Vulnerabilities > HP > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-02-15 CVE-2017-12558 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
network
low complexity
hp CWE-502
critical
9.8
2018-02-15 CVE-2017-12557 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
network
low complexity
hp CWE-502
critical
9.8
2018-02-15 CVE-2017-12556 Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
network
low complexity
hp CWE-502
critical
9.8
2018-02-15 CVE-2017-12542 Unspecified vulnerability in HP Integrated Lights-Out 4 Firmware
A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found.
network
low complexity
hp
critical
10.0
2018-02-15 CVE-2016-8519 Deserialization of Untrusted Data vulnerability in HP Operations Orchestration
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.
network
low complexity
hp CWE-502
critical
9.8
2018-02-15 CVE-2016-8512 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP Loadrunner and Performance Center
A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.
network
low complexity
hp CWE-119
critical
9.8
2018-02-15 CVE-2016-8511 Deserialization of Untrusted Data vulnerability in HP Network Automation
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.
network
low complexity
hp CWE-502
critical
9.8
2018-01-23 CVE-2017-2750 Improper Input Validation vulnerability in HP products
Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code in HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP OfficeJet Enterprise printers before 2308937_578479, 2405087_018548, and other firmware versions.
network
low complexity
hp CWE-20
critical
9.8
2018-01-23 CVE-2017-2741 Unspecified vulnerability in HP products
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmware before 1708D.
network
low complexity
hp
critical
9.8
2017-12-28 CVE-2017-5641 Deserialization of Untrusted Data vulnerability in multiple products
Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default.
network
low complexity
apache hp CWE-502
critical
9.8