CVE-2015-6857 1Hp 2Loadrunner Performance Center May 6, 2026 Nov 26, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.

Previous 1...525354...117 Next