15574 matches found
CVE-2026-4682
Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices WSD scan requests are improperly validated and handled by the MFP. WSD Scan is a Microsoft Windows–based network scanning protocol that allo...
CVE-2026-4667 HP System Optimizer - Escalation of Privilege
HP System Optimizer might potentially be vulnerable to escalation of privilege. HP is releasing an update to mitigate this potential vulnerability...
PT-2026-33074
CVE-2026-4667 HP System Optimizer might potentially be vulnerable to escalation of privilege. HP is releasing an update to mitigate this potential vulnerability. https://t.co/9Kio2KYPAa...
HP System Optimizer 安全漏洞
HP System Optimizer is a system optimization tool software developed by the American company HP. HP System Optimizer has a security vulnerability, which stems from improper permission verification, potentially leading to an increase in permissions...
HP DeskJet All in One 安全漏洞
The HP DeskJet All in One is a multi-functional inkjet printing device from the American company HP. The HP DeskJet All in One has a security vulnerability, which stems from improper handling of specially crafted WSD scan request verifications. This vulnerability may lead to buffer overflows and...
Certain HP DeskJet All In One (AIO) Devices – Potential Remote Code Execution & Potential Buffer Overflow
Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices WSD scan requests are improperly validated and handled by the MFP. As a temporary mitigation measure for the buffer overflow vulnerability,...
HP System Optimizer - Escalation of Privilege
HP System Optimizer might potentially be vulnerable to escalation of privilege. HP is releasing an update to mitigate this potential vulnerability. HP has identified affected versions and the minimum version 1101.2603 that mitigates the potential vulnerability...
Insyde BIOS SMM Memory Corruption Security Update
A potential security vulnerability has been identified in certain HP PC products using Insyde BIOS InsydeH20 UEFI Firmware, which might allow arbitrary code execution. Insyde has released mitigation for the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs...
CVE-2026-1902
The Hammas Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'apix' parameter in the 'hp-calendar-manage-redirect' shortcode in all versions up to, and including, 1.5.11 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-1902
The Hammas Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'apix' parameter in the 'hp-calendar-manage-redirect' shortcode in all versions up to, and including, 1.5.11 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-1902
The Hammas Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'apix' parameter in the 'hp-calendar-manage-redirect' shortcode in all versions up to, and including, 1.5.11 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-1902
CVE-2026-1902 : The Hammas Calendar plugin for WordPress is vulnerable to a stored cross-site scripting (XSS) flaw via the apix parameter in the short-code hp-calendar-manage-redirect for all versions up to and including 1.5.11 . Exploitation requires an authenticated user with Contributor+ privi...
PT-2026-23812
The Hammas Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'apix' parameter in the 'hp-calendar-manage-redirect' shortcode in all versions up to, and including, 1.5.11 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2915
HP System Event Utility might allow denial of service with elevated arbitrary file writes. This potential vulnerability was remediated with HP System Event Utility version 3.2.16...
CVE-2026-2915 HP System Event Utility – Denial of Service
HP System Event Utility might allow denial of service with elevated arbitrary file writes. This potential vulnerability was remediated with HP System Event Utility version 3.2.16...
HP Poly Edge E Series 安全漏洞
The HP Poly Edge E Series is a series of IP desktop phones produced by the American company HP. The HP Poly Edge E Series contains security vulnerabilities. These vulnerabilities stem from the inclusion of test keys and certificates within the devices, which may allow attackers to extract these...
Certain HP LaserJet Enterprise and HP LaserJet Managed Printers – Potential Denial of Service & Potential Buffer Overflow
Certain HP LaserJet Enterprise and HP LaserJet Managed Printers may experience a potential buffer overflow and potential denial of service when utilizing the open-source libexpat XML parsing library within their firmware stacks. Update your printer firmware...
SUSE CVE-2026-23131
In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names The hp-bioscfg driver attempts to register kobjects with empty names when the HP BIOS returns attributes with empty name strings. This causes multiple kerne...
HPESBHF04864 rev.1 - Certain HPE SimpiVity Servers Using Certain Intel Processors, INTEL-SA-01244, 2025.2 IPU, Intel Processor Advisory, Local Denial of Service Vulnerability
Potential Security Impact: Local: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 380 Gen11 - Prior to SimpliVity Support Pack SVTSP Gen11 v20251001 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2025-20054 |...
Linux Distros Unpatched Vulnerability : CVE-2026-23131
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names The hp-bioscfg driver attempts to register kobjects with empty names when the HP BIOS...