Vulnerabilities (CVE)

Filtered by vendor Hp Subscribe
Total 2415 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-35980 2 Arubanetworks, Hp 2 Arubaos, Instantos 2023-12-10 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2023-42027 4 Hp, Ibm, Linux and 1 more 6 Hp-ux, Aix, Cics Tx and 3 more 2023-12-10 N/A 8.8 HIGH
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 266057.
CVE-2023-35982 2 Arubanetworks, Hp 2 Arubaos, Instantos 2023-12-10 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2023-33850 4 Hp, Ibm, Linux and 1 more 6 Hp-ux, Aix, Cics Tx and 3 more 2023-12-10 N/A 7.5 HIGH
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 257132.
CVE-2023-28513 5 Hp, Ibm, Linux and 2 more 9 Hp-ux, Aix, I and 6 more 2023-12-10 N/A 7.5 HIGH
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397.
CVE-2015-1390 1 Hp 1 Airwave 2023-12-10 N/A 6.1 MEDIUM
Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator.
CVE-2015-2202 2 Arubanetworks, Hp 2 Airwave, Airwave 2023-12-10 N/A 7.2 HIGH
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS.
CVE-2023-5365 1 Hp 1 Life 2023-12-10 N/A 9.8 CRITICAL
HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or information disclosure.
CVE-2023-5739 1 Hp 4 Image Assistant, Pc Hardware Diagnostics, Thunderbolt Dock G2 and 1 more 2023-12-10 N/A 7.8 HIGH
Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to elevation of privilege.
CVE-2022-4894 2 Hp, Samsung 2046 1vr14a, 1vr14a Firmware, 209u7a and 2043 more 2023-12-10 N/A 7.3 HIGH
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.
CVE-2023-26300 1 Hp 178 200 G4 22 All-in-one Pc \(rom Family Ssid 86f0\), 200 G4 22 All-in-one Pc \(rom Family Ssid 86f0\) Firmware, 200 G4 22 All-in-one Pc \(rom Family Ssid 86f2\) and 175 more 2023-12-10 N/A 7.8 HIGH
A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potential vulnerability.
CVE-2015-2201 2 Arubanetworks, Hp 2 Airwave, Airwave 2023-12-10 N/A 7.2 HIGH
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users.
CVE-2023-38402 2 Hp, Microsoft 2 Aruba Virtual Intranet Access, Windows 2023-12-10 N/A 7.1 HIGH
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.
CVE-2023-5113 1 Hp 1133 Color Laserjet Enterprise 5700 49k98a, Color Laserjet Enterprise 5700 6qn28a, Color Laserjet Enterprise 6700 49l00a and 1130 more 2023-12-10 N/A 6.1 MEDIUM
Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI.
CVE-2023-35981 2 Arubanetworks, Hp 2 Arubaos, Instantos 2023-12-10 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2023-26301 1 Hp 38 Color Laserjet Pro 4201-4203 4ra87f, Color Laserjet Pro 4201-4203 4ra87f Firmware, Color Laserjet Pro 4201-4203 4ra88f and 35 more 2023-12-10 N/A 9.8 CRITICAL
Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints.
CVE-2023-30908 1 Hp 1 Oneview 2023-12-10 N/A 9.8 CRITICAL
A remote authentication bypass issue exists in a OneView API.
CVE-2023-38741 4 Hp, Ibm, Linux and 1 more 5 Hp-ux, Aix, Txseries For Multiplatform and 2 more 2023-12-10 N/A 7.5 HIGH
IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 262905.
CVE-2023-26297 1 Hp 1 Hp Device Manager 2023-12-10 N/A 8.8 HIGH
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
CVE-2023-22780 1 Hp 2 Arubaos, Instantos 2023-12-10 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.