Lucene search

K

HP Security Vulnerabilities

cve
cve

CVE-2022-23955

Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of...

5.5CVSS

5.8AI Score

0.0004EPSS

2022-03-02 10:15 PM
82
2
cve
cve

CVE-2022-23958

Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of...

5.5CVSS

5.8AI Score

0.0004EPSS

2022-03-02 10:15 PM
64
cve
cve

CVE-2022-23956

Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of...

5.5CVSS

5.8AI Score

0.0004EPSS

2022-03-02 09:15 PM
83
cve
cve

CVE-2022-23953

Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of...

5.5CVSS

5.8AI Score

0.0004EPSS

2022-03-02 09:15 PM
58
cve
cve

CVE-2021-29220

Multiple buffer overflow security vulnerabilities have been identified in HPE iLO Amplifier Pack version(s): Prior to 2.12. These vulnerabilities could be exploited by a highly privileged user to remotely execute code that could lead to a loss of confidentiality, integrity, and availability. HPE...

7.2CVSS

7.4AI Score

0.001EPSS

2022-02-24 10:15 PM
65
cve
cve

CVE-2021-39301

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code...

8.8CVSS

9.3AI Score

0.0004EPSS

2022-02-16 05:15 PM
78
cve
cve

CVE-2020-6922

Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...

7.8CVSS

7.8AI Score

0.001EPSS

2022-02-16 05:15 PM
35
2
cve
cve

CVE-2020-6920

Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...

5.5CVSS

5.7AI Score

0.001EPSS

2022-02-16 05:15 PM
37
2
cve
cve

CVE-2020-6919

Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...

7.8CVSS

7.8AI Score

0.001EPSS

2022-02-16 05:15 PM
37
2
cve
cve

CVE-2020-6921

Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...

7.8CVSS

7.8AI Score

0.001EPSS

2022-02-16 05:15 PM
35
2
cve
cve

CVE-2021-39300

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code...

8.8CVSS

9.3AI Score

0.0004EPSS

2022-02-16 05:15 PM
76
cve
cve

CVE-2021-39299

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code...

8.8CVSS

9.3AI Score

0.0004EPSS

2022-02-16 05:15 PM
67
2
cve
cve

CVE-2020-6918

Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...

7.8CVSS

7.8AI Score

0.001EPSS

2022-02-16 05:15 PM
35
2
cve
cve

CVE-2021-39297

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code...

8.8CVSS

9.3AI Score

0.0004EPSS

2022-02-16 05:15 PM
69
cve
cve

CVE-2020-6917

Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...

7.8CVSS

7.8AI Score

0.001EPSS

2022-02-16 05:15 PM
36
2
cve
cve

CVE-2022-23456

Potential arbitrary file deletion vulnerability has been identified in HP Support Assistant...

5.5CVSS

5.5AI Score

0.0004EPSS

2022-01-28 08:15 PM
62
cve
cve

CVE-2021-3965

Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job...

7.5CVSS

7.6AI Score

0.002EPSS

2022-01-14 08:15 PM
20
cve
cve

CVE-2021-39048

IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID:...

5.5CVSS

5.6AI Score

0.0004EPSS

2021-12-13 07:15 PM
21
cve
cve

CVE-2021-29214

A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). An authenticated SSMC administrator could exploit the vulnerability to inject code and elevate their privilege in SSMC. The scope of this vulnerability is limited to SSMC. Note: The arrays being managed are...

7.2CVSS

6.9AI Score

0.001EPSS

2021-12-10 05:15 PM
15
2
cve
cve

CVE-2021-38931

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to an information disclosure as a result of a connected user having indirect read access to a table where they are not authorized to select from. IBM X-Force ID:...

6.5CVSS

6.5AI Score

0.001EPSS

2021-12-09 05:15 PM
46
4
cve
cve

CVE-2021-29678

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user with DBADM authority to access other databases and read or modify files. IBM X-Force ID:...

8.7CVSS

8AI Score

0.001EPSS

2021-12-09 05:15 PM
52
cve
cve

CVE-2021-39002

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive...

7.5CVSS

7.7AI Score

0.001EPSS

2021-12-09 05:15 PM
46
cve
cve

CVE-2021-38926

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID:...

5.5CVSS

6.5AI Score

0.0004EPSS

2021-12-09 05:15 PM
44
cve
cve

CVE-2021-38951

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources. IBM X-Force ID:...

7.5CVSS

7.3AI Score

0.001EPSS

2021-12-09 05:15 PM
67
2
cve
cve

CVE-2021-38949

IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID:...

5.5CVSS

5AI Score

0.0004EPSS

2021-11-16 05:15 PM
20
cve
cve

CVE-2019-18914

A potential security vulnerability has been identified for certain HP printers and MFPs that would allow redirection page Cross-Site Scripting in a client’s browser by clicking on a third-party malicious...

6.1CVSS

6.1AI Score

0.001EPSS

2021-11-09 03:15 PM
19
cve
cve

CVE-2019-18912

A potential security vulnerability has been identified for certain HP printers and MFPs with Troy solutions. For affected printers with FutureSmart Firmware bundle version 4.9 or 4.9.0.1 the potential vulnerability may cause instability in the...

7.8CVSS

7.6AI Score

0.0004EPSS

2021-11-09 03:15 PM
17
cve
cve

CVE-2019-16240

A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain...

9.1CVSS

8.8AI Score

0.003EPSS

2021-11-09 03:15 PM
20
cve
cve

CVE-2019-18916

A potential security vulnerability has been identified for HP LaserJet Solution Software (for certain HP LaserJet Printers) which may lead to unauthorized elevation of privilege on the...

7.8CVSS

7.6AI Score

0.0004EPSS

2021-11-09 02:15 PM
20
cve
cve

CVE-2020-6931

HP Print and Scan Doctor may potentially be vulnerable to local elevation of...

7.8CVSS

7.5AI Score

0.0004EPSS

2021-11-03 08:15 PM
14
cve
cve

CVE-2020-28416

HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code...

7.8CVSS

7.7AI Score

0.0004EPSS

2021-11-03 08:15 PM
21
cve
cve

CVE-2021-39238

Certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, HP PageWide Managed products may be vulnerable to potential buffer...

9.8CVSS

9.5AI Score

0.002EPSS

2021-11-03 01:15 AM
30
7
cve
cve

CVE-2021-39237

Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers may be vulnerable to potential information...

4.6CVSS

5.4AI Score

0.001EPSS

2021-11-03 01:15 AM
27
6
cve
cve

CVE-2021-29212

A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to confidentiality,...

9.8CVSS

9.6AI Score

0.013EPSS

2021-11-01 02:15 PM
23
2
cve
cve

CVE-2021-3440

HP Print and Scan Doctor, an application within the HP Smart App for Windows, is potentially vulnerable to local elevation of...

7.8CVSS

7.5AI Score

0.0004EPSS

2021-11-01 02:15 PM
17
cve
cve

CVE-2021-3705

Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset the...

9.8CVSS

9.6AI Score

0.002EPSS

2021-11-01 02:15 PM
23
cve
cve

CVE-2021-3704

Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the...

7.5CVSS

7.8AI Score

0.001EPSS

2021-11-01 02:15 PM
22
cve
cve

CVE-2021-3662

Certain HP Enterprise LaserJet and PageWide MFPs may be vulnerable to stored cross site scripting...

5.4CVSS

5.2AI Score

0.001EPSS

2021-10-29 12:15 PM
22
cve
cve

CVE-2021-3441

A potential security vulnerability has been identified for the HP OfficeJet 7110 Wide Format ePrinter that enables Cross-Site Scripting...

4.8CVSS

5.1AI Score

0.001EPSS

2021-10-29 12:15 PM
41
cve
cve

CVE-2021-26586

A potential security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to disclose sensitive information. HPE has made software updates available to resolve the.....

7.5CVSS

7.3AI Score

0.003EPSS

2021-08-05 09:15 PM
43
cve
cve

CVE-2021-29736

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to gain elevated privileges on the system. IBM X-Force ID:...

8.8CVSS

8.5AI Score

0.003EPSS

2021-07-30 12:15 PM
44
12
cve
cve

CVE-2021-20562

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and 6.1.0.0 through 6.1.0.2 vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

5.4CVSS

5.2AI Score

0.002EPSS

2021-07-27 12:15 PM
45
5
cve
cve

CVE-2021-20560

IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and...

5.4CVSS

5.4AI Score

0.001EPSS

2021-07-26 12:15 PM
15
cve
cve

CVE-2021-20579

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL function to obtain sensitive information when AUTO_REVAL is set to DEFFERED_FORCE. IBM X-Force ID:...

6.5CVSS

6.8AI Score

0.001EPSS

2021-06-24 07:15 PM
58
7
cve
cve

CVE-2021-29777

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of srevice IBM X-Force ID:...

6.5CVSS

6.5AI Score

0.001EPSS

2021-06-24 07:15 PM
59
4
cve
cve

CVE-2021-29703

Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID:...

7.5CVSS

7.2AI Score

0.002EPSS

2021-06-24 07:15 PM
57
9
cve
cve

CVE-2021-29754

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI). IBM X-Force ID:...

8.8CVSS

8.5AI Score

0.001EPSS

2021-06-11 03:15 PM
31
5
cve
cve

CVE-2021-26584

A security vulnerability in HPE OneView for VMware vCenter (OV4VC) could be exploited remotely to allow Cross-Site Scripting. HPE has released the following software update to resolve the vulnerability in HPE OneView for VMware vCenter...

6.1CVSS

6.3AI Score

0.001EPSS

2021-06-03 11:15 AM
20
2
cve
cve

CVE-2021-29210

A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity...

4.8CVSS

5.3AI Score

0.001EPSS

2021-05-25 03:15 PM
26
2
cve
cve

CVE-2021-29208

A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity...

4.8CVSS

5.3AI Score

0.001EPSS

2021-05-25 03:15 PM
22
2
Total number of security vulnerabilities2364