Hp: Security Vulnerabilities
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
CVSS Score
5.0
EPSS Score
0.018
Published
2015-04-24
HP Support Solution Framework before 11.51.0049 allows remote attackers to download an arbitrary program onto a client machine and execute this program via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.004
Published
2015-04-14
Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote attackers to execute arbitrary code via unknown vectors.
CVSS Score
10.0
EPSS Score
0.282
Published
2015-04-14
Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote authenticated users to execute arbitrary code via unknown vectors.
CVSS Score
9.0
EPSS Score
0.006
Published
2015-04-14
Unspecified vulnerability in HP Intelligent Provisioning 1.40 through 1.60 on Windows Server 2008 R2 and 2012 allows local users to obtain sensitive information via unknown vectors.
CVSS Score
2.1
EPSS Score
0.001
Published
2015-04-04
Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.
CVSS Score
7.5
EPSS Score
0.006
Published
2015-03-31
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS Score
3.5
EPSS Score
0.002
Published
2015-03-31
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors.
CVSS Score
6.4
EPSS Score
0.006
Published
2015-03-31
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.
CVSS Score
10.0
EPSS Score
0.252
Published
2015-03-31
HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges.
CVSS Score
6.8
EPSS Score
0.0
Published
2015-03-14