VIR Vulnerability Intelligence Relay

Search

Found 418 results in 39ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-8632 high 7.8 7.8 FIX debian debian sles hp 14d ago A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution v…
CVE-2026-8631 critical 9.8 9.8 FIX debian debian sles hp 14d ago A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution v…
CVE-2017-5641 critical 9.8 9.8 apachehp 9y ago Apache Flex BlazeDS unsafe deserialization
CVE-2017-14360 high 7.5 7.5 hp 9y ago A potential security vulnerability has been identified in HPE Content Manager Workgroup Service v9.00. The vulnerability could be remotely exploited to allow Denial of Service (DoS).
CVE-2017-14356 critical 9.8 9.8 hp 9y ago An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQ…
CVE-2017-5791 critical 9.8 9.8 hp 9y ago The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI.
CVE-2017-5789 critical 9.8 9.8 hp 9y ago HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdru…
CVE-2017-8994 critical 9.8 9.8 hp 9y ago A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
CVE-2017-14353 high 8.8 8.8 hp 9y ago A remote code execution vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33, could be remotely exploited to allow code execution.
CVE-2017-14351 critical 9.8 9.8 hp 9y ago A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. These vulnerabilities could be remotely exploited to allow …
CVE-2017-14350 critical 9.8 9.8 hp 9y ago A potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code …
CVE-2017-14349 critical 9.8 9.8 hp 9y ago An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data.
CVE-2017-13989 high 8.1 8.1 hp 9y ago An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to retrieve or modify storage i…
CVE-2017-13983 critical 9.8 9.8 hp 9y ago An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication.
CVE-2017-13982 high 8.8 8.8 hp 9y ago A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files.
CVE-2015-0839 high 8.1 8.1 FIX debian debian hp 9y ago The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to ve…
CVE-2016-4383 high 8.4 8.4 slesdebian debian hp 9y ago The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified ima…
CVE-2017-3733 high 7.5 7.5 FIX debian debian opensslhp 9y ago During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (d…
CVE-2016-4396 high 7.5 7.5 hp 10y ago HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
CVE-2016-4395 high 7.5 7.5 hp 10y ago HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
CVE-2016-4390 high 8.1 8.1 hp 10y ago The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-…
CVE-2016-4389 high 8.1 8.1 hp 10y ago The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-…
CVE-2016-4388 high 8.1 8.1 hp 10y ago The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4389, and CVE-2016-…
CVE-2016-4387 high 8.1 8.1 hp 10y ago The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4388, CVE-2016-4389, and CVE-2016-…
CVE-2016-4386 high 7.8 7.8 hp 10y ago HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified vectors.
CVE-2016-4385 high 7.3 7.3 hp 10y ago The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Jav…
CVE-2016-4384 high 8.6 8.6 hp 10y ago HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.
CVE-2016-4382 high 8.3 8.3 hp 10y ago HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issu…
CVE-2016-2182 critical 9.8 9.8 FIX slesarch archdebian debian hpopenssl 10y ago The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and…
CVE-2016-4378 high 7.5 7.5 hp 10y ago The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Editio…
CVE-2016-4377 high 8.1 8.1 hp 10y ago HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy …
CVE-2016-4374 high 7.7 7.7 hp 10y ago HPE Release Control (RC) 9.13, 9.20, and 9.21 before 9.21.0005 p4 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and consequently obtain sensitive informatio…
CVE-2016-4373 critical 9.8 9.8 hp 10y ago The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apach…
CVE-2016-5388 high 8.1 8.1 FIX sles rheldebian debian hpapache 10y ago Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted cli…
CVE-2016-5387 high 8.1 8.1 FIX debian debian slesfedora fedora apachehporacle 10y ago The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, wh…
CVE-2016-5385 high 8.1 8.1 slesfedora fedorasuse suse oraclehpphp 10y ago HTTP Proxy header vulnerability
CVE-2016-4372 critical 9.8 10.0 EXP hp 10y ago HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM before 7.2 E0401P04, iMC NTA before 7.2 E0401P01, iMC BIMS before 7.2 E0402P02, and iMC UAM_TAM before 7.2 E0405P05 allow remote…
CVE-2016-3092 high 7.5 7.5 FIX slesdebian debianubuntu ubuntu apachehp 10y ago The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, all…
CVE-2016-2177 critical 9.8 9.8 FIX slesarch archdebian debian hpopenssl 10y ago OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or…
CVE-2016-4371 high 8.0 8.0 hp 10y ago HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery…
CVE-2016-4448 critical 9.8 9.8 FIX slesdebian debian rhel hpxmlsoftapple 10y ago Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
CVE-2016-4447 high 7.5 7.5 FIX slesdebian debianubuntu ubuntu hpapplexmlsoft 10y ago The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted …
CVE-2016-4369 high 8.8 8.8 hp 10y ago HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted s…
CVE-2016-4368 critical 9.8 9.8 hp 10y ago HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a c…
CVE-2016-4367 high 7.5 7.5 hp 10y ago The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2016-4366 critical 9.8 9.8 hp 10y ago HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.
CVE-2016-4365 high 7.5 7.5 hp 10y ago HPE Insight Control server deployment allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2016-4364 high 8.4 8.4 hp 10y ago HPE Insight Control server deployment allows local users to gain privileges via unspecified vectors.
CVE-2016-4362 high 8.1 8.1 hp 10y ago HPE Insight Control server deployment allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-4361 high 7.5 7.5 hp 10y ago HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch …
CVE-2016-4360 critical 9.1 9.1 hp 10y ago web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.5…
CVE-2016-4359 critical 9.8 9.8 hp 10y ago Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Perfo…
CVE-2016-4358 high 8.1 8.1 hp 10y ago HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029.
CVE-2016-4357 high 8.1 8.1 hp 10y ago HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2028.
CVE-2016-2030 high 8.1 8.1 hp 10y ago HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, …
CVE-2016-2029 critical 9.1 9.1 hp 10y ago HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4358.
CVE-2016-2028 high 8.1 8.1 hp 10y ago HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4357.
CVE-2016-2027 high 7.5 7.5 hp 10y ago HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2026.
CVE-2016-2026 high 7.5 7.5 hp 10y ago HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2027.
CVE-2016-2024 critical 9.8 9.8 hp 10y ago HPE Insight Control before 7.5.1 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.
CVE-2016-2022 high 8.1 8.1 hp 10y ago HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, …
CVE-2016-2021 high 8.1 8.1 hp 10y ago HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, …
CVE-2016-2020 high 8.1 8.1 hp 10y ago HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, …
CVE-2016-2019 high 8.1 8.1 hp 10y ago HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, …
CVE-2016-2018 critical 9.1 9.1 hp 10y ago HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-2017 high 8.1 8.1 hp 10y ago HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2019, …
CVE-2016-2025 high 7.5 7.5 hp 10y ago HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Cata…
CVE-2016-1999 critical 9.8 9.8 hp 10y ago The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVE-2016-4543 critical 9.8 9.8 slessuse susefedora fedora hpphp 10y ago The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial o…
CVE-2016-3705 high 7.5 7.5 FIX debian debianubuntu ubuntususe suse xmlsofthp 10y ago The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to caus…
CVE-2016-3627 high 7.5 7.5 FIX slesubuntu ubuntudebian debian hpxmlsoftredhat 10y ago The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consum…
CVE-2016-2015 high 7.1 7.1 hp 10y ago HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-3710 high 8.8 8.8 FIX slesubuntu ubuntudebian debian hpqemuoracle 10y ago The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes …
CVE-2016-2014 high 8.1 8.1 hp 10y ago HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors.
CVE-2016-2009 high 8.8 8.8 hp 10y ago HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache …
CVE-2016-2008 critical 9.8 9.8 hp 10y ago HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2016-2007 critical 9.8 9.8 hp 10y ago HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3354.
CVE-2016-2006 critical 9.8 9.8 hp 10y ago HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353.
CVE-2016-2005 critical 9.8 9.8 hp 10y ago HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352.
CVE-2016-2004 critical 9.8 10.0 EXP hp 10y ago HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulner…
CVE-2016-2003 critical 9.8 9.8 hp 10y ago HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted seriali…
CVE-2016-2001 high 7.4 7.4 hp 10y ago HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors.
CVE-2016-2000 critical 9.8 9.8 hp 10y ago HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache C…
CVE-2016-1998 critical 9.8 9.8 hp 10y ago HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collecti…
CVE-2016-1997 critical 9.8 9.8 hp 10y ago HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to …
CVE-2016-2245 critical 9.8 9.8 hp 10y ago HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors.
CVE-2016-1996 high 7.7 7.7 hp 10y ago HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-1995 critical 9.8 9.8 hp 10y ago HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2016-1993 high 8.1 8.1 hp 10y ago HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-1989 critical 9.8 9.8 hp 10y ago HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerabili…
CVE-2016-1988 critical 9.8 9.8 hp 10y ago HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerabili…
CVE-2015-7547 high 8.1 9.1 EXPFIX debian debianubuntu ubuntususe suse hpsophossuse 10y ago Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a den…
CVE-2016-1986 critical 9.8 9.8 hp 11y ago HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVE-2016-0728 high 7.8 8.8 EXPFIX slesdebian debianubuntu ubuntu hp 11y ago The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or…
CVE-2016-1985 critical 10.0 10.0 hp 11y ago HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVE-2015-6863 high 7.3 7.3 hp 11y ago HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component.
CVE-2015-6862 high 8.4 8.4 hp 11y ago HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors.
CVE-2015-5312 high 7.1 FIX debian debianubuntu ubuntu rhel xmlsofthp 11y ago Nokogiri subject to DoS via libxml2 vulnerability
CVE-2015-6857 high 7.2 hp 11y ago Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.
CVE-2015-6030 high 7.2 hpmicrofocus 11y ago HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allo…