Vulnerabilities > HP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-25 | CVE-2023-28088 | Insufficiently Protected Credentials vulnerability in HP Oneview An HPE OneView appliance dump may expose SAN switch administrative credentials | 7.8 |
| 2023-04-25 | CVE-2023-28089 | Insufficiently Protected Credentials vulnerability in HP Oneview An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules | 7.1 |
| 2023-04-25 | CVE-2023-28090 | Insufficiently Protected Credentials vulnerability in HP Oneview An HPE OneView appliance dump may expose SNMPv3 read credentials | 5.5 |
| 2023-04-14 | CVE-2023-28091 | Unspecified vulnerability in HP Oneview HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump | 5.5 |
| 2023-03-22 | CVE-2023-28083 | Cross-site Scripting vulnerability in HP products A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). | 5.4 |
| 2023-03-01 | CVE-2022-37935 | Unspecified vulnerability in HP Oneview for VMWare Vcenter HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password. | 5.5 |
| 2023-02-12 | CVE-2022-43779 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in HP products A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. | 7.0 |
| 2023-02-06 | CVE-2022-48311 | Cross-site Scripting vulnerability in HP Deskjet 2540 A9U23B Firmware Cep1Fn1418Br **UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. | 9.0 |
| 2023-02-01 | CVE-2021-3439 | Unspecified vulnerability in HP products HP has identified a potential vulnerability in BIOS firmware of some Workstation products. | 7.8 |
| 2023-02-01 | CVE-2021-3808 | Unspecified vulnerability in HP products Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. | 7.8 |