Vulnerabilities > HP > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-05 | CVE-2016-4388 | Unspecified vulnerability in HP Keyview The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4389, and CVE-2016-4390. | 8.1 |
| 2016-10-05 | CVE-2016-4387 | Unspecified vulnerability in HP Keyview The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4388, CVE-2016-4389, and CVE-2016-4390. | 8.1 |
| 2016-09-29 | CVE-2016-4386 | Unspecified vulnerability in HP Network Automation 10.10 HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified vectors. | 7.8 |
| 2016-09-29 | CVE-2016-4385 | Deserialization of Untrusted Data vulnerability in HP Network Automation The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries. | 7.3 |
| 2016-09-28 | CVE-2016-2776 | Improper Input Validation vulnerability in multiple products buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. | 7.5 |
| 2016-09-21 | CVE-2016-4384 | Unspecified vulnerability in HP Loadrunner and Performance Center HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors. | 8.6 |
| 2016-09-21 | CVE-2016-4382 | Permissions, Privileges, and Access Controls vulnerability in HP Performance Center HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue. | 8.3 |
| 2016-08-26 | CVE-2016-4378 | Information Exposure vulnerability in HP XP7 Command View and XP 9000 Command View The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors. | 7.5 |
| 2016-08-22 | CVE-2016-4377 | Unspecified vulnerability in HP products HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy Planning Tool before 3.3, SAP Sizing Tool before 16.12.1, Sizing Tool for SAP Business Suite powered by HANA before 16.11.1, Sizer for ConvergedSystems Virtualization before 16.7.1, Sizer for Microsoft Exchange Server before 16.12.1, Sizer for Microsoft Lync Server 2013 before 16.12.1, Sizer for Microsoft SharePoint 2013 before 16.13.1, Sizer for Microsoft SharePoint 2010 before 16.11.1, and Sizer for Microsoft Skype for Business Server 2015 before 16.5.1 allows remote attackers to execute arbitrary code via unspecified vectors. | 8.1 |
| 2016-08-08 | CVE-2016-4374 | Server-Side Request Forgery (SSRF) vulnerability in HP Release Control 9.13/9.20/9.21 HPE Release Control (RC) 9.13, 9.20, and 9.21 before 9.21.0005 p4 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and consequently obtain sensitive information or cause a denial of service, via unspecified vectors. | 7.7 |