Vulnerabilities > HP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-22 | CVE-2016-1998 | Improper Input Validation vulnerability in HP Service Manager HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | 9.8 |
| 2016-03-22 | CVE-2016-1997 | Improper Input Validation vulnerability in HP products HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | 9.8 |
| 2016-03-19 | CVE-2016-2245 | Improper Authentication vulnerability in HP Support Assistant 8.1.40.3 HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors. | 9.8 |
| 2016-03-18 | CVE-2016-1996 | Unspecified vulnerability in HP System Management Homepage HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors. | 7.7 |
| 2016-03-18 | CVE-2016-1995 | Unspecified vulnerability in HP System Management Homepage HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
| 2016-03-18 | CVE-2016-1994 | Information Exposure vulnerability in HP System Management Homepage HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors. | 6.5 |
| 2016-03-18 | CVE-2016-1993 | Unspecified vulnerability in HP System Management Homepage HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | 8.1 |
| 2016-03-17 | CVE-2016-1992 | Information Exposure vulnerability in HP products HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors. | 6.5 |
| 2016-03-15 | CVE-2016-1989 | Unspecified vulnerability in HP Network Automation HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988. | 9.8 |
| 2016-03-15 | CVE-2016-1988 | Unspecified vulnerability in HP Network Automation HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989. | 9.8 |