Vulnerabilities > HP > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-18 | CVE-2018-2588 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). | 4.3 |
| 2018-01-18 | CVE-2018-2582 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). | 6.5 |
| 2017-12-15 | CVE-2017-17556 | Information Exposure vulnerability in HP Synaptics Touchpad Driver A debug tool in Synaptics TouchPad drivers allows local users with administrative access to obtain sensitive information about keyboard scan codes by modifying registry keys. | 5.1 |
| 2017-11-03 | CVE-2017-14359 | Cross-site Scripting vulnerability in HP Performance Center 12.20 A potential security vulnerability has been identified in HPE Performance Center versions 12.20. | 5.4 |
| 2017-10-31 | CVE-2017-14358 | Open Redirect vulnerability in HP products A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. | 6.1 |
| 2017-10-31 | CVE-2017-14357 | Cross-site Scripting vulnerability in HP products A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. | 6.1 |
| 2017-10-05 | CVE-2017-14354 | Cross-site Scripting vulnerability in HP Ucmdb Foundation Software A remote cross-site scripting vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33 could be remotely exploited to allow cross-site scripting. | 6.1 |
| 2017-09-30 | CVE-2017-14352 | Cross-site Scripting vulnerability in HP Ucmdb Configuration Manager A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. | 6.1 |
| 2017-09-30 | CVE-2017-13991 | Information Exposure vulnerability in HP products An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of product license features. | 5.3 |
| 2017-09-30 | CVE-2017-13990 | Information Exposure vulnerability in HP products An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of Apache Tomcat application server version. | 5.3 |