Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Hp Subscribe
Total 2279 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-26281 5 Hp, Ibm, Linux and 2 more 7 Hp-ux, Aix, Http Server and 4 more 2023-03-09 N/A 7.5 HIGH
IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296.
CVE-2022-37935 1 Hp 1 Oneview For Vmware Vcenter 2023-03-09 N/A 5.5 MEDIUM
HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password.
CVE-2019-4154 4 Hp, Ibm, Linux and 1 more 5 Hp-ux, Aix, Db2 and 2 more 2023-03-03 7.2 HIGH 7.8 HIGH
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 158519.
CVE-2019-4102 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2023-03-03 4.3 MEDIUM 5.9 MEDIUM
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158092.
CVE-2019-4322 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2023-03-03 7.2 HIGH 7.8 HIGH
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 161202.
CVE-2018-6493 1 Hp 2 Network Automation, Network Operations Management Ultimate 2023-03-03 6.5 MEDIUM 8.8 HIGH
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection.
CVE-2013-4843 1 Hp 2 Integrated Lights-out 4, Integrated Lights-out Firmware 2023-02-28 6.8 MEDIUM N/A
Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVE-2022-43927 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2023-02-24 N/A 7.5 HIGH
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671.
CVE-2022-43929 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2023-02-24 N/A 7.5 HIGH
IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676.
CVE-2022-43779 1 Hp 50 218 Pro G5 Mt, 218 Pro G5 Mt Firmware, 260 G2 Desktop Mini and 47 more 2023-02-21 N/A 7.0 HIGH
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability.
CVE-2021-3439 1 Hp 754 200 G3 All-in-one \(rom Family Ssid 8431\), 200 G3 All-in-one \(rom Family Ssid 8431\) Firmware, 200 G3 All-in-one \(rom Family Ssid 84de\) and 751 more 2023-02-21 N/A 7.8 HIGH
HP has identified a potential vulnerability in BIOS firmware of some Workstation products. Firmware updates are being released to mitigate these potential vulnerabilities.
CVE-2022-27538 1 Hp 634 Dragonfly Folio G3 2-in-1, Dragonfly Folio G3 2-in-1 Firmware, Elite Dragonfly and 631 more 2023-02-16 N/A 7.0 HIGH
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability.
CVE-2022-48311 1 Hp 2 Deskjet 2540 A9u23b, Deskjet 2540 A9u23b Firmware 2023-02-14 N/A 9.0 CRITICAL
**UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2013-4842 1 Hp 2 Integrated Lights-out 4, Integrated Lights-out Firmware 2023-02-14 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-5436 1 Hp 2 Integrated Lights-out 4, Integrated Lights-out Firmware 2023-02-14 7.8 HIGH 7.5 HIGH
A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020.
CVE-2022-31772 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2023-02-14 N/A 6.5 MEDIUM
IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335.
CVE-2021-29728 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, Linux On Ibm Z and 5 more 2023-02-14 4.0 MEDIUM 4.9 MEDIUM
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 201160.
CVE-2021-29722 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, Linux On Ibm Z and 5 more 2023-02-14 5.0 MEDIUM 7.5 HIGH
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201095.
CVE-2021-29723 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, Linux On Ibm Z and 5 more 2023-02-14 5.0 MEDIUM 7.5 HIGH
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100.
CVE-2013-0200 2 Hp, Redhat 2 Linux Imaging And Printing Project, Enterprise Linux 2023-02-12 1.9 LOW N/A
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vulnerability than CVE-2011-2722.