CVSS: 8.8EPSS: 90%CPEs: 36EXPL: 2CVE-2020-11853 – Arbitrary code execution vulnerability on multiple Micro Focus products
https://notcve.org/view.php?id=CVE-2020-11853
22 Oct 2020 — Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) • https://packetstorm.news/files/id/161182 •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4380 – HP Security Bulletin HPSBGN03637 1
https://notcve.org/view.php?id=CVE-2016-4380
31 Aug 2016 — Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en el AdminUI en HPE Operations Manager 9.21.x en versiones anteriores a 9.21.130 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. A potential vulnerability has been identified in the AdminUI of the HP ... • http://www.securityfocus.com/bid/92698 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2016-4373 – HP Security Bulletin HPSBGN03630 1
https://notcve.org/view.php?id=CVE-2016-4373
26 Jul 2016 — The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. El AdminUI en HPE Operations Manager (OM) en versiones anteriores a 9.21.130 en Linux, Unix y Solaris permite a atacantes remotos ejecutar comandos arbitrarios a través de un objeto Java serializado manipulado, relacionado con la librería Apache Commons Collections (ACC). A v... • http://www.securityfocus.com/bid/92122 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 3%CPEs: 5EXPL: 0CVE-2016-1985 – HP Security Bulletin HPSBGN03542 1
https://notcve.org/view.php?id=CVE-2016-1985
29 Jan 2016 — HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. HPE Operations Manager 8.x y 9.0 en Windows permite a atacantes remotos ejecutar comandos arbitrarios a través de un objeto Java serializado manipulado, relacionado con la librería Apache Commons Collections. A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Operat... • http://www.securityfocus.com/bid/82259 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-2132 – HPE Security Bulletin HPSBUX03369 SSRT102037 1
https://notcve.org/view.php?id=CVE-2015-2132
21 Aug 2015 — Unspecified vulnerability in the execve system-call implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors. Vulnerabilidad no especificada en la implementación de llamadas al sistema execve en HP en las versiones HP-UX B.11.11, B.11.23 y B.11.31, lo que permite a usuarios locales obtener privilegios a través de vectores desconocidos A potential security vulnerability have been identified with HP-UX programs using the execve(2) system call. The vuln... • https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04735247 •
CVSS: 10.0EPSS: 22%CPEs: 6EXPL: 0CVE-2015-2137 – HP Security Bulletin HPSBGN03393 1
https://notcve.org/view.php?id=CVE-2015-2137
13 Aug 2015 — Unspecified vulnerability in HP Operations Manager i (OMi) 9.22, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en HP Operations Manager i (OMi) en las versiones 9.22, 9.23, 9.24, 9.25, 10.00 y 10.01, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. A potential security vulnerability has been identified with HP Operations Manager i (OMi) running on Linux and Windows. The ... • http://www.securitytracker.com/id/1033260 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2107
https://notcve.org/view.php?id=CVE-2015-2107
14 Mar 2015 — HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges. HP Operations Manager i Management Pack 1.x anterior a 1.01 para SAP permite a usuarios locales ejecutar comandos de Sistema Operativo aprovechando privilegios de administración SAP • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 22%CPEs: 3EXPL: 0CVE-2014-2648 – HP Security Bulletin HPSBMU03127
https://notcve.org/view.php?id=CVE-2014-2648
09 Oct 2014 — Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on UNIX allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en HP Operations Manager 9.10 y 9.11 en UNIX permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. A potential security vulnerability has been identified with HP Operations Manager for UNIX. The vulnerability can be exploited remotely to execute arbitrary code. Revision 1 of this advisory. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472866 •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2014-2649 – HP Security Bulletin HPSBMU03127
https://notcve.org/view.php?id=CVE-2014-2649
09 Oct 2014 — Unspecified vulnerability in HP Operations Manager 9.20 on UNIX allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en HP Operations Manager 9.20 en UNIX permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. A potential security vulnerability has been identified with HP Operations Manager for UNIX. The vulnerability can be exploited remotely to execute arbitrary code. Revision 1 of this advisory. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472866 •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2014-2607 – HP Security Bulletin HPSBMU03042
https://notcve.org/view.php?id=CVE-2014-2607
22 May 2014 — Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role. Vulnerabilidad no especificada en HP Operations Manager i 9.1 hasta 9.13 y 9.2 hasta 9.24 permite a usuarios remotos autenticados ejecutar código arbitrario mediante el aprovechamiento del rol de operador OMi. A potential security vulnerability has been identified with HP Operations Manager i running on Linux, and Windows.... • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04296442 •