High

DATE	CVE	VULNERABILITY TITLE	RISK
2016-01-05	CVE-2015-6859	Permissions, Privileges, and Access Controls vulnerability in HP Network Switch Software 15.18.0 HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6860. local low complexity hp CWE-264	7.8
2016-01-05	CVE-2015-5446	Unspecified vulnerability in HP Storeonce Backup System Software 3.13.0 HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code via unspecified vectors. high complexity hp	7.5
2016-01-05	CVE-2015-5445	Cross-Site Request Forgery (CSRF) vulnerability in HP Storeonce Backup System Software 3.13.0 Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. network low complexity hp CWE-352	8.8
2015-12-28	CVE-2015-8651	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors. network low complexity adobe redhat suse opensuse hp CWE-190	8.8
2015-06-09	CVE-2015-3200	Injection vulnerability in multiple products mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character. network low complexity lighttpd hp oracle CWE-74	7.5
2005-02-09	CVE-2004-0940	Incorrect Calculation of Buffer Size vulnerability in multiple products Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. local low complexity openpkg apache slackware hp suse trustix CWE-131	7.8
2004-11-23	CVE-2004-0079	NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. network low complexity cisco symantec hp avaya redhat freebsd openbsd apple sco 4d checkpoint dell lite neoteris novell openssl sgi stonesoft tarantella vmware bluecoat securecomputing sun CWE-476	7.5
2002-12-31	CVE-2002-1796	Improper Verification of Cryptographic Signature vulnerability in HP Chaivm Ezloader ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services. local low complexity hp CWE-347	7.8