Vulnerabilities > HP > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-09 | CVE-2019-18914 | Cross-site Scripting vulnerability in HP Futuresmart 3 and Futuresmart 4 A potential security vulnerability has been identified for certain HP printers and MFPs that would allow redirection page Cross-Site Scripting in a client’s browser by clicking on a third-party malicious link. | 6.1 |
| 2021-11-03 | CVE-2021-39237 | Unspecified vulnerability in HP Futuresmart 3, Futuresmart 4 and Futuresmart 5 Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers may be vulnerable to potential information disclosure. low complexity hp | 4.6 |
| 2021-10-29 | CVE-2021-3441 | Cross-site Scripting vulnerability in HP Officejet 7110 Firmware 2117A A potential security vulnerability has been identified for the HP OfficeJet 7110 Wide Format ePrinter that enables Cross-Site Scripting (XSS). | 4.8 |
| 2021-10-29 | CVE-2021-3662 | Cross-site Scripting vulnerability in HP Futuresmart 4 and Futuresmart 5 Certain HP Enterprise LaserJet and PageWide MFPs may be vulnerable to stored cross site scripting (XSS). | 5.4 |
| 2021-06-03 | CVE-2021-26584 | Cross-site Scripting vulnerability in HP Oneview for VMWare Vcenter A security vulnerability in HPE OneView for VMware vCenter (OV4VC) could be exploited remotely to allow Cross-Site Scripting. | 6.1 |
| 2021-05-25 | CVE-2021-29208 | Injection vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | 4.8 |
| 2021-05-25 | CVE-2021-29209 | Injection vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | 4.8 |
| 2021-05-25 | CVE-2021-29210 | Injection vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | 4.8 |
| 2021-05-25 | CVE-2021-29211 | Cross-site Scripting vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | 4.8 |
| 2021-05-25 | CVE-2021-29201 | Cross-site Scripting vulnerability in HP Integrated Lights-Out 4 and Integrated Lights-Out 5 A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | 4.8 |