Filtered by vendor Hp
Subscriptions
Total
2449 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-31639 | 1 Hp | 806 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 803 more | 2025-01-03 | 7.8 High |
| Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | ||||
| CVE-2023-1707 | 1 Hp | 317 Color Laserjet Enterprise 5700 49k98a, Color Laserjet Enterprise 5700 6qn28a, Color Laserjet Enterprise 6700 49l00a and 314 more | 2025-01-03 | 7.5 High |
| Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6. | ||||
| CVE-2022-31636 | 1 Hp | 806 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 803 more | 2025-01-03 | 7.8 High |
| Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | ||||
| CVE-2022-31635 | 1 Hp | 806 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 803 more | 2025-01-03 | 7.8 High |
| Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | ||||
| CVE-2023-1329 | 1 Hp | 1914 Laserjet Managed Mfp E62665 3gy14a, Laserjet Managed Mfp E62665 3gy14a Firmware, Laserjet Managed Mfp E62665 3gy15a and 1911 more | 2024-12-31 | 9.8 Critical |
| A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products. | ||||
| CVE-2022-31645 | 1 Hp | 654 Dragonfly Folio G3 2-in-1, Dragonfly Folio G3 2-in-1 Firmware, Elite Dragonfly and 651 more | 2024-12-30 | 7.8 High |
| Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | ||||
| CVE-2022-31644 | 1 Hp | 654 Dragonfly Folio G3 2-in-1, Dragonfly Folio G3 2-in-1 Firmware, Elite Dragonfly and 651 more | 2024-12-30 | 7.8 High |
| Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | ||||
| CVE-2022-31642 | 1 Hp | 582 Elite Dragonfly, Elite Dragonfly Firmware, Elite Dragonfly G2 and 579 more | 2024-12-30 | 7 High |
| Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | ||||
| CVE-2022-31641 | 1 Hp | 582 Elite Dragonfly, Elite Dragonfly Firmware, Elite Dragonfly G2 and 579 more | 2024-12-30 | 7 High |
| Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | ||||
| CVE-2022-31640 | 1 Hp | 582 Elite Dragonfly, Elite Dragonfly Firmware, Elite Dragonfly G2 and 579 more | 2024-12-30 | 7 High |
| Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | ||||
| CVE-2022-31646 | 1 Hp | 654 Dragonfly Folio G3 2-in-1, Dragonfly Folio G3 2-in-1 Firmware, Elite Dragonfly and 651 more | 2024-12-30 | 7.8 High |
| Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. | ||||
| CVE-2023-30903 | 1 Hp | 1 Hp-ux | 2024-12-17 | 5.5 Medium |
| HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6. | ||||
| CVE-2023-35178 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2024-12-04 | 8.8 High |
| Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs. | ||||
| CVE-2023-35177 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2024-12-04 | 8.8 High |
| Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser. | ||||
| CVE-2023-35176 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2024-12-04 | 8.8 High |
| Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device. | ||||
| CVE-2023-35175 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2024-12-04 | 9.8 Critical |
| Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model. | ||||
| CVE-2023-26299 | 1 Hp | 118 200 G3, 200 G3 Firmware, 200 G4 22 All-in-one and 115 more | 2024-12-04 | 7.0 High |
| A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability. | ||||
| CVE-2023-29065 | 2 Bd, Hp | 3 Facschorus, Hp Z2 Tower G5, Hp Z2 Tower G9 | 2024-12-02 | 4.1 Medium |
| The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database. | ||||
| CVE-2023-38401 | 2 Hp, Microsoft | 2 Aruba Virtual Intranet Access, Windows | 2024-11-22 | 7.8 High |
| A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system. | ||||
| CVE-2024-6147 | 1 Hp | 1 Poly Plantronics Hub | 2024-11-21 | 7.8 High |
| Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Spokes Update Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18271. | ||||