Vulnerabilities > HP > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-17	CVE-2018-3136	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). network high complexity oracle redhat debian canonical hp	3.4
2018-10-17	CVE-2018-3139	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). network high complexity oracle redhat debian canonical hp	3.1
2018-07-18	CVE-2018-2952	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). network high complexity oracle debian canonical hp redhat netapp	3.7
2018-04-19	CVE-2018-2790	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). network high complexity oracle redhat debian canonical hp schneider-electric	3.1
2018-02-15	CVE-2016-8535	Improper Input Validation vulnerability in HP Matrix Operating Environment 7.6 A remote HTTP parameter Pollution vulnerability in HPE Matrix Operating Environment version 7.6 was found. network low complexity hp CWE-20	3.5
2018-01-18	CVE-2018-2579	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle redhat debian canonical schneider-electric hp	3.7
2016-09-08	CVE-2016-4379	Cryptographic Issues vulnerability in HP Integrated Lights-Out 3 Firmware The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack. network high complexity hp CWE-310	3.7
2016-01-05	CVE-2015-6858	Information Exposure vulnerability in HP Insight Management 7.4 HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensitive information via unspecified vectors. network high complexity hp CWE-200	3.7
2015-05-21	CVE-2015-4000	Cryptographic Issues vulnerability in multiple products The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. network high complexity openssl canonical hp ibm oracle debian suse apple mozilla opera microsoft google CWE-310	3.7