Search Results (2555 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-8981 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, Bigfix Inventory and 4 more 2025-04-20 N/A
IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system.
CVE-2017-13985 1 Hp 1 Bsm Platform Application Performance Management System Health 2025-04-20 N/A
An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to traverse directory leading to disclosure of information.
CVE-2016-8961 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, Bigfix Inventory and 4 more 2025-04-20 N/A
IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
CVE-2016-8963 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, Bigfix Inventory and 4 more 2025-04-20 N/A
IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user.
CVE-2016-8106 3 Hp, Intel, Lenovo 60 Ethernet 10gb 2-port 562flr-sfp\+, Ethernet 10gb 2-port 562sfp\+, Ethernet 10gb 4-port 563sfp\+ and 57 more 2025-04-20 N/A
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.
CVE-2016-8966 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, Bigfix Inventory and 4 more 2025-04-20 N/A
IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
CVE-2016-4383 1 Hp 1 Helion Openstack Glance 2025-04-20 N/A
The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change.
CVE-2016-8967 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, Bigfix Inventory and 4 more 2025-04-20 N/A
IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user.
CVE-2017-13986 1 Hp 2 Arcsight Enterprise Security Manager, Arcsight Enterprise Security Manager Express 2025-04-20 N/A
A reflected Cross-Site Scripting(XSS) vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows for unintended information when a specific URL is sent to the system.
CVE-2017-13987 1 Hp 2 Arcsight Enterprise Security Manager, Arcsight Enterprise Security Manager Express 2025-04-20 N/A
An insufficient access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows an unauthorized user to download log files.
CVE-2017-13988 1 Hp 2 Arcsight Enterprise Security Manager, Arcsight Enterprise Security Manager Express 2025-04-20 N/A
An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to alter the maximum size of storage groups and enable/disable the setting for the 'follow schedule' function.
CVE-2017-13989 1 Hp 2 Arcsight Enterprise Security Manager, Arcsight Enterprise Security Manager Express 2025-04-20 N/A
An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to retrieve or modify storage information.
CVE-2016-1994 1 Hp 1 System Management Homepage 2025-04-12 N/A
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVE-2016-1988 1 Hp 1 Network Automation 2025-04-12 N/A
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989.
CVE-2016-1989 1 Hp 1 Network Automation 2025-04-12 N/A
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988.
CVE-2016-1987 1 Hp 1 Hp-ux Ipfilter 2025-04-12 N/A
HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remote attackers to cause a denial of service via unspecified UDP packets.
CVE-2016-1992 1 Hp 2 Enterprise Security Manager, Enterprise Security Manager Express 2025-04-12 N/A
HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVE-2016-1993 1 Hp 1 System Management Homepage 2025-04-12 N/A
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-1995 1 Hp 1 System Management Homepage 2025-04-12 N/A
HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2016-1996 1 Hp 1 System Management Homepage 2025-04-12 N/A
HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors.