Vulnerabilities > HP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-16 | CVE-2022-4894 | Uncontrolled Search Path Element vulnerability in multiple products Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element. | 7.3 |
| 2023-08-15 | CVE-2023-38401 | Unspecified vulnerability in HP Aruba Virtual Intranet Access A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. | 7.8 |
| 2023-08-15 | CVE-2023-38402 | Unspecified vulnerability in HP Aruba Virtual Intranet Access A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. | 7.1 |
| 2023-07-25 | CVE-2023-35980 | Classic Buffer Overflow vulnerability in multiple products There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). | 9.8 |
| 2023-07-25 | CVE-2023-35981 | Classic Buffer Overflow vulnerability in multiple products There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). | 9.8 |
| 2023-07-25 | CVE-2023-35982 | Classic Buffer Overflow vulnerability in multiple products There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). | 9.8 |
| 2023-07-21 | CVE-2023-26301 | Missing Authorization vulnerability in HP products Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints. | 9.8 |
| 2023-06-30 | CVE-2023-26299 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in HP products A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. | 7.0 |
| 2023-06-30 | CVE-2023-35175 | Server-Side Request Forgery (SSRF) vulnerability in HP products Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model. | 9.8 |
| 2023-06-30 | CVE-2023-35176 | Classic Buffer Overflow vulnerability in HP products Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device. | 8.8 |