Vulnerabilities > HP > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-12-15 | CVE-2015-5312 | Resource Management Errors vulnerability in multiple products The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660. | 7.1 |
2015-11-26 | CVE-2015-6857 | Local Code Execution vulnerability in HP Loadrunner and Performance Center Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138. | 7.2 |
2015-11-04 | CVE-2015-6867 | Improper Access Control vulnerability in HP Vertica 7.1.1 The vertica-udx-zygote process in HP Vertica 7.1.1 UDx does not require authentication, which allows remote attackers to execute arbitrary commands via a crafted packet, aka ZDI-CAN-2914. | 7.5 |
2015-11-04 | CVE-2015-6030 | Permissions, Privileges, and Access Controls vulnerability in multiple products HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access. | 7.2 |
2015-08-27 | CVE-2015-5368 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP products The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows remote attackers to modify data or cause a denial of service, or execute arbitrary code, via unspecified vectors. | 7.8 |
2015-08-27 | CVE-2015-5432 | Unspecified vulnerability in HP Virtual Connect Enterprise Manager SDK 7.4.0 HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors. | 7.5 |
2015-08-27 | CVE-2015-5429 | Unspecified vulnerability in HP Matrix Operating Environment 7.4 HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5428. | 7.5 |
2015-08-27 | CVE-2015-5428 | Unspecified vulnerability in HP Matrix Operating Environment 7.4 HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5429. | 7.5 |
2015-08-27 | CVE-2015-5427 | Unspecified vulnerability in HP Matrix Operating Environment 7.4 HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5428 and CVE-2015-5429. | 7.5 |
2015-08-27 | CVE-2015-5404 | Unspecified vulnerability in HP Systems Insight Manager HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors. | 7.5 |