Hp

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-2748 1Hp 1Isaac Mizrahi Smartwatch Nov 21, 2024 Mar 27, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a...Show more A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue.Show less
CVE-2018-5927 1Hp 1Support Assistant Nov 21, 2024 Mar 27, 2019 N/A· v4 7.3 HIGH· v3 4.1 MEDIUM· v2 HP Support Assistant before 8.7.50.3 allows an unauthorized person with local access to load arbitrary code.
CVE-2018-5926 1Hp 1Remote Graphics Software Nov 21, 2024 Mar 27, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 A potential vulnerability has been identified in HP Remote Graphics Software’s certificate authentication process version 7.5.0 and earlier.
CVE-2018-5923 1Hp 138Color Laserjet Cm4540 Mfp Firmware Color Laserjet Cp5525 FirmwareColor Laserjet Enterprise Flow Mfp M681f Firmware+135 more Nov 21, 2024 Mar 27, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code.
CVE-2019-3484 1Hp 1Arcsight Logger Nov 21, 2024 Mar 25, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3483 1Hp 1Arcsight Logger Nov 21, 2024 Mar 25, 2019 N/A· v4 6.5 MEDIUM· v3 6.8 MEDIUM· v2 Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3482 1Hp 1Arcsight Logger Nov 21, 2024 Mar 25, 2019 N/A· v4 6.5 MEDIUM· v3 6.8 MEDIUM· v2 Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3481 1Hp 1Arcsight Logger Nov 21, 2024 Mar 25, 2019 N/A· v4 7.1 HIGH· v3 7.5 HIGH· v2 Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3480 1Hp 1Arcsight Logger Nov 21, 2024 Mar 25, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7.
CVE-2019-3479 1Hp 1Arcsight Logger Nov 21, 2024 Mar 25, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7.
CVE-2018-15532 1Hp 1Synaptics Touchpad Driver Nov 21, 2024 Mar 21, 2019 N/A· v4 3.8 LOW· v3 2.1 LOW· v2 SynTP.sys in Synaptics Touchpad drivers before 2018-06-06 allows local users to obtain sensitive information about freed kernel addresses.
CVE-2019-5736 13Apache CanonicalD2iq+10 more 19Backports Sle Container Development KitDc/os+16 more Nov 21, 2024 Feb 11, 2019 N/A· v4 8.6 HIGH· v3 9.3 HIGH· v2 runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as r...Show more runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.Show less
CVE-2019-7317 10Canonical DebianHp+7 more 32Active Iq Unified Manager Cloud BackupDebian Linux+29 more May 28, 2026 Feb 4, 2019 N/A· v4 5.3 MEDIUM· v3 2.6 LOW· v2 png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2018-5740 7Canonical DebianHp+4 more 11Bind Data Ontap EdgeDebian Linux+8 more Nov 21, 2024 Jan 16, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers....Show more "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.Show less
CVE-2019-2426 4Hp NetappOpensuse+1 more 7Jdk JreLeap+4 more Nov 21, 2024 Jan 16, 2019 N/A· v4 3.7 LOW· v3 4.3 MEDIUM· v2 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability...Show more Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).Show less
CVE-2019-2422 7Canonical DebianHp+4 more 18Debian Linux Enterprise LinuxEnterprise Linux Desktop+15 more Nov 21, 2024 Jan 16, 2019 N/A· v4 3.1 LOW· v3 2.6 LOW· v2 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability a...Show more Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).Show less
CVE-2018-18593 1Hp 1Ucmdb Configuration Manager Nov 21, 2024 Dec 31, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10....Show more Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged InformationShow less
CVE-2018-7116 1Hp 1Intelligent Management Center Nov 21, 2024 Dec 3, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote denial of service via dbman Opcode 10003 'Filename'. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent ve...Show more HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote denial of service via dbman Opcode 10003 'Filename'. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.Show less
CVE-2018-7115 1Hp 1Intelligent Management Center Nov 21, 2024 Dec 3, 2018 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent v...Show more HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.Show less
CVE-2018-7114 1Hp 1Intelligent Management Center Nov 21, 2024 Dec 3, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versi...Show more HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.Show less

Previous 1...293031...117 Next