45 matches found
EUVD-2026-41895
A missing authorization vulnerability exists in the embedded webserver of HP Deskjet 2800 Series Printers running firmware version =TBP1CN2612AR. An unauthenticated attacker with network access can send GET requests to multiple exposed administrative API endpoints and retrieve sensitive...
CVE-2026-13753
A missing authorization vulnerability exists in the embedded webserver of HP Deskjet 2800 Series Printers running firmware version =TBP1CN2612AR. An unauthenticated attacker with network access can send GET requests to multiple exposed administrative API endpoints and retrieve sensitive...
CVE-2026-13753
HP Deskjet 2800 Series printers (firmware
CVE-2026-13753 CVE-2026-13753
A missing authorization vulnerability exists in the embedded webserver of HP Deskjet 2800 Series Printers running firmware version =TBP1CN2612AR. An unauthenticated attacker with network access can send GET requests to multiple exposed administrative API endpoints and retrieve sensitive...
CVE-2026-4682
Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices WSD scan requests are improperly validated and handled by the MFP. WSD Scan is a Microsoft Windows–based network scanning protocol that allo...
CVE-2026-4682
HP DeskJet All-in-One devices may be vulnerable to remote code execution due to a buffer overflow in processing specially crafted Web Services for Devices (WSD) scan requests. Affected component is the WSD handling in HP MFPs. Root cause: improper validation/handling of WSD scan requests leading ...
CVE-2026-4682
Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices WSD scan requests are improperly validated and handled by the MFP. WSD Scan is a Microsoft Windows–based network scanning protocol that allo...
Certain HP DeskJet All In One (AIO) Devices – Potential Remote Code Execution & Potential Buffer Overflow
Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices WSD scan requests are improperly validated and handled by the MFP. As a temporary mitigation measure for the buffer overflow vulnerability,...
HP DeskJet All in One 安全漏洞
The HP DeskJet All in One is a multi-functional inkjet printing device from the American company HP. The HP DeskJet All in One has a security vulnerability, which stems from improper handling of specially crafted WSD scan request verifications. This vulnerability may lead to buffer overflows and...
EUVD-2009-1331
Malware in sbrugna...
EUVD-2019-15885
Malware in sbrugna...
EUVD-2019-15884
Malware in sbrugna...
EUVD-2022-51011
Malicious code in bioql PyPI...
CVE-2019-6320
Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A firmware version SWP1FN1912BR or higher have a Cross-Site Request Forgery CSRF vulnerability that could lead to a denial of service DOS or device misconfiguration...
CVE-2019-6319
HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A firmware version SWP1FN1912BR or higher have a Cross-Site Request Forgery CSRF vulnerability that could lead to a denial of service DOS or device misconfiguration...
HP Printer Firmware Update Utility for Certain HP DeskJet Printers - Potential Execution of Arbitrary Code
A user with administrative privileges can create a compromised dll file of the same name as the original dll within the HP printer’s Firmware Update Utility FUU bundle and place it in the Microsoft Windows default downloads directory which can lead to potential arbitrary code execution. Update yo...
CVE-2022-48311
UNSUPPORTED WHEN ASSIGNED Cross Site Scripting XSS in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products tha...
CVE-2022-48311
UNSUPPORTED WHEN ASSIGNED Cross Site Scripting XSS in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products tha...
Cross site scripting
UNSUPPORTED WHEN ASSIGNED Cross Site Scripting XSS in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products tha...
CVE-2022-48311
UNSUPPORTED WHEN ASSIGNED Cross Site Scripting XSS in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products tha...