Vulnerabilities > HP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-27 | CVE-2018-5923 | Improper Verification of Cryptographic Signature vulnerability in HP products In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code. | 9.8 |
| 2019-03-25 | CVE-2019-3484 | Unspecified vulnerability in HP Arcsight Logger Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7. | 7.8 |
| 2019-03-25 | CVE-2019-3483 | Unspecified vulnerability in HP Arcsight Logger Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7. | 6.5 |
| 2019-03-25 | CVE-2019-3482 | Path Traversal vulnerability in HP Arcsight Logger Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7. | 6.5 |
| 2019-03-25 | CVE-2019-3481 | XXE vulnerability in HP Arcsight Logger Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7. | 7.1 |
| 2019-03-25 | CVE-2019-3480 | Cross-site Scripting vulnerability in HP Arcsight Logger Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7. | 6.1 |
| 2019-03-25 | CVE-2019-3479 | Unspecified vulnerability in HP Arcsight Logger Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7. | 9.8 |
| 2019-03-21 | CVE-2018-15532 | Information Exposure vulnerability in HP Synaptics Touchpad Driver 20180606 SynTP.sys in Synaptics Touchpad drivers before 2018-06-06 allows local users to obtain sensitive information about freed kernel addresses. | 3.8 |
| 2019-02-11 | CVE-2019-5736 | OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78 | 8.6 |
| 2019-02-04 | CVE-2019-7317 | Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. | 5.3 |