Vulnerabilities > HP > High

DATE CVE VULNERABILITY TITLE RISK
2024-11-05 CVE-2024-9579 Command Injection vulnerability in HP products
A potential vulnerability was discovered in certain Poly video conferencing devices.
high complexity
hp CWE-77
7.5
7.5
2024-08-06 CVE-2024-41913 Unrestricted Upload of File with Dangerous Type vulnerability in HP Poly Clariti Manager Firmware
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices.
network
low complexity
hp CWE-434
8.8
8.8
2024-06-20 CVE-2024-6147 Link Following vulnerability in HP Poly Plantronics HUB 3.24.2
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability.
local
low complexity
hp CWE-59
7.8
7.8
2024-01-23 CVE-2023-50274 Command Injection vulnerability in HP Oneview
HPE OneView may allow command injection with local privilege escalation.
local
low complexity
hp CWE-77
7.8
7.8
2024-01-23 CVE-2023-50275 Improper Authentication vulnerability in HP Oneview
HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.
network
low complexity
hp CWE-287
7.5
7.5
2023-12-17 CVE-2023-50271 Unspecified vulnerability in HP System Management Homepage
A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH).
network
low complexity
hp
7.5
7.5
2023-12-14 CVE-2023-4694 Unspecified vulnerability in HP products
Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header.
network
low complexity
hp
7.5
7.5
2023-11-14 CVE-2023-45617 There are arbitrary file deletion vulnerabilities in the CLI service accessed by PAPI (Aruba's access point management protocol).
network
low complexity
arubanetworks hp
8.2
8.2
2023-11-14 CVE-2023-45618 There are arbitrary file deletion vulnerabilities in the AirWave client service accessed by PAPI (Aruba's access point management protocol).
network
low complexity
arubanetworks hp
8.2
8.2
2023-11-14 CVE-2023-45619 There is an arbitrary file deletion vulnerability in the RSSI service accessed by PAPI (Aruba's access point management protocol).
network
low complexity
arubanetworks hp
8.2
8.2