Vulnerabilities > HP > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-08-06 CVE-2017-8992 Unspecified vulnerability in HP Centralview Fraud Risk Management
HPE has identified a remote privilege escalation vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1.
network
low complexity
hp
critical
9.8
2018-08-06 CVE-2017-8990 Unspecified vulnerability in HP IMC Wireless Service Manager 7.1/7.2/7.3
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Service Manager (WSM) Software earlier than version WSM 7.3 (E0506).
network
low complexity
hp
critical
9.8
2018-08-06 CVE-2017-8989 Open Redirect vulnerability in HP Icewall SSO 10.0/11.0
A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could be exploited remotely to allow URL Redirection.
network
low complexity
hp CWE-601
critical
9.1
2018-08-06 CVE-2017-8988 Unspecified vulnerability in HP XP Command View 5.8.000/5.8.003/5.9.001
A Remote Bypass of Security Restrictions vulnerability was identified in HPE XP Command View Advanced Edition Software Earlier than 8.5.3-00.
network
low complexity
hp
critical
9.8
2018-08-06 CVE-2016-4404 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP Keyview
A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2.
network
low complexity
hp CWE-119
critical
9.8
2018-08-06 CVE-2016-4403 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP Keyview
A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2.
network
low complexity
hp CWE-119
critical
9.8
2018-08-06 CVE-2016-4402 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP Keyview
A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2.
network
low complexity
hp CWE-119
critical
9.8
2018-08-06 CVE-2016-4391 Code Injection vulnerability in HP Arcsight Winc Connector
A remote code execution security vulnerability has been identified in all versions of the HP ArcSight WINC Connector prior to v7.3.0.
network
low complexity
hp CWE-94
critical
9.8
2018-07-12 CVE-2018-12463 XXE vulnerability in HP Fortify Software Security Center 17.1/17.2/18.1
An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
network
low complexity
hp CWE-611
critical
9.8
2018-06-26 CVE-2017-7658 HTTP Request Smuggling vulnerability in multiple products
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second.
network
low complexity
eclipse debian oracle hp netapp CWE-444
critical
9.8