Filtered by vendor Hp Subscriptions
Total 2444 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-0004 3 Hp, Sco, University Of Washington 3 Dtmail, Unixware, Pine 2024-11-21 N/A
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
CVE-1999-0003 5 Hp, Ibm, Sgi and 2 more 6 Hp-ux, Aix, Irix and 3 more 2024-11-21 N/A
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
CVE-2024-9579 2 Hp, Poly 24 Poly Studio G62, Poly Studio G62 Firmware, Poly Studio G7500 and 21 more 2024-11-08 7.5 High
A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware flaw does not properly sanitize user input. The exploitation of this vulnerability is dependent on a layered attack and cannot be exploited by itself.
CVE-2024-9419 1 Hp 1 Smart Universal Printing Driver 2024-11-01 7.8 High
Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could potentially lead to Remote Code Execution and/or Elevation of Privilege on the PC.
CVE-2024-42508 1 Hp 1 Oneview 2024-10-29 5.5 Medium
This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users.
CVE-2024-41911 1 Hp 2 Poly Clariti Manager, Poly Clariti Manager Firmware 2024-10-29 5.4 Medium
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation.
CVE-2024-45071 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2024-10-21 5.5 Medium
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2024-45072 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2024-10-21 5.5 Medium
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources.
CVE-2024-5749 1 Hp 2 Designjet T730 Firmware, Designjet T830 Firmware 2024-10-16 7.5 High
Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP server credentials.
CVE-2024-27458 1 Hp 40 Elite Dragonfly Firmware, Elite Dragonfly G2 Firmware, Elite Dragonfly Max Firmware and 37 more 2024-10-07 8.8 High
A potential security vulnerability has been identified in the HP Hotkey Support software, which might allow local escalation of privilege. HP is releasing mitigation for the potential vulnerability. Customers using HP Programmable Key are recommended to update HP Hotkey Support.
CVE-2024-9423 1 Hp 1 Laserjet Mfp M232-m237 Printer Series Firmware 2024-10-04 5.3 Medium
Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, potentially blocking queued print jobs.
CVE-2024-42500 1 Hp 1 Hp-ux 2024-09-10 9.3 Critical
HPE has identified a denial of service vulnerability in HPE HP-UX System's Network File System (NFSv4) services.
CVE-2024-7720 1 Hp 1 Security Manager 2024-09-07 9.8 Critical
HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries.
CVE-2024-41912 1 Hp 2 Poly Clariti Manager, Poly Clariti Manager Firmware 2024-09-06 9.8 Critical
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly implement access controls.
CVE-2024-42396 2 Arubanetworks, Hp 2 Instant, Instantos 2024-08-23 5.3 Medium
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
CVE-2024-42397 1 Hp 1 Instantos 2024-08-23 5.3 Medium
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
CVE-2024-42398 2 Arubanetworks, Hp 3 Arubaos, Instant, Instantos 2024-08-23 5.3 Medium
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
CVE-2024-42399 2 Arubanetworks, Hp 3 Arubaos, Instant, Instantos 2024-08-23 5.3 Medium
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
CVE-2024-42400 2 Arubanetworks, Hp 3 Arubaos, Instant, Instantos 2024-08-23 5.3 Medium
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
CVE-2024-41913 1 Hp 2 Poly Clariti Manager, Poly Clariti Manager Firmware 2024-08-13 8.8 High
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly sanitize User input.