Filtered by vendor Hp
Subscribe
Total
2415 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0468 | 1 Hp | 1 Hp-ux | 2023-11-07 | 4.6 MEDIUM | N/A |
| man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. | |||||
| CVE-2000-0159 | 1 Hp | 1 Hp-ux | 2023-11-07 | 7.5 HIGH | N/A |
| HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. | |||||
| CVE-2023-26300 | 1 Hp | 178 200 G4 22 All-in-one Pc \(rom Family Ssid 86f0\), 200 G4 22 All-in-one Pc \(rom Family Ssid 86f0\) Firmware, 200 G4 22 All-in-one Pc \(rom Family Ssid 86f2\) and 175 more | 2023-10-31 | N/A | 7.8 HIGH |
| A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potential vulnerability. | |||||
| CVE-2023-5449 | 1 Hp | 58 E22 G4 Fhd, E22 G4 Fhd Firmware, E23 G4 Fhd and 55 more | 2023-10-20 | N/A | 3.3 LOW |
| A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor’s Theft Deterrence to be deactivated. | |||||
| CVE-2023-5409 | 1 Hp | 4 T430 Thin Client, T430 Thin Client Firmware, T638 Thin Client and 1 more | 2023-10-20 | N/A | 6.8 MEDIUM |
| HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability. | |||||
| CVE-2023-4499 | 1 Hp | 20 Elite Mt645, Mt21, Mt22 and 17 more | 2023-10-19 | N/A | 7.5 HIGH |
| A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability. | |||||
| CVE-2023-5365 | 1 Hp | 1 Life | 2023-10-13 | N/A | 9.8 CRITICAL |
| HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or information disclosure. | |||||
| CVE-2023-5113 | 1 Hp | 1133 Color Laserjet Enterprise 5700 49k98a, Color Laserjet Enterprise 5700 6qn28a, Color Laserjet Enterprise 6700 49l00a and 1130 more | 2023-10-11 | N/A | 6.1 MEDIUM |
| Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. | |||||
| CVE-2020-28419 | 1 Hp | 1503 Laserjet Managed Mfp E62665 3gy14a, Laserjet Managed Mfp E62665 3gy15a, Laserjet Managed Mfp E62665 3gy16a and 1500 more | 2023-09-28 | 6.8 MEDIUM | 8.8 HIGH |
| During installation with certain driver software or application packages an arbitrary code execution could occur. | |||||
| CVE-2014-2648 | 2 Hp, Opengroup | 2 Operations Manager, Unix | 2023-09-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on UNIX allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2023-1995 | 6 Hitachi, Hp, Ibm and 3 more | 8 Hirdb Server, Hirdb Server With Additional Function, Hirdb Structured Data Access Facility and 5 more | 2023-09-27 | N/A | 7.5 HIGH |
| Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, before 09-66-17, before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W , before 09-66-/Q ; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02. | |||||
| CVE-2022-35637 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2023-09-21 | N/A | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service after entering a malformed SQL statement into the Db2expln tool. IBM X-Force ID: 230823. | |||||
| CVE-2022-22483 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2023-09-21 | N/A | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979. | |||||
| CVE-2023-30909 | 1 Hp | 1 Oneview | 2023-09-19 | N/A | 9.8 CRITICAL |
| A remote authentication bypass issue exists in some OneView APIs. | |||||
| CVE-2023-30908 | 1 Hp | 1 Oneview | 2023-09-13 | N/A | 9.8 CRITICAL |
| A remote authentication bypass issue exists in a OneView API. | |||||
| CVE-2015-2202 | 2 Arubanetworks, Hp | 2 Airwave, Airwave | 2023-09-08 | N/A | 7.2 HIGH |
| Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS. | |||||
| CVE-2015-2201 | 2 Arubanetworks, Hp | 2 Airwave, Airwave | 2023-09-08 | N/A | 7.2 HIGH |
| Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users. | |||||
| CVE-2015-1390 | 1 Hp | 1 Airwave | 2023-09-08 | N/A | 6.1 MEDIUM |
| Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator. | |||||
| CVE-2015-1391 | 1 Hp | 1 Airwave | 2023-09-08 | N/A | 8.8 HIGH |
| Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism. | |||||
| CVE-2023-33850 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Aix, Cics Tx and 3 more | 2023-08-28 | N/A | 7.5 HIGH |
| IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 257132. | |||||