Vulnerabilities (CVE)

Vendor filter

Filter

1649 total CVE
CVE Vendors Products Updated CVSS
CVE-2013-2353 1 Hp 1 Storeonce D2d 2018-12-06 7.8
Unspecified vulnerability in HP StoreOnce D2D Backup System 1.x before 1.2.19 and 2.x before 2.3.0 allows remote attackers to cause a denial of service via unknown vectors.
CVE-2017-12557 1 Hp 1 Intelligent Management Center 2018-12-05 10.0
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
CVE-2018-7076 1 Hp 1 Intelligent Management Center 2018-12-03 10.0
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04.
CVE-2015-7547 11 Sophos, Oracle, Canonical and 8 more 31 Big-ip Policy Enforcement Manager, Linux Enterprise Debuginfo, Helion Openstack and 28 more 2018-11-30 6.8
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute...
CVE-2015-4000 12 Google, Openssl, Apple and 9 more 25 Safari, Network Security Services, Ie and 22 more 2018-11-30 4.3
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a...
CVE-2012-5210 1 Hp 2 Intelligent Management Centertacacs%2b Authentication Manager, Tacacs%2b Authentication Manager 2018-11-29 7.5
Unspecified vulnerability in HP Intelligent Management Center (iMC) TACACS+ Authentication Manager (TAM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka...
CVE-2018-7101 1 Hp 1 Integrated Lights-out 4 Firmware 2018-11-26 5.0
A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30.
CVE-2018-7103 1 Hp 1 Intelligent Management Center Wireless Services Manager Software 2018-11-16 10.0
A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02.
CVE-2018-7104 1 Hp 1 Intelligent Management Center Wireless Services Manager Software 2018-11-16 10.0
A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02.
CVE-2008-3542 1 Hp 1 Insight Diagnostics 2018-11-01 7.8
Unspecified vulnerability in HP Insight Diagnostics before 7.9.1.2402 allows remote attackers to read arbitrary files via unknown vectors.
CVE-2015-3145 9 Apple, Haxx, Oracle and 6 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2018-10-30 7.5
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact...
CVE-2016-2107 6 Hp, Openssl, Google and 3 more 14 Leap, Openssl, Enterprise Linux Desktop and 11 more 2018-10-30 2.6
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack...
CVE-2015-3148 8 Apple, Haxx, Canonical and 5 more 9 Ubuntu Linux, Debian Linux, Fedora and 6 more 2018-10-30 5.0
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
CVE-2013-4854 10 Slackware, Freebsd, Redhat and 7 more 13 Hp-ux, Dnsco Bind, Enterprise Linux and 10 more 2018-10-30 7.8
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service...
CVE-2016-3627 6 Novell, Hp, Debian and 3 more 7 Libxml2, Ubuntu Linux, Leap and 4 more 2018-10-30 5.0
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML...
CVE-2016-4543 5 Hp, Php, Fedoraproject and 2 more 5 System Management Homepage, Leap, Php and 2 more 2018-10-30 7.5
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have...
CVE-2016-3705 6 Novell, Hp, Debian and 3 more 7 Libxml2, Ubuntu Linux, Leap and 4 more 2018-10-30 5.0
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and...
CVE-2016-9597 6 Hp, Xmlsoft, Canonical and 3 more 7 Icewall Federation Agent, Icewall File Manager, Libxml2 and 4 more 2018-10-30 5.0
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a...
CVE-2007-4590 1 Hp 3 Ignite-ux, Dynrootdisk, Hp-ux 2018-10-30 3.3
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown...
CVE-2002-0678 7 Xi Graphics, Sgi, Compaq and 4 more 9 Hp-ux, Aix, Solaris and 6 more 2018-10-30 7.2
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.