Vulnerabilities > HP

DATE CVE VULNERABILITY TITLE RISK
2023-09-05 CVE-2015-1391 Cross-Site Request Forgery (CSRF) vulnerability in HP Airwave
Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism.
network
low complexity
hp CWE-352
8.8
2023-09-05 CVE-2015-2201 OS Command Injection vulnerability in multiple products
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users.
network
low complexity
hp arubanetworks CWE-78
7.2
2023-09-05 CVE-2015-2202 Improper Input Validation vulnerability in multiple products
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS.
network
low complexity
hp arubanetworks CWE-20
7.2
2023-08-16 CVE-2022-4894 Uncontrolled Search Path Element vulnerability in multiple products
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.
local
low complexity
hp samsung CWE-427
7.3
2023-08-15 CVE-2023-38401 Unspecified vulnerability in HP Aruba Virtual Intranet Access
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges.
local
low complexity
hp
7.8
2023-08-15 CVE-2023-38402 Unspecified vulnerability in HP Aruba Virtual Intranet Access
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM.
local
low complexity
hp
7.1
2023-07-25 CVE-2023-35980 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp CWE-120
critical
9.8
2023-07-25 CVE-2023-35981 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp CWE-120
critical
9.8
2023-07-25 CVE-2023-35982 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp CWE-120
critical
9.8
2023-07-21 CVE-2023-26301 Missing Authorization vulnerability in HP products
Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints.
network
low complexity
hp CWE-862
critical
9.8