Vulnerabilities > HP

DATE CVE VULNERABILITY TITLE RISK
2023-09-14 CVE-2023-30909 Unspecified vulnerability in HP Oneview
A remote authentication bypass issue exists in some OneView APIs.
network
low complexity
hp
critical
9.8
2023-09-07 CVE-2023-30908 Unspecified vulnerability in HP Oneview
A remote authentication bypass issue exists in a OneView API.
network
low complexity
hp
critical
9.8
2023-09-05 CVE-2015-1390 Cross-site Scripting vulnerability in HP Airwave
Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator.
network
low complexity
hp CWE-79
6.1
2023-09-05 CVE-2015-1391 Cross-Site Request Forgery (CSRF) vulnerability in HP Airwave
Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism.
network
low complexity
hp CWE-352
8.8
2023-09-05 CVE-2015-2201 OS Command Injection vulnerability in multiple products
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users.
network
low complexity
hp arubanetworks CWE-78
7.2
2023-09-05 CVE-2015-2202 Improper Input Validation vulnerability in multiple products
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS.
network
low complexity
hp arubanetworks CWE-20
7.2
2023-08-16 CVE-2022-4894 Uncontrolled Search Path Element vulnerability in multiple products
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.
local
low complexity
hp samsung CWE-427
7.3
2023-08-15 CVE-2023-38401 Unspecified vulnerability in HP Aruba Virtual Intranet Access
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges.
local
low complexity
hp
7.8
2023-08-15 CVE-2023-38402 Unspecified vulnerability in HP Aruba Virtual Intranet Access
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM.
local
low complexity
hp
7.1
2023-07-25 CVE-2023-35980 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp CWE-120
critical
9.8