Vulnerabilities > HP > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-25 | CVE-2019-3480 | Cross-site Scripting vulnerability in HP Arcsight Logger Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7. | 6.1 |
2019-02-04 | CVE-2019-7317 | Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. | 5.3 |
2018-12-03 | CVE-2018-7115 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HP Intelligent Management Center HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. | 5.3 |
2018-12-03 | CVE-2018-7113 | Unspecified vulnerability in HP Integrated Lights-Out 5 Firmware 1.30 A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) prior to v1.37 could be locally exploited to bypass the security restrictions for firmware updates. low complexity hp | 6.6 |
2018-12-03 | CVE-2018-7112 | Unspecified vulnerability in HP products The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. | 5.5 |
2018-10-17 | CVE-2018-7111 | Unspecified vulnerability in HP Universal Internet of Things A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. | 5.3 |
2018-10-17 | CVE-2018-3214 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). | 5.3 |
2018-10-17 | CVE-2018-3180 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). | 5.6 |
2018-10-03 | CVE-2017-2751 | Insufficiently Protected Credentials vulnerability in HP products A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. | 4.6 |
2018-10-02 | CVE-2018-9069 | Race Condition vulnerability in multiple products In some Lenovo IdeaPad consumer notebook models, a race condition in the BIOS flash device locking mechanism is not adequately protected against, potentially allowing an attacker with administrator access to alter the contents of BIOS. | 5.9 |