Filtered by vendor Hp
Subscribe
Total
2459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-3196 | 7 Canonical, Debian, Fedoraproject and 4 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2023-11-07 | 4.3 MEDIUM | N/A |
| ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message. | |||||
| CVE-2014-7810 | 3 Apache, Debian, Hp | 3 Tomcat, Debian Linux, Hp-ux | 2023-11-07 | 5.0 MEDIUM | N/A |
| The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation. | |||||
| CVE-2013-4002 | 9 Apache, Canonical, Hp and 6 more | 21 Xerces2 Java, Ubuntu Linux, Hp-ux and 18 more | 2023-11-07 | 7.1 HIGH | N/A |
| XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names. | |||||
| CVE-2012-3268 | 2 Hp, Huawei | 675 0150a129, 0150a12a, 0150a12b and 672 more | 2023-11-07 | 3.5 LOW | N/A |
| Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller, Firewall, Router, Switch, and Switch and Route Processing Unit products; and certain Huawei Firewall/Gateway, Router, Switch, and Wireless products do not properly implement access control as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0, which allows remote authenticated users to discover credentials in UserInfoEntry values via an SNMP request with the read-only community. | |||||
| CVE-2008-5395 | 2 Hp, Linux | 2 Pa-risc, Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses. | |||||
| CVE-2004-0809 | 8 Apache, Debian, Gentoo and 5 more | 12 Http Server, Debian Linux, Linux and 9 more | 2023-11-07 | 5.0 MEDIUM | N/A |
| The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. | |||||
| CVE-2004-0492 | 5 Apache, Hp, Ibm and 2 more | 7 Http Server, Virtualvault, Vvos and 4 more | 2023-11-07 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied. | |||||
| CVE-2000-0159 | 1 Hp | 1 Hp-ux | 2023-11-07 | 7.5 HIGH | N/A |
| HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. | |||||
| CVE-2000-0468 | 1 Hp | 1 Hp-ux | 2023-11-07 | 4.6 MEDIUM | N/A |
| man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. | |||||
| CVE-2000-0515 | 1 Hp | 1 Hp-ux | 2023-11-07 | 10.0 HIGH | N/A |
| The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges. | |||||
| CVE-2000-0573 | 1 Hp | 1 Hp-ux | 2023-11-07 | 10.0 HIGH | N/A |
| The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command. | |||||
| CVE-2023-26300 | 1 Hp | 178 200 G4 22 All-in-one Pc \(rom Family Ssid 86f0\), 200 G4 22 All-in-one Pc \(rom Family Ssid 86f0\) Firmware, 200 G4 22 All-in-one Pc \(rom Family Ssid 86f2\) and 175 more | 2023-10-31 | N/A | 7.8 HIGH |
| A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potential vulnerability. | |||||
| CVE-2023-5449 | 1 Hp | 58 E22 G4 Fhd, E22 G4 Fhd Firmware, E23 G4 Fhd and 55 more | 2023-10-20 | N/A | 3.3 LOW |
| A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor’s Theft Deterrence to be deactivated. | |||||
| CVE-2023-5409 | 1 Hp | 4 T430 Thin Client, T430 Thin Client Firmware, T638 Thin Client and 1 more | 2023-10-20 | N/A | 6.8 MEDIUM |
| HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability. | |||||
| CVE-2023-4499 | 1 Hp | 20 Elite Mt645, Mt21, Mt22 and 17 more | 2023-10-19 | N/A | 7.5 HIGH |
| A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability. | |||||
| CVE-2023-5113 | 1 Hp | 1133 Color Laserjet Enterprise 5700 49k98a, Color Laserjet Enterprise 5700 6qn28a, Color Laserjet Enterprise 6700 49l00a and 1130 more | 2023-10-11 | N/A | 6.1 MEDIUM |
| Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. | |||||
| CVE-2023-38741 | 4 Hp, Ibm, Linux and 1 more | 5 Hp-ux, Aix, Txseries For Multiplatform and 2 more | 2023-08-23 | N/A | 7.5 HIGH |
| IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 262905. | |||||
| CVE-2023-38402 | 2 Hp, Microsoft | 2 Aruba Virtual Intranet Access, Windows | 2023-08-23 | N/A | 7.1 HIGH |
| A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process. | |||||
| CVE-2023-38401 | 2 Hp, Microsoft | 2 Aruba Virtual Intranet Access, Windows | 2023-08-23 | N/A | 7.8 HIGH |
| A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system. | |||||
| CVE-2022-4894 | 2 Hp, Samsung | 2046 1vr14a, 1vr14a Firmware, 209u7a and 2043 more | 2023-08-23 | N/A | 7.3 HIGH |
| Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element. | |||||