Vulnerabilities > HP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-31 | CVE-2017-14356 | SQL Injection vulnerability in HP products An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. | 9.8 |
| 2017-10-11 | CVE-2017-5791 | Improper Authentication vulnerability in HP Intelligent Management Center Plat 7.2 The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI. | 9.8 |
| 2017-10-11 | CVE-2017-5789 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP Loadrunner and Performance Center HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
| 2017-10-10 | CVE-2017-8994 | Improper Input Validation vulnerability in HP Operations Orchestration A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely. | 9.8 |
| 2017-10-05 | CVE-2017-14354 | Cross-site Scripting vulnerability in HP Ucmdb Foundation Software A remote cross-site scripting vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33 could be remotely exploited to allow cross-site scripting. | 6.1 |
| 2017-10-05 | CVE-2017-14353 | Code Injection vulnerability in HP Ucmdb Foundation Software A remote code execution vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33, could be remotely exploited to allow code execution. | 8.8 |
| 2017-09-30 | CVE-2017-14352 | Cross-site Scripting vulnerability in HP Ucmdb Configuration Manager A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. | 6.1 |
| 2017-09-30 | CVE-2017-14351 | Unspecified vulnerability in HP Ucmdb Configuration Manager A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. | 9.8 |
| 2017-09-30 | CVE-2017-14350 | Missing Authentication for Critical Function vulnerability in HP Application Performance Management 9.26/9.30/9.40 A potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. | 9.8 |
| 2017-09-30 | CVE-2017-14349 | Improper Privilege Management vulnerability in HP Sitescope An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data. | 9.8 |