Vulnerabilities > HP

DATE CVE VULNERABILITY TITLE RISK
2024-01-23 CVE-2023-6573 Unspecified vulnerability in HP Oneview
HPE OneView may have a missing passphrase during restore.
local
low complexity
hp
5.5
2024-01-23 CVE-2023-50274 Command Injection vulnerability in HP Oneview
HPE OneView may allow command injection with local privilege escalation.
local
low complexity
hp CWE-77
7.8
2024-01-23 CVE-2023-50275 Improper Authentication vulnerability in HP Oneview
HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.
network
low complexity
hp CWE-287
7.5
2023-12-17 CVE-2023-50271 Unspecified vulnerability in HP System Management Homepage
A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH).
network
low complexity
hp
7.5
2023-12-14 CVE-2023-4694 Unspecified vulnerability in HP products
Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header.
network
low complexity
hp
7.5
2023-11-14 CVE-2023-45614 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp CWE-120
critical
9.8
2023-11-14 CVE-2023-45615 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp CWE-120
critical
9.8
2023-11-14 CVE-2023-45616 Classic Buffer Overflow vulnerability in multiple products
There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp CWE-120
critical
9.8
2023-11-14 CVE-2023-45617 There are arbitrary file deletion vulnerabilities in the CLI service accessed by PAPI (Aruba's access point management protocol).
network
low complexity
arubanetworks hp
8.2
2023-11-14 CVE-2023-45618 There are arbitrary file deletion vulnerabilities in the AirWave client service accessed by PAPI (Aruba's access point management protocol).
network
low complexity
arubanetworks hp
8.2