Vulnerabilities > HP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-06-08 | CVE-2016-2020 | Unspecified vulnerability in HP products HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030. | 8.1 |
| 2016-06-08 | CVE-2016-2019 | Unspecified vulnerability in HP products HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030. | 8.1 |
| 2016-06-08 | CVE-2016-2018 | Unspecified vulnerability in HP products HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors. | 9.1 |
| 2016-06-08 | CVE-2016-2017 | Unspecified vulnerability in HP products HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030. | 8.1 |
| 2016-05-30 | CVE-2016-2025 | Information Exposure vulnerability in HP Service Manager HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components. | 7.5 |
| 2016-05-30 | CVE-2016-2023 | Information Exposure vulnerability in HP Restful Interface Tool 1.40 HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors. | 5.5 |
| 2016-05-30 | CVE-2016-1999 | Improper Access Control vulnerability in HP Release Control 9.13/9.20/9.21 The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | 9.8 |
| 2016-05-22 | CVE-2016-4543 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. | 9.8 |
| 2016-05-17 | CVE-2016-3705 | Improper Input Validation vulnerability in multiple products The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references. | 7.5 |
| 2016-05-17 | CVE-2016-3627 | Uncontrolled Recursion vulnerability in multiple products The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document. | 7.5 |