Vulnerabilities > HP > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-18 | CVE-2018-2637 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). | 7.4 |
| 2018-01-18 | CVE-2018-2633 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). | 8.3 |
| 2017-11-08 | CVE-2017-14360 | Resource Exhaustion vulnerability in HP Content Manager 9.0 A potential security vulnerability has been identified in HPE Content Manager Workgroup Service v9.00. | 7.5 |
| 2017-10-11 | CVE-2017-5789 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP Loadrunner and Performance Center HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
| 2017-10-10 | CVE-2017-8994 | Improper Input Validation vulnerability in HP Operations Orchestration A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely. | 7.5 |
| 2017-10-05 | CVE-2017-14353 | Code Injection vulnerability in HP Ucmdb Foundation Software A remote code execution vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33, could be remotely exploited to allow code execution. | 8.8 |
| 2017-09-30 | CVE-2017-13989 | Unspecified vulnerability in HP products An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to retrieve or modify storage information. | 8.1 |
| 2017-09-30 | CVE-2017-13982 | Unrestricted Upload of File with Dangerous Type vulnerability in HP BSM Platform Application Performance Management System Health 9.26/9.30/9.40 A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files. | 8.8 |
| 2017-06-27 | CVE-2016-4383 | Improper Access Control vulnerability in HP Helion Openstack Glance The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change. | 8.5 |
| 2017-05-11 | CVE-2015-5436 | Unspecified vulnerability in HP Integrated Lights-Out Firmware A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. | 7.5 |