Lucene search

K

HP Security Vulnerabilities

cve
cve

CVE-2022-28617

A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE...

9.8CVSS

9.3AI Score

0.004EPSS

2022-05-17 08:15 PM
50
4
cve
cve

CVE-2022-23699

A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE...

7.8CVSS

7.6AI Score

0.0004EPSS

2022-04-04 08:15 PM
65
cve
cve

CVE-2022-37935

HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and...

5.5CVSS

5.5AI Score

0.0004EPSS

2023-03-01 08:15 AM
37
cve
cve

CVE-2022-22473

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system. IBM X-Force ID:...

5.3CVSS

5.1AI Score

0.001EPSS

2022-07-14 05:15 PM
55
2
cve
cve

CVE-2021-20373

IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. IBM X-Force ID:...

7.5CVSS

7.4AI Score

0.001EPSS

2021-12-09 05:15 PM
46
cve
cve

CVE-2022-34165

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including...

5.4CVSS

5AI Score

0.001EPSS

2022-09-09 04:15 PM
99
7
cve
cve

CVE-2022-22310

IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID:...

6.5CVSS

6.4AI Score

0.001EPSS

2022-01-19 05:15 PM
45
cve
cve

CVE-2023-26301

Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain...

9.8CVSS

9.4AI Score

0.001EPSS

2023-07-21 05:15 PM
34
cve
cve

CVE-2023-27869

IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked logger injection. By sending a specially crafted request using the named traceFile property, an attacker could...

8.8CVSS

8.6AI Score

0.002EPSS

2023-07-10 04:15 PM
24
cve
cve

CVE-2023-27868

IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked class instantiation when providing plugin classes. By sending a specially crafted request using the named...

8.8CVSS

8.4AI Score

0.002EPSS

2023-07-10 04:15 PM
21
cve
cve

CVE-2023-27867

IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code via JNDI Injection. By sending a specially crafted request using the property clientRerouteServerListJNDIName, an attacker could exploit this...

8.8CVSS

8.4AI Score

0.002EPSS

2023-07-10 04:15 PM
24
cve
cve

CVE-2023-35980

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities.....

9.8CVSS

9.9AI Score

0.002EPSS

2023-07-25 07:15 PM
24
cve
cve

CVE-2023-35981

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities.....

9.8CVSS

9.9AI Score

0.002EPSS

2023-07-25 07:15 PM
22
cve
cve

CVE-2023-35982

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities.....

9.8CVSS

9.9AI Score

0.002EPSS

2023-07-25 07:15 PM
21
cve
cve

CVE-2023-30446

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253361...

7.5CVSS

7.1AI Score

0.001EPSS

2023-07-10 04:15 PM
23
cve
cve

CVE-2023-30448

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: ...

7.5CVSS

7.1AI Score

0.001EPSS

2023-07-10 04:15 PM
26
cve
cve

CVE-2023-30447

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: ...

7.5CVSS

7.1AI Score

0.001EPSS

2023-07-10 04:15 PM
22
cve
cve

CVE-2023-29256

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to an information disclosure due to improper privilege management when certain federation features are used. IBM X-Force ID: ...

6.5CVSS

6.1AI Score

0.001EPSS

2023-07-10 04:15 PM
22
cve
cve

CVE-2023-30442

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper using certain options. IBM X-Force ID: ...

7.5CVSS

7.1AI Score

0.001EPSS

2023-07-10 04:15 PM
108
cve
cve

CVE-2023-30449

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: ...

7.5CVSS

7.1AI Score

0.001EPSS

2023-07-10 04:15 PM
26
cve
cve

CVE-2023-30431

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow the buffer and execute arbitrary code. IBM X-Force ID: ...

8.4CVSS

7.7AI Score

0.0004EPSS

2023-07-10 04:15 PM
108
cve
cve

CVE-2023-30445

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: ...

7.5CVSS

7.1AI Score

0.001EPSS

2023-07-10 04:15 PM
29
cve
cve

CVE-2023-28513

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: ...

7.5CVSS

7.1AI Score

0.001EPSS

2023-07-19 02:15 AM
121
cve
cve

CVE-2019-18910

The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user...

6.8CVSS

6.6AI Score

0.002EPSS

2019-11-22 10:15 PM
131
cve
cve

CVE-2023-26299

A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential...

7CVSS

7.2AI Score

0.0004EPSS

2023-06-30 04:15 PM
13
cve
cve

CVE-2023-35176

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the...

8.8CVSS

8.6AI Score

0.006EPSS

2023-06-30 04:15 PM
45
cve
cve

CVE-2023-35178

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan...

8.8CVSS

8.7AI Score

0.004EPSS

2023-06-30 04:15 PM
15
cve
cve

CVE-2023-35175

Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing...

9.8CVSS

9.8AI Score

0.004EPSS

2023-06-30 04:15 PM
50
cve
cve

CVE-2023-35177

Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format...

8.8CVSS

8.8AI Score

0.004EPSS

2023-06-30 04:15 PM
13
cve
cve

CVE-2023-1329

A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected...

9.8CVSS

9.7AI Score

0.002EPSS

2023-06-14 09:15 PM
23
cve
cve

CVE-2022-31645

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...

7.8CVSS

8.1AI Score

0.0004EPSS

2023-06-14 06:15 PM
15
cve
cve

CVE-2022-31640

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...

7CVSS

7.5AI Score

0.0004EPSS

2023-06-14 05:15 PM
23
cve
cve

CVE-2022-31646

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...

7.8CVSS

8.1AI Score

0.0004EPSS

2023-06-14 06:15 PM
14
cve
cve

CVE-2022-31644

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...

7.8CVSS

8.1AI Score

0.0004EPSS

2023-06-14 06:15 PM
16
cve
cve

CVE-2022-31641

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...

7CVSS

7.5AI Score

0.0004EPSS

2023-06-14 05:15 PM
24
cve
cve

CVE-2022-31637

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...

7.8CVSS

8.1AI Score

0.0004EPSS

2023-06-13 05:15 PM
22
cve
cve

CVE-2022-31638

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...

7.8CVSS

8.1AI Score

0.0004EPSS

2023-06-13 05:15 PM
30
cve
cve

CVE-2022-31639

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...

7.8CVSS

8.1AI Score

0.0004EPSS

2023-06-13 05:15 PM
30
cve
cve

CVE-2022-31636

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...

7.8CVSS

8.1AI Score

0.0004EPSS

2023-06-13 05:15 PM
28
cve
cve

CVE-2022-31642

Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...

7CVSS

7.5AI Score

0.0004EPSS

2023-06-14 05:15 PM
25
cve
cve

CVE-2023-1707

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version...

7.5CVSS

7.2AI Score

0.001EPSS

2023-06-13 06:15 PM
23
cve
cve

CVE-2022-31635

Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...

7.8CVSS

8.1AI Score

0.0004EPSS

2023-06-13 05:15 PM
44
cve
cve

CVE-2022-43778

Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information...

7.8CVSS

7.9AI Score

0.0004EPSS

2023-06-12 08:15 PM
15
cve
cve

CVE-2022-43777

Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information...

7.8CVSS

7.9AI Score

0.0004EPSS

2023-06-12 08:15 PM
16
cve
cve

CVE-2022-27541

Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information...

7.8CVSS

7.9AI Score

0.0004EPSS

2023-06-12 07:15 PM
15
cve
cve

CVE-2022-27539

Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information...

7.8CVSS

7.9AI Score

0.0004EPSS

2023-06-12 07:15 PM
19
cve
cve

CVE-2023-30903

HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with...

5.5CVSS

5.3AI Score

0.0004EPSS

2023-06-16 09:15 PM
14
cve
cve

CVE-2023-32673

Certain versions of HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware are potentially vulnerable to elevation of...

9.8CVSS

9.3AI Score

0.001EPSS

2023-06-12 10:15 PM
23
cve
cve

CVE-2023-32674

Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to buffer...

9.8CVSS

9.4AI Score

0.001EPSS

2023-06-12 10:15 PM
20
cve
cve

CVE-2023-26297

Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of...

8.8CVSS

8.9AI Score

0.0005EPSS

2023-06-12 10:15 PM
18
Total number of security vulnerabilities2364