Filtered by vendor Hp
Subscribe
Total
2517 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-43019 | 1 Hp | 1 Support Assistant | 2026-01-20 | N/A | 7.8 HIGH |
| A potential security vulnerability has been identified in the HP Support Assistant, which allows a local attacker to escalate privileges via an arbitrary file deletion. | |||||
| CVE-2025-10578 | 1 Hp | 1 Support Assistant | 2026-01-16 | N/A | 7.8 HIGH |
| A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.47.41.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write. | |||||
| CVE-2025-43491 | 2 Hp, Microsoft | 2 Poly Lens Desktop, Windows | 2026-01-16 | N/A | 9.8 CRITICAL |
| A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow modifications to the filesystem, which might lead to SYSTEM level privileges being granted. | |||||
| CVE-2025-2268 | 1 Hp | 108 1y7d4a, 1y7d4a Firmware, 2a129a and 105 more | 2026-01-16 | N/A | 7.5 HIGH |
| The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP). | |||||
| CVE-2025-43023 | 1 Hp | 1 Linux Imaging And Printing | 2026-01-16 | N/A | 9.1 CRITICAL |
| A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm (DSA). | |||||
| CVE-2025-26507 | 1 Hp | 403 115p9aw, 115q0aw, 17f27aw and 400 more | 2026-01-15 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | |||||
| CVE-2025-26506 | 1 Hp | 190 499m6a, 499m6a Firmware, 499m7a and 187 more | 2026-01-15 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | |||||
| CVE-2025-26508 | 1 Hp | 593 115p9aw, 115q0aw, 17f27aw and 590 more | 2026-01-15 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | |||||
| CVE-2024-1869 | 1 Hp | 4 Cq891c, Cq891c Firmware, Cq893c and 1 more | 2026-01-15 | N/A | 7.5 HIGH |
| Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220. | |||||
| CVE-2024-28893 | 1 Hp | 1 Softpaqs | 2026-01-14 | N/A | 7.7 HIGH |
| Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages (SoftPaqs). | |||||
| CVE-2022-37019 | 1 Hp | 52 Elite Slice, Elite Slice Firmware, Elite Slice For Meeting Rooms and 49 more | 2026-01-14 | N/A | 6.8 MEDIUM |
| Potential vulnerabilities have been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities. | |||||
| CVE-2025-43026 | 1 Hp | 1 Support Assistant | 2026-01-13 | N/A | 7.8 HIGH |
| A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write. | |||||
| CVE-2022-48220 | 1 Hp | 54 Elite Mini 600 G9, Elite Mini 600 G9 Firmware, Elite Mini 800 G9 and 51 more | 2026-01-09 | N/A | 6.4 MEDIUM |
| Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities. | |||||
| CVE-2022-48219 | 1 Hp | 54 Elite Mini 600 G9, Elite Mini 600 G9 Firmware, Elite Mini 800 G9 and 51 more | 2026-01-09 | N/A | 6.4 MEDIUM |
| Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities. | |||||
| CVE-2023-6138 | 1 Hp | 6 Z440 Workstation, Z440 Workstation Firmware, Z640 Workstation and 3 more | 2025-12-22 | N/A | 7.9 HIGH |
| A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential vulnerability. | |||||
| CVE-2025-14432 | 1 Hp | 18 Poly Eagleeye Cube, Poly Eagleeye Iv, Poly Studio A2 and 15 more | 2025-12-18 | N/A | 4.9 MEDIUM |
| In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center (TAC) to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration changes made using the provisioning server or the device WebUI. | |||||
| CVE-2025-13492 | 1 Hp | 1 Image Assistant | 2025-12-05 | N/A | 7.0 HIGH |
| A potential security vulnerability has been identified in HP Image Assistant for versions prior to 5.3.3. The vulnerability could potentially allow a local attacker to escalate privileges via a race condition when installing packages. | |||||
| CVE-2023-33850 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Aix, Cics Tx and 3 more | 2025-11-03 | N/A | 7.5 HIGH |
| IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. | |||||
| CVE-2020-10136 | 4 Cisco, Digi, Hp and 1 more | 63 Nexus 1000v, Nexus 1000ve, Nexus 3016 and 60 more | 2025-11-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing. | |||||
| CVE-2025-43489 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 5.2 MEDIUM |
| A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could deserialize untrusted data without validation. HP has addressed the issue in the latest software update. | |||||