Filtered by vendor Hp
Subscriptions
Total
2447 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-4365 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-11-21 | 4.3 Medium |
| IBM WebSphere Application Server 8.5 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 178964. | ||||
| CVE-2020-4320 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Mq and 3 more | 2024-11-21 | 6.5 Medium |
| IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting. IBM X-Force ID: 177403. | ||||
| CVE-2020-4310 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Mq and 4 more | 2024-11-21 | 7.5 High |
| IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081. | ||||
| CVE-2020-4299 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2024-11-21 | 4.3 Medium |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 could expose sensitive information to a user through a specially crafted HTTP request. IBM X-Force ID: 176606. | ||||
| CVE-2020-4259 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2024-11-21 | 6.5 Medium |
| IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authenticated user could manipulate cookie information and remove or add modules from the cookie to access functionality not authorized to. IBM X-Force ID: 175638. | ||||
| CVE-2020-28419 | 1 Hp | 1503 Laserjet Managed Mfp E62665 3gy14a, Laserjet Managed Mfp E62665 3gy15a, Laserjet Managed Mfp E62665 3gy16a and 1500 more | 2024-11-21 | 8.8 High |
| During installation with certain driver software or application packages an arbitrary code execution could occur. | ||||
| CVE-2020-28416 | 1 Hp | 310 Officejet 250 Cz992a, Officejet 250 Cz992a Firmware, Officejet 250c L9d57a and 307 more | 2024-11-21 | 7.8 High |
| HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution. | ||||
| CVE-2020-24652 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.8 Critical |
| A addvsiinterfaceinfo expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-24651 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.8 Critical |
| A syslogtempletselectwin expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-24650 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.8 Critical |
| A legend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-24649 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.8 Critical |
| A remote bytemessageresource transformentity" input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-24648 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.8 Critical |
| A accessmgrservlet classname deserialization of untrusted data remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-24647 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.8 Critical |
| A remote accessmgrservlet classname input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-24646 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.8 Critical |
| A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-24630 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 8.8 High |
| A remote operatoronlinelist_content privilege escalation vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-24629 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 9.8 Critical |
| A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||||
| CVE-2020-15596 | 1 Hp | 28 Elite X2 1012 G1, Elite X2 1012 G1 Firmware, Elite X2 1012 G2 and 25 more | 2024-11-21 | 6.7 Medium |
| The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file. | ||||
| CVE-2020-12695 | 22 Asus, Broadcom, Canon and 19 more | 218 Rt-n11, Adsl, Selphy Cp1200 and 215 more | 2024-11-21 | 7.5 High |
| The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. | ||||
| CVE-2020-11853 | 2 Hp, Microfocus | 7 Universal Cmbd Foundation, Application Performance Management, Data Center Automation and 4 more | 2024-11-21 | 8.8 High |
| Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) Universal CMDB affecting version: 2020.05, 2019.11, 2019.05, 2019.02, 2018.11, 2018.08, 2018.05, 11, 10.33, 10.32, 10.31, 10.30 6.) Hybrid Cloud Management affecting version 2020.05 7.) Service Management Automation affecting version 2020.5 and 2020.02. The vulnerability could allow to execute arbitrary code. | ||||
| CVE-2020-10136 | 4 Cisco, Digi, Hp and 1 more | 63 Nexus 1000v, Nexus 1000ve, Nexus 3016 and 60 more | 2024-11-21 | 5.3 Medium |
| IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing. | ||||