← Back

Hp

hp

2,335 CVEs • 17,248 products

Products (17,248)

Click to collapse
Toggle
Intelligent Management Center
intelligent_management_center
310 CVEs
Hp Ux
hp-ux
288 CVEs
Openview Network Node Manager
openview_network_node_manager
80 CVEs
System Management Homepage
system_management_homepage
78 CVEs
Instantos
instantos
56 CVEs
Xp7 Command View
xp7_command_view
53 CVEs
Systems Insight Manager
systems_insight_manager
50 CVEs
Matrix Operating Environment
matrix_operating_environment
34 CVEs
Tru64
tru64
32 CVEs
Network Node Manager I
network_node_manager_i
29 CVEs
Loadrunner
loadrunner
28 CVEs
Elite X2 G4 Firmware
elite_x2_g4_firmware
28 CVEs
Elitebook 830 G6 Firmware
elitebook_830_g6_firmware
28 CVEs
Elitebook 836 G6 Firmware
elitebook_836_g6_firmware
28 CVEs
Elitebook 840 G6 Firmware
elitebook_840_g6_firmware
28 CVEs
Elitebook 850 G6 Firmware
elitebook_850_g6_firmware
28 CVEs
Elitebook X360 1030 G4 Firmware
elitebook_x360_1030_g4_firmware
28 CVEs
Elitebook X360 1040 G6 Firmware
elitebook_x360_1040_g6_firmware
28 CVEs
Elitebook X360 830 G6 Firmware
elitebook_x360_830_g6_firmware
28 CVEs
Probook 640 G5 Firmware
probook_640_g5_firmware
28 CVEs
Probook 650 G5 Firmware
probook_650_g5_firmware
28 CVEs
Zhan X 13 G2 Firmware
zhan_x_13_g2_firmware
28 CVEs
Elite Dragonfly Firmware
elite_dragonfly_firmware
27 CVEs
Elite X2 1013 G3 Firmware
elite_x2_1013_g3_firmware
27 CVEs
Elitebook 1050 G1 Firmware
elitebook_1050_g1_firmware
27 CVEs
Elitebook 830 G5 Firmware
elitebook_830_g5_firmware
27 CVEs
Elitebook 836 G5 Firmware
elitebook_836_g5_firmware
27 CVEs
Elitebook 840 G5 Firmware
elitebook_840_g5_firmware
27 CVEs
Elitebook 846 G5 Firmware
elitebook_846_g5_firmware
27 CVEs
Elitebook 850 G5 Firmware
elitebook_850_g5_firmware
27 CVEs
Elitebook X360 1030 G3 Firmware
elitebook_x360_1030_g3_firmware
27 CVEs
Elitebook X360 1040 G5 Firmware
elitebook_x360_1040_g5_firmware
27 CVEs
Elitebook X360 830 G5 Firmware
elitebook_x360_830_g5_firmware
27 CVEs
Probook 430 G6 Firmware
probook_430_g6_firmware
27 CVEs
Zbook 14u G5 Firmware
zbook_14u_g5_firmware
27 CVEs
Zbook 14u G6 Firmware
zbook_14u_g6_firmware
27 CVEs
Zbook 15 G5 Firmware
zbook_15_g5_firmware
27 CVEs
Zbook 15 G6 Firmware
zbook_15_g6_firmware
27 CVEs
Zbook 15u G5 Firmware
zbook_15u_g5_firmware
27 CVEs
Zbook 15u G6 Firmware
zbook_15u_g6_firmware
27 CVEs
Zbook 17 G5 Firmware
zbook_17_g5_firmware
27 CVEs
Zbook 17 G6 Firmware
zbook_17_g6_firmware
27 CVEs
Zbook Studio G5 Firmware
zbook_studio_g5_firmware
27 CVEs
Zbook Studio X360 G5 Firmware
zbook_studio_x360_g5_firmware
27 CVEs
Zhan 66 Pro 13 G2 Firmware
zhan_66_pro_13_g2_firmware
27 CVEs
Zhan 66 Pro 14 G2 Firmware
zhan_66_pro_14_g2_firmware
27 CVEs
Zhan 66 Pro 15 G2 Firmware
zhan_66_pro_15_g2_firmware
27 CVEs
Probook 440 G8 Firmware
probook_440_g8_firmware
27 CVEs
Service Manager
service_manager
26 CVEs
Mp9 G4 Retail System Firmware
mp9_g4_retail_system_firmware
26 CVEs
Elitebook 840r G4 Firmware
elitebook_840r_g4_firmware
26 CVEs
Probook 430 G5 Firmware
probook_430_g5_firmware
26 CVEs
Probook 470 G5 Firmware
probook_470_g5_firmware
26 CVEs
Probook 640 G4 Firmware
probook_640_g4_firmware
26 CVEs
Probook 650 G4 Firmware
probook_650_g4_firmware
26 CVEs
Probook X360 440 G1 Firmware
probook_x360_440_g1_firmware
26 CVEs
Zhan 66 Pro G1 Firmware
zhan_66_pro_g1_firmware
26 CVEs
Elite Dragonfly G2 Firmware
elite_dragonfly_g2_firmware
25 CVEs
Elite Dragonfly Max Firmware
elite_dragonfly_max_firmware
25 CVEs
Elitebook X360 1030 G8 Firmware
elitebook_x360_1030_g8_firmware
25 CVEs
Probook 450 G5 Firmware
probook_450_g5_firmware
25 CVEs
Probook 640 G8 Firmware
probook_640_g8_firmware
25 CVEs
Storage Data Protector
storage_data_protector
24 CVEs
Elitebook 830 G7 Firmware
elitebook_830_g7_firmware
24 CVEs
Elitebook 830 G8 Firmware
elitebook_830_g8_firmware
24 CVEs
Elitebook 840 Aero G8 Firmware
elitebook_840_aero_g8_firmware
24 CVEs
Elitebook 840 G7 Firmware
elitebook_840_g7_firmware
24 CVEs
Elitebook 840 G8 Firmware
elitebook_840_g8_firmware
24 CVEs
Elitebook 850 G7 Firmware
elitebook_850_g7_firmware
24 CVEs
Elitebook 850 G8 Firmware
elitebook_850_g8_firmware
24 CVEs
Elitebook X360 1030 G7 Firmware
elitebook_x360_1030_g7_firmware
24 CVEs
Elitebook X360 1040 G7 Firmware
elitebook_x360_1040_g7_firmware
24 CVEs
Elitebook X360 830 G7 Firmware
elitebook_x360_830_g7_firmware
24 CVEs
Probook 430 G7 Firmware
probook_430_g7_firmware
24 CVEs
Probook 440 G7 Firmware
probook_440_g7_firmware
24 CVEs
Probook 450 G7 Firmware
probook_450_g7_firmware
24 CVEs
Probook 640 G7 Firmware
probook_640_g7_firmware
24 CVEs
Probook 650 G7 Firmware
probook_650_g7_firmware
24 CVEs
Zbook Create G7 Firmware
zbook_create_g7_firmware
24 CVEs
Zbook Firefly 14 G7 Firmware
zbook_firefly_14_g7_firmware
24 CVEs
Zbook Firefly 15 G7 Firmware
zbook_firefly_15_g7_firmware
24 CVEs
Zbook Fury 15 G7 Firmware
zbook_fury_15_g7_firmware
24 CVEs
Zbook Fury 17 G7 Firmware
zbook_fury_17_g7_firmware
24 CVEs
Zbook Power G7 Firmware
zbook_power_g7_firmware
24 CVEs
Zbook Studio G7 Firmware
zbook_studio_g7_firmware
24 CVEs
Zhan 66 Pro 14 G3 Firmware
zhan_66_pro_14_g3_firmware
24 CVEs
Zhan 66 Pro 15 G3 Firmware
zhan_66_pro_15_g3_firmware
24 CVEs
Sitescope
sitescope
23 CVEs
Elite X2 1012 G2 Firmware
elite_x2_1012_g2_firmware
23 CVEs
Elitebook 1040 G4 Firmware
elitebook_1040_g4_firmware
23 CVEs
Probook 440 G6 Firmware
probook_440_g6_firmware
23 CVEs
Probook 450 G6 Firmware
probook_450_g6_firmware
23 CVEs
Openvms
openvms
22 CVEs
Oneview
oneview
22 CVEs
Elite Slice Firmware
elite_slice_firmware
22 CVEs
Elitebook 840 G6 Healthcare Edition Firmware
elitebook_840_g6_healthcare_edition_firmware
22 CVEs
Probook 440 G5 Firmware
probook_440_g5_firmware
22 CVEs
Openview Storage Data Protector
openview_storage_data_protector
21 CVEs
Elitebook 735 G5 Firmware
elitebook_735_g5_firmware
21 CVEs
Elitebook 735 G6 Firmware
elitebook_735_g6_firmware
21 CVEs

CVEs (2,335)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-4373
1Hp
1Operations Manager
May 6, 2026
Aug 1, 2016
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections...Show more
The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.Show less
CVE-2016-2775
4Fedoraproject
HpIsc+1 more
9Bind
Enterprise Linux DesktopEnterprise Linux Eus+6 more
May 6, 2026
Jul 19, 2016
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request...Show more
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.Show less
CVE-2016-5388
4Apache
HpOracle+1 more
11Enterprise Linux Desktop
Enterprise Linux Hpc NodeEnterprise Linux Hpc Node Eus+8 more
May 6, 2026
Jul 19, 2016
N/A· v4
8.1 HIGH· v3
5.1 MEDIUM· v2
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_...Show more
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.Show less
CVE-2016-5387
8Apache
CanonicalDebian+5 more
20Communications User Data Repository
Debian LinuxEnterprise Linux Desktop+17 more
May 6, 2026
Jul 19, 2016
N/A· v4
8.1 HIGH· v3
6.8 MEDIUM· v2
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remot...Show more
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.Show less
CVE-2016-5385
8Debian
DrupalFedoraproject+5 more
13Communications User Data Repository
Debian LinuxDrupal+10 more
May 6, 2026
Jul 19, 2016
N/A· v4
8.1 HIGH· v3
5.1 MEDIUM· v2
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, whi...Show more
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.Show less
CVE-2016-4372
1Hp
6Intelligent Management Center Application Performance Manager
Intelligent Management Center Branch Intelligent Management SystemIntelligent Management Center Endpoint Admission Defense+3 more
May 6, 2026
Jul 15, 2016
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM before 7.2 E0401P04, iMC NTA before 7.2 E0401P01, iMC BIMS before 7.2 E0402P02, and iMC UAM_TAM before 7.2 E0405P05 allow remote attackers to execute...Show more
HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM before 7.2 E0401P04, iMC NTA before 7.2 E0401P01, iMC BIMS before 7.2 E0402P02, and iMC UAM_TAM before 7.2 E0405P05 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.Show less
CVE-2016-3092
4Apache
CanonicalDebian+1 more
6Commons Fileupload
Debian LinuxIcewall Identity Manager+3 more
May 6, 2026
Jul 4, 2016
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers...Show more
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.Show less
CVE-2016-2177
3Hp
OpensslOracle
6Icewall Mcrp
Icewall SsoIcewall Sso Agent Option+3 more
May 6, 2026
Jun 20, 2016
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspec...Show more
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.Show less
CVE-2016-4371
1Hp
6Service Manager
Service Manager MobilityService Manager Server+3 more
May 6, 2026
Jun 19, 2016
N/A· v4
8.0 HIGH· v3
6.0 MEDIUM· v2
HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via u...Show more
HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.Show less
CVE-2016-4448
8Apple
HpMcafee+5 more
19Enterprise Linux Desktop
Enterprise Linux ServerEnterprise Linux Server Aus+16 more
May 6, 2026
Jun 9, 2016
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
CVE-2016-4447
7Apple
CanonicalDebian+4 more
11Debian Linux
Icewall Federation AgentIphone Os+8 more
May 6, 2026
Jun 9, 2016
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlPa...Show more
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.Show less
CVE-2016-4369
1Hp
1Discovery And Dependency Mapping Inventory
May 6, 2026
Jun 8, 2016
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object...Show more
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.Show less
CVE-2016-4368
1Hp
3Universal Cmbd Configuration Manager
Universal Cmbd FoundationUniversal Discovery
May 6, 2026
Jun 8, 2016
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Jav...Show more
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.Show less
CVE-2016-4367
1Hp
1Universal Cmbd Foundation
May 6, 2026
Jun 8, 2016
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2016-4366
1Hp
1Systems Insight Manager
May 6, 2026
Jun 8, 2016
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.
CVE-2016-4365
1Hp
1Insight Control Server Deployment
May 6, 2026
Jun 8, 2016
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
HPE Insight Control server deployment allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2016-4364
1Hp
1Insight Control Server Deployment
May 6, 2026
Jun 8, 2016
N/A· v4
8.4 HIGH· v3
7.2 HIGH· v2
HPE Insight Control server deployment allows local users to gain privileges via unspecified vectors.
CVE-2016-4363
1Hp
1Insight Control Server Deployment
May 6, 2026
Jun 8, 2016
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
HPE Insight Control server deployment allows remote attackers to modify data via unspecified vectors.
CVE-2016-4362
1Hp
1Insight Control Server Deployment
May 6, 2026
Jun 8, 2016
N/A· v4
8.1 HIGH· v3
5.5 MEDIUM· v2
HPE Insight Control server deployment allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-4361
1Hp
2Loadrunner
Performance Center
May 6, 2026
Jun 8, 2016
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patc...Show more
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors.Show less