Filtered by vendor Hp
Subscribe
Total
2441 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-48311 | 1 Hp | 2 Deskjet 2540 A9u23b, Deskjet 2540 A9u23b Firmware | 2025-03-26 | N/A | 9.0 CRITICAL |
| **UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2022-43779 | 1 Hp | 50 218 Pro G5 Mt, 218 Pro G5 Mt Firmware, 260 G2 Desktop Mini and 47 more | 2025-03-25 | N/A | 7.0 HIGH |
| A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability. | |||||
| CVE-2024-42398 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2025-03-24 | N/A | 5.3 MEDIUM |
| Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point. | |||||
| CVE-2024-42397 | 1 Hp | 1 Instantos | 2025-03-19 | N/A | 5.3 MEDIUM |
| Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point. | |||||
| CVE-2024-41913 | 1 Hp | 2 Poly Clariti Manager, Poly Clariti Manager Firmware | 2025-03-19 | N/A | 8.8 HIGH |
| A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly sanitize User input. | |||||
| CVE-2024-42508 | 1 Hp | 1 Oneview | 2025-03-17 | N/A | 5.5 MEDIUM |
| This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users. | |||||
| CVE-2024-41910 | 1 Hp | 2 Poly Clariti Manager, Poly Clariti Manager Firmware | 2025-03-14 | N/A | 6.1 MEDIUM |
| A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XSS vulnerabilities in the version of JavaScript used. | |||||
| CVE-2024-41912 | 1 Hp | 2 Poly Clariti Manager, Poly Clariti Manager Firmware | 2025-03-13 | N/A | 9.8 CRITICAL |
| A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly implement access controls. | |||||
| CVE-2024-42399 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2025-03-13 | N/A | 5.3 MEDIUM |
| Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point. | |||||
| CVE-2022-37935 | 1 Hp | 1 Oneview For Vmware Vcenter | 2025-03-12 | N/A | 5.5 MEDIUM |
| HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password. | |||||
| CVE-2023-30449 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2025-02-13 | N/A | 7.5 HIGH |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 253439. | |||||
| CVE-2023-30448 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2025-02-13 | N/A | 5.9 MEDIUM |
| IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253437. | |||||
| CVE-2023-30445 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2025-02-13 | N/A | 7.5 HIGH |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253357. | |||||
| CVE-2023-28091 | 1 Hp | 1 Oneview | 2025-02-06 | N/A | 5.5 MEDIUM |
| HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump | |||||
| CVE-2023-28087 | 1 Hp | 1 Oneview | 2025-02-03 | N/A | 5.5 MEDIUM |
| An HPE OneView appliance dump may expose OneView user accounts | |||||
| CVE-2023-28086 | 1 Hp | 1 Oneview | 2025-02-03 | N/A | 5.5 MEDIUM |
| An HPE OneView appliance dump may expose proxy credential settings | |||||
| CVE-2023-28090 | 1 Hp | 1 Oneview | 2025-02-03 | N/A | 5.5 MEDIUM |
| An HPE OneView appliance dump may expose SNMPv3 read credentials | |||||
| CVE-2023-28089 | 1 Hp | 1 Oneview | 2025-02-03 | N/A | 7.1 HIGH |
| An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules | |||||
| CVE-2023-28088 | 1 Hp | 1 Oneview | 2025-02-03 | N/A | 7.8 HIGH |
| An HPE OneView appliance dump may expose SAN switch administrative credentials | |||||
| CVE-2023-28084 | 2 Hp, Hpe | 2 Oneview, Oneview Global Dashboard | 2025-02-03 | N/A | 5.5 MEDIUM |
| HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens | |||||