Page 2 of 14 results (0.044 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2

Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP Operations Manager (formerly OpenView Communications Broker) before 11.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en HP Operations Agent en HP Operations Manager (anteriormente OpenView Communications Broker) anterior a 11.14 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • https://www.exploit-db.com/exploits/35076 http://www.exploit-db.com/exploits/35076 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472444 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 1

Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors. Vulnerabilidad no especificada en HP Operations Agent 11.00, cuando Glance está utilizado, permite a usuarios locales ganar privilegios a través de vectores desconocidos. It has been identified that binaries that are executed with elevated privileges (SetGID and SetUID programs) in Compaq/HP's Glance for Linux have been compiled in manner that means they searched for libraries in insecure locations. Versions 11.00 and below are affected. • https://www.exploit-db.com/exploits/48000 http://packetstormsecurity.com/files/156206/xglance-bin-Local-Root-Privilege-Escalation.html http://packetstormsecurity.com/files/157528/HP-Performance-Monitoring-xglance-Privilege-Escalation.html http://seclists.org/fulldisclosure/2020/Feb/1 http://secunia.com/advisories/60041 http://www.securitytracker.com/id/1030702 https://exchange.xforce.ibmcloud.com/vulnerabilities/95181 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04394554 ht •

CVSS: 10.0EPSS: 95%CPEs: 13EXPL: 1

Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325. Vulnerabilidad no especificada en HP Agente de Operaciones antes de 3.11.12 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos, también conocido como ZDI-CAN-1325. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Performance Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the coda.exe process which listens on a random TCP port by default. The process trusts a value within a GET request as a size. • https://www.exploit-db.com/exploits/22306 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03397769 •

CVSS: 10.0EPSS: 95%CPEs: 13EXPL: 1

Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326. Vulnerabilidad no especificada en HP Operations Agent antes de v3.11.12 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos, también conocido como ZDI-CAN-1326. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Performance Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the coda.exe process which listens on a random TCP port by default. The process trusts a value within a GET request as a size. • https://www.exploit-db.com/exploits/22305 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03397769 •

CVSS: 3.2EPSS: 0%CPEs: 7EXPL: 0

Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors. Vulnerabilidad no especificada en HP Operations Agent v11.00 y Performance Agent v4.73 y v5.0 en AIX, HP-UX, Linux, y Solaris, permite a usuarios locales evitar las restricciones de acceso del directorio a través de vectores desconocidos • http://marc.info/?l=bugtraq&m=132198248000785&w=2 http://secunia.com/advisories/46971 http://www.securityfocus.com/bid/50761 •