Filtered by vendor Hp
Subscribe
Total
2415 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-28086 | 1 Hp | 1 Oneview | 2023-12-10 | N/A | 5.5 MEDIUM |
An HPE OneView appliance dump may expose proxy credential settings | |||||
CVE-2022-31645 | 1 Hp | 654 Dragonfly Folio G3 2-in-1, Dragonfly Folio G3 2-in-1 Firmware, Elite Dragonfly and 651 more | 2023-12-10 | N/A | 7.8 HIGH |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | |||||
CVE-2019-16283 | 2 Hp, Microsoft | 2 Softpaq Installer, Windows | 2023-12-10 | N/A | 7.8 HIGH |
A potential security vulnerability has been identified with a version of the HP Softpaq installer that can lead to arbitrary code execution. | |||||
CVE-2023-32673 | 1 Hp | 4 Image Assistant, Pc Hardware Diagnostics, Thunderbolt Dock G2 and 1 more | 2023-12-10 | N/A | 9.8 CRITICAL |
Certain versions of HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware are potentially vulnerable to elevation of privilege. | |||||
CVE-2023-28950 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2023-12-10 | N/A | 5.5 MEDIUM |
IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358. | |||||
CVE-2023-35176 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2023-12-10 | N/A | 8.8 HIGH |
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device. | |||||
CVE-2023-28083 | 2 Hp, Hpe | 162 Integrated Lights-out 4, Integrated Lights-out 5, Integrated Lights-out 6 and 159 more | 2023-12-10 | N/A | 5.4 MEDIUM |
A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out. | |||||
CVE-2023-28090 | 1 Hp | 1 Oneview | 2023-12-10 | N/A | 5.5 MEDIUM |
An HPE OneView appliance dump may expose SNMPv3 read credentials | |||||
CVE-2023-28088 | 1 Hp | 1 Oneview | 2023-12-10 | N/A | 7.8 HIGH |
An HPE OneView appliance dump may expose SAN switch administrative credentials | |||||
CVE-2023-28084 | 2 Hp, Hpe | 2 Oneview, Oneview Global Dashboard | 2023-12-10 | N/A | 5.5 MEDIUM |
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens | |||||
CVE-2023-35178 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2023-12-10 | N/A | 8.8 HIGH |
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs. | |||||
CVE-2022-31636 | 1 Hp | 806 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 803 more | 2023-12-10 | N/A | 7.8 HIGH |
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | |||||
CVE-2023-30448 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2023-12-10 | N/A | 7.5 HIGH |
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253437. | |||||
CVE-2023-30903 | 1 Hp | 1 Hp-ux | 2023-12-10 | N/A | 5.5 MEDIUM |
HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6. | |||||
CVE-2023-22781 | 1 Hp | 2 Arubaos, Instantos | 2023-12-10 | N/A | 9.8 CRITICAL |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
CVE-2023-33849 | 3 Hp, Ibm, Linux | 5 Hp-ux, Aix, Cics Tx and 2 more | 2023-12-10 | N/A | 3.7 LOW |
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105. | |||||
CVE-2022-31641 | 1 Hp | 582 Elite Dragonfly, Elite Dragonfly Firmware, Elite Dragonfly G2 and 579 more | 2023-12-10 | N/A | 7.0 HIGH |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | |||||
CVE-2023-28089 | 1 Hp | 1 Oneview | 2023-12-10 | N/A | 7.1 HIGH |
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules | |||||
CVE-2023-27868 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2023-12-10 | N/A | 8.8 HIGH |
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked class instantiation when providing plugin classes. By sending a specially crafted request using the named pluginClassName class, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 249516. | |||||
CVE-2023-1329 | 1 Hp | 1914 Laserjet Managed Mfp E62665 3gy14a, Laserjet Managed Mfp E62665 3gy14a Firmware, Laserjet Managed Mfp E62665 3gy15a and 1911 more | 2023-12-10 | N/A | 9.8 CRITICAL |
A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products. |