Vulnerabilities > HP > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-13 | CVE-2019-18915 | Unquoted Search Path or Element vulnerability in HP System Event Utility 1.4.32 A potential security vulnerability has been identified with certain versions of HP System Event Utility prior to version 1.4.33. | 7.8 |
| 2020-02-04 | CVE-2015-2802 | Information Exposure vulnerability in HP products An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. | 7.5 |
| 2020-01-30 | CVE-2015-0949 | Improper Privilege Management vulnerability in multiple products The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. | 7.8 |
| 2020-01-27 | CVE-2014-7303 | Incorrect Default Permissions vulnerability in HP SGI Tempo SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading etc/dbdump.db. | 7.8 |
| 2020-01-27 | CVE-2014-7302 | Incorrect Default Permissions vulnerability in HP SGI Tempo SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to change the permissions of arbitrary files by executing /opt/sgi/sgimc/bin/vx. | 7.8 |
| 2020-01-17 | CVE-2019-3683 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. | 8.8 |
| 2020-01-09 | CVE-2019-6319 | Cross-Site Request Forgery (CSRF) vulnerability in HP products HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration. | 8.1 |
| 2020-01-09 | CVE-2019-6320 | Cross-Site Request Forgery (CSRF) vulnerability in HP products Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration. | 8.1 |
| 2020-01-03 | CVE-2019-11993 | Unspecified vulnerability in HP products A security vulnerability has been identified in HPE SimpliVity 380 Gen 9, HPE SimpliVity 380 Gen 10, HPE SimpliVity 380 Gen 10 G, HPE SimpliVity 2600 Gen 10, SimpliVity OmniCube, SimpliVity OmniStack for Cisco, SimpliVity OmniStack for Lenovo and SimpliVity OmniStack for Dell nodes. | 7.5 |
| 2019-12-18 | CVE-2019-11995 | Unspecified vulnerability in HP Universal Internet of Things 1.2.4.0/1.2.4.1/1.2.4.2 Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unauthorized remote access and access to sensitive data. | 7.5 |