Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of...
5.5CVSS
5.8AI Score
0.0004EPSS
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of...
5.5CVSS
5.8AI Score
0.0004EPSS
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of...
5.5CVSS
5.8AI Score
0.0004EPSS
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of...
5.5CVSS
5.8AI Score
0.0004EPSS
Multiple buffer overflow security vulnerabilities have been identified in HPE iLO Amplifier Pack version(s): Prior to 2.12. These vulnerabilities could be exploited by a highly privileged user to remotely execute code that could lead to a loss of confidentiality, integrity, and availability. HPE...
7.2CVSS
7.4AI Score
0.001EPSS
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code...
8.8CVSS
9.3AI Score
0.0004EPSS
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...
7.8CVSS
7.8AI Score
0.001EPSS
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...
5.5CVSS
5.7AI Score
0.001EPSS
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...
7.8CVSS
7.8AI Score
0.001EPSS
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...
7.8CVSS
7.8AI Score
0.001EPSS
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code...
8.8CVSS
9.3AI Score
0.0004EPSS
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code...
8.8CVSS
9.3AI Score
0.0004EPSS
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...
7.8CVSS
7.8AI Score
0.001EPSS
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code...
8.8CVSS
9.3AI Score
0.0004EPSS
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant...
7.8CVSS
7.8AI Score
0.001EPSS
Potential arbitrary file deletion vulnerability has been identified in HP Support Assistant...
5.5CVSS
5.5AI Score
0.0004EPSS
Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job...
7.5CVSS
7.6AI Score
0.002EPSS
IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID:...
5.5CVSS
5.6AI Score
0.0004EPSS
A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). An authenticated SSMC administrator could exploit the vulnerability to inject code and elevate their privilege in SSMC. The scope of this vulnerability is limited to SSMC. Note: The arrays being managed are...
7.2CVSS
6.9AI Score
0.001EPSS
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to an information disclosure as a result of a connected user having indirect read access to a table where they are not authorized to select from. IBM X-Force ID:...
6.5CVSS
6.5AI Score
0.001EPSS
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user with DBADM authority to access other databases and read or modify files. IBM X-Force ID:...
8.7CVSS
8AI Score
0.001EPSS
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive...
7.5CVSS
7.7AI Score
0.001EPSS
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID:...
5.5CVSS
6.5AI Score
0.0004EPSS
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources. IBM X-Force ID:...
7.5CVSS
7.3AI Score
0.001EPSS
IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID:...
5.5CVSS
5AI Score
0.0004EPSS
A potential security vulnerability has been identified for certain HP printers and MFPs that would allow redirection page Cross-Site Scripting in a client’s browser by clicking on a third-party malicious...
6.1CVSS
6.1AI Score
0.001EPSS
A potential security vulnerability has been identified for certain HP printers and MFPs with Troy solutions. For affected printers with FutureSmart Firmware bundle version 4.9 or 4.9.0.1 the potential vulnerability may cause instability in the...
7.8CVSS
7.6AI Score
0.0004EPSS
A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain...
9.1CVSS
8.8AI Score
0.003EPSS
A potential security vulnerability has been identified for HP LaserJet Solution Software (for certain HP LaserJet Printers) which may lead to unauthorized elevation of privilege on the...
7.8CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.5AI Score
0.0004EPSS
HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code...
7.8CVSS
7.7AI Score
0.0004EPSS
Certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, HP PageWide Managed products may be vulnerable to potential buffer...
9.8CVSS
9.5AI Score
0.002EPSS
Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers may be vulnerable to potential information...
4.6CVSS
5.4AI Score
0.001EPSS
A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to confidentiality,...
9.8CVSS
9.6AI Score
0.013EPSS
HP Print and Scan Doctor, an application within the HP Smart App for Windows, is potentially vulnerable to local elevation of...
7.8CVSS
7.5AI Score
0.0004EPSS
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset the...
9.8CVSS
9.6AI Score
0.002EPSS
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the...
7.5CVSS
7.8AI Score
0.001EPSS
Certain HP Enterprise LaserJet and PageWide MFPs may be vulnerable to stored cross site scripting...
5.4CVSS
5.2AI Score
0.001EPSS
A potential security vulnerability has been identified for the HP OfficeJet 7110 Wide Format ePrinter that enables Cross-Site Scripting...
4.8CVSS
5.1AI Score
0.001EPSS
A potential security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to disclose sensitive information. HPE has made software updates available to resolve the.....
7.5CVSS
7.3AI Score
0.003EPSS
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to gain elevated privileges on the system. IBM X-Force ID:...
8.8CVSS
8.5AI Score
0.003EPSS
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and 6.1.0.0 through 6.1.0.2 vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...
5.4CVSS
5.2AI Score
0.002EPSS
IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and...
5.4CVSS
5.4AI Score
0.001EPSS
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL function to obtain sensitive information when AUTO_REVAL is set to DEFFERED_FORCE. IBM X-Force ID:...
6.5CVSS
6.8AI Score
0.001EPSS
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of srevice IBM X-Force ID:...
6.5CVSS
6.5AI Score
0.001EPSS
Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID:...
7.5CVSS
7.2AI Score
0.002EPSS
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI). IBM X-Force ID:...
8.8CVSS
8.5AI Score
0.001EPSS
A security vulnerability in HPE OneView for VMware vCenter (OV4VC) could be exploited remotely to allow Cross-Site Scripting. HPE has released the following software update to resolve the vulnerability in HPE OneView for VMware vCenter...
6.1CVSS
6.3AI Score
0.001EPSS
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity...
4.8CVSS
5.3AI Score
0.001EPSS
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity...
4.8CVSS
5.3AI Score
0.001EPSS