Filtered by vendor Hp
Subscribe
Total
2419 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22781 | 1 Hp | 2 Arubaos, Instantos | 2023-05-12 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-22780 | 1 Hp | 2 Arubaos, Instantos | 2023-05-12 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-22779 | 1 Hp | 2 Arubaos, Instantos | 2023-05-12 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-22789 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-05-12 | N/A | 8.8 HIGH |
| Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | |||||
| CVE-2023-22788 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-05-12 | N/A | 8.8 HIGH |
| Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | |||||
| CVE-2023-22790 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-05-12 | N/A | 8.8 HIGH |
| Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. | |||||
| CVE-2023-22791 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-05-12 | N/A | 4.8 MEDIUM |
| A vulnerability exists in Aruba InstantOS and ArubaOS 10 where an edge-case combination of network configuration, a specific WLAN environment and an attacker already possessing valid user credentials on that WLAN can lead to sensitive information being disclosed via the WLAN. The scenarios in which this disclosure of potentially sensitive information can occur are complex and depend on factors that are beyond the control of the attacker. | |||||
| CVE-2023-22787 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-05-12 | N/A | 7.5 HIGH |
| An unauthenticated Denial of Service (DoS) vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point. | |||||
| CVE-2022-31643 | 1 Hp | 182 Dragonfly Folio G3, Dragonfly Folio G3 Firmware, Elite Dragonfly G2 and 179 more | 2023-05-10 | N/A | 5.5 MEDIUM |
| A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential vulnerability. | |||||
| CVE-2023-1526 | 1 Hp | 15 Designjet Z6, Designjet Z6 Firmware, Designjet Z6dr and 12 more | 2023-05-10 | N/A | 4.6 MEDIUM |
| Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer. | |||||
| CVE-2023-27972 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2023-05-10 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution. | |||||
| CVE-2023-27971 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2023-05-10 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege. | |||||
| CVE-2023-28092 | 1 Hp | 4 Integrated Lights-out, Integrated Lights-out Firmware, Proliant Rl300 and 1 more | 2023-05-10 | N/A | 6.8 MEDIUM |
| A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis. | |||||
| CVE-2023-28084 | 2 Hp, Hpe | 2 Oneview, Oneview Global Dashboard | 2023-05-04 | N/A | 5.5 MEDIUM |
| HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens | |||||
| CVE-2023-28086 | 1 Hp | 1 Oneview | 2023-05-04 | N/A | 5.5 MEDIUM |
| An HPE OneView appliance dump may expose proxy credential settings | |||||
| CVE-2023-28087 | 1 Hp | 1 Oneview | 2023-05-04 | N/A | 5.5 MEDIUM |
| An HPE OneView appliance dump may expose OneView user accounts | |||||
| CVE-2023-28088 | 1 Hp | 1 Oneview | 2023-05-04 | N/A | 7.8 HIGH |
| An HPE OneView appliance dump may expose SAN switch administrative credentials | |||||
| CVE-2023-28089 | 1 Hp | 1 Oneview | 2023-05-04 | N/A | 7.1 HIGH |
| An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules | |||||
| CVE-2023-28090 | 1 Hp | 1 Oneview | 2023-05-04 | N/A | 5.5 MEDIUM |
| An HPE OneView appliance dump may expose SNMPv3 read credentials | |||||
| CVE-2023-28091 | 1 Hp | 1 Oneview | 2023-04-21 | N/A | 5.5 MEDIUM |
| HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump | |||||