Vulnerabilities > HP > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-05 | CVE-2018-7123 | Improper Authentication vulnerability in HP Intelligent Management Center A remote denial of service vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | 7.8 |
| 2019-05-10 | CVE-2018-7120 | Unspecified vulnerability in HP Synergy Firmware 5.00.50 A security vulnerability in the HPE Virtual Connect SE 16Gb Fibre Channel Module for HPE Synergy running firmware 5.00.50, which is part of the HPE Synergy Custom SPP 2018.11.20190205, could allow local or remote unauthorized elevation of privilege. | 7.5 |
| 2019-04-23 | CVE-2019-2602 | Resource Exhaustion vulnerability in multiple products Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). | 7.5 |
| 2019-04-11 | CVE-2019-6318 | Improper Verification of Cryptographic Signature vulnerability in HP products HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers have an insufficient solution bundle signature validation that potentially allows execution of arbitrary code. | 7.5 |
| 2019-03-27 | CVE-2018-5923 | Improper Verification of Cryptographic Signature vulnerability in HP products In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code. | 7.5 |
| 2019-03-25 | CVE-2019-3484 | Unspecified vulnerability in HP Arcsight Logger Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7. | 7.8 |
| 2019-03-25 | CVE-2019-3481 | XXE vulnerability in HP Arcsight Logger Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7. | 7.1 |
| 2019-02-11 | CVE-2019-5736 | OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78 | 8.6 |
| 2018-12-31 | CVE-2018-18593 | Path Traversal vulnerability in HP Ucmdb Configuration Manager Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. | 7.5 |
| 2018-12-03 | CVE-2018-7113 | Unspecified vulnerability in HP Integrated Lights-Out 5 Firmware A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) prior to v1.37 could be locally exploited to bypass the security restrictions for firmware updates. | 7.2 |