Vulnerabilities > HP > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-18 | CVE-2016-1994 | Information Exposure vulnerability in HP System Management Homepage HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors. | 6.5 |
| 2016-03-17 | CVE-2016-1992 | Information Exposure vulnerability in HP products HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors. | 6.5 |
| 2016-03-04 | CVE-2016-2244 | Information Exposure vulnerability in HP Futuresmart Firmware 3.7 HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors. | 5.9 |
| 2016-02-18 | CVE-2016-1987 | Improper Input Validation vulnerability in HP Hp-Ux Ipfilter A.11.31.18.21 HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remote attackers to cause a denial of service via unspecified UDP packets. | 5.9 |
| 2016-01-16 | CVE-2015-6864 | Improper Input Validation vulnerability in HP Arcsight Logger HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component. | 6.3 |
| 2016-01-14 | CVE-2016-0777 | Information Exposure vulnerability in multiple products The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key. | 6.5 |
| 2016-01-05 | CVE-2015-5447 | Cross-site Scripting vulnerability in HP Storeonce Backup System Software 3.13.0 Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2016-01-05 | CVE-2015-5434 | Permissions, Privileges, and Access Controls vulnerability in HP products HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping." | 6.5 |
| 2000-12-19 | CVE-2000-0972 | Link Following vulnerability in HP Hp-Ux 11.00 HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates. | 5.5 |