Vulnerabilities > HP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-06-06 | CVE-2013-2325 | Remote Code Execution vulnerability in HP Data Protector Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1633. | 10.0 |
| 2013-06-06 | CVE-2013-2324 | Remote Code Execution vulnerability in HP Data Protector Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1629. | 10.0 |
| 2013-05-02 | CVE-2013-2321 | Cross-Site Scripting vulnerability in HP Service Manager web Tier 9.31 Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-05-02 | CVE-2012-5222 | Information Exposure vulnerability in HP Service Manager web Tier 9.31 HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2013-04-29 | CVE-2012-5221 | Information Disclosure vulnerability in Multiple HP LaserJet Printers Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors. | 5.0 |
| 2013-04-28 | CVE-2012-5219 | Cross-Site Scripting vulnerability in HP Managed Printing Administration 2.6.3/2.6.4 Cross-site scripting (XSS) vulnerability in HP Managed Printing Administration (MPA) before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-04-26 | CVE-2012-5220 | Local Privilege Escalation vulnerability in HP Data Protector Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows local users to gain privileges via unknown vectors. | 7.2 |
| 2013-04-24 | CVE-2012-5218 | Permissions, Privileges, and Access Controls vulnerability in HP Elitepad 900 HP ElitePad 900 PCs with BIOS F.0x before F.01 Update 1.0.0.8 do not enable the Secure Boot feature, which allows local users to bypass intended BIOS restrictions and boot unintended operating systems via unspecified vectors. | 7.2 |
| 2013-03-28 | CVE-2012-5216 | Cross-Site Request Forgery (CSRF) vulnerability in HP products Cross-site request forgery (CSRF) vulnerability on HP ProCurve 1700-8 (aka J9079A) switches with software before VA.02.09 and 1700-24 (aka J9080A) switches with software before VB.02.09 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2013-03-11 | CVE-2012-1999 | Unspecified vulnerability in HP Systems Insight Manager Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors. | 8.5 |