Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | sunos | 5.1 |
| sun | sunos | 5.0 |
| sgi | irix | 6.2 |
| hp | hp-ux | 10.02 |
| ibm | aix | 4.1.1 |
| sgi | irix | 5.3 |
| sgi | irix | 6.0 |
| hp | hp-ux | 10.03 |
| sun | sunos | 5.5.1 |
| ibm | aix | 4.1.5 |
| sgi | irix | 6.1 |
| sun | sunos | 5.4 |
| sun | sunos | 4.1.3 |
| ibm | aix | 4.2.1 |
| ibm | aix | 4.2 |
| sun | solaris | 2.6 |
| tritreal | ted_cde | 4.3 |
| hp | hp-ux | 10.01 |
| sun | sunos | - |
| ibm | aix | 4.1.4 |
| sun | sunos | 5.5 |
| sgi | irix | 6.4 |
| ibm | aix | 4.1.2 |
| sgi | irix | 5.2 |
| ibm | aix | 4.1 |
| sgi | irix | 6.3 |
| ibm | aix | 4.1.3 |
| ibm | aix | 4.3 |
| sun | sunos | 5.3 |
| hp | hp-ux | 11.00 |
| sun | sunos | 5.2 |
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| university_of_washington | pine | 4.02 |
| sco | unixware | 7.0 |
| hp | dtmail | * |
Information from SSL-encrypted sessions via PKCS #1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-327,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.0.1b |
| ssleay | ssleay | 0.8.1 |
| netscape | messaging_server | 3.54 |
| ssleay | ssleay | 0.9 |
| microsoft | exchange_server | 5.5 |
| netscape | directory_server | 3.1 |
| netscape | fasttrack_server | 3.01b |
| ssleay | ssleay | 0.6.6 |
| c2net | stonghold_web_server | 2.2 |
| microsoft | internet_information_server | 3.0 |
| c2net | stonghold_web_server | 2.3 |
| netscape | collabra_server | 3.5.2 |
| netscape | enterprise_server | 3.5.1 |
| microsoft | internet_information_server | 4.0 |
| hp | open_market_secure_webserver | 2.1 |
| netscape | enterprise_server | 2.0 |
| netscape | proxy_server | 3.5.1 |
| netscape | certificate_server | 1.0 |
| netscape | directory_server | 1.3 |
| microsoft | site_server | 3.0 |
| c2net | stonghold_web_server | 2.0.1 |
| netscape | directory_server | 3.12 |
Buffer overflow in NIS+, in Sun's rpc.nisd program.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | sunos | 5.5.1 |
| sun | sunos | 5.5 |
| sun | sunos | 5.3 |
| sun | sunos | 5.4 |
| hp | hp-ux | 10.34 |
| hp | hp-ux | 11.00 |
| sun | solaris | 2.6 |
Unauthorized privileged access or denial of service via dtappgather program in CDE.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cde | cde | 1.01 |
| cde | cde | 1.01_x86 |
| hp | vvos | 10.24 |
| hp | hp-ux | 10.10 |
| cde | cde | 1.02 |
| ibm | aix | 4.1 |
| cde | cde | 1.2 |
| ibm | aix | 4.3 |
| hp | hp-ux | 11.00 |
| cde | cde | 1.2_x86 |
| ibm | aix | 4.2 |
| hp | hp-ux | 10.20 |
| cde | cde | 1.02_x86 |
Teardrop IP denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 9.05 |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.16 |
| hp | hp-ux | 9.00 |
| hp | hp-ux | 10.30 |
| hp | hp-ux | 10 |
| netbsd | netbsd | 1.2 |
| hp | hp-ux | 9.04 |
| hp | hp-ux | 9.07 |
| hp | hp-ux | 9.01 |
| netbsd | netbsd | 1.0 |
| netbsd | netbsd | 1.2.1 |
| microsoft | windows_nt | 4.0 |
| sun | sunos | 4.1.3u1 |
| sun | sunos | 4.1.4 |
| microsoft | windows_95 | 0.0a |
| microsoft | windows_nt | 3.5.1 |
| netbsd | netbsd | 1.1 |
| hp | hp-ux | 9.03 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Land IP denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 9.05 |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.16 |
| hp | hp-ux | 9.00 |
| hp | hp-ux | 10.30 |
| cisco | ios | 7000 |
| hp | hp-ux | 9.04 |
| hp | hp-ux | 9.07 |
| hp | hp-ux | 9.01 |
| netbsd | netbsd | 1.0 |
| microsoft | winsock | 2.0 |
| hp | hp-ux | 10.10 |
| microsoft | windows_95 | * |
| microsoft | windows_nt | 4.0 |
| gnu | inet | 5.01 |
| sun | sunos | 4.1.3u1 |
| sun | sunos | 4.1.4 |
| netbsd | netbsd | 1.1 |
| hp | hp-ux | 9.03 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | sunos | 5.1 |
| sun | sunos | 5.0 |
| sgi | irix | 6.2 |
| sgi | irix | 5.0 |
| ibm | aix | 4.1.1 |
| sgi | irix | 5.1 |
| sgi | irix | 5.3 |
| sgi | irix | 6.0 |
| sgi | irix | 5.1.1 |
| freebsd | freebsd | 2.0.5 |
| bsdi | bsd_os | 1.1 |
| ibm | aix | 3.2 |
| ibm | aix | 4.1.5 |
| sgi | irix | 5.0.1 |
| sun | sunos | 4.1.1 |
| sgi | irix | 6.1 |
| sun | solaris | 4.1.3 |
| sun | sunos | 4.1.3u1 |
| sun | sunos | 5.4 |
| ibm | aix | 3.2.5 |
| ibm | aix | 4.2 |
| sun | sunos | 4.1.2 |
| freebsd | freebsd | 2.1.0 |
| ibm | aix | 4.1.4 |
| sgi | irix | 6.4 |
| ibm | aix | 4.1.2 |
| sgi | irix | 6.0.1 |
| sgi | irix | 5.2 |
| ibm | aix | 4.1 |
| ibm | aix | 3.1 |
| freebsd | freebsd | 2.0 |
| sgi | irix | 6.3 |
| ibm | aix | 4.1.3 |
| sun | sunos | 5.3 |
| sun | sunos | 5.2 |
| ibm | aix | 3.2.4 |
| hp | hp-ux | 10.00 |
Buffer overflow in xlock program allows local users to execute commands as root.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.16 |
| hp | hp-ux | 10.30 |
| sun | solaris | 2.4 |
| sgi | irix | 5.0 |
| sgi | irix | 5.1 |
| sgi | irix | 5.3 |
| hp | hp-ux | 10.08 |
| sgi | irix | 6.0 |
| data_general | dg_ux | 6.0 |
| sgi | irix | 5.1.1 |
| ibm | aix | 3.2 |
| data_general | dg_ux | 7.0 |
| sun | sunos | 5.5.1 |
| hp | hp-ux | 10.10 |
| data_general | dg_ux | 2.0 |
| sgi | irix | 5.0.1 |
| sgi | irix | 6.1 |
| data_general | dg_ux | 4.0 |
| sun | sunos | 5.4 |
| data_general | dg_ux | 1.0 |
| data_general | dg_ux | 3.0 |
| ibm | aix | 4.2 |
| hp | hp-ux | 10.20 |
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.24 |
| debian | debian_linux | 1.3 |
| data_general | dg_ux | 5.0 |
| sun | sunos | 5.5 |
| bsdi | bsd_os | 2.1 |
| sgi | irix | 6.4 |
| hp | hp-ux | 10.34 |
| sgi | irix | 6.0.1 |
| sun | solaris | 2.5 |
| sgi | irix | 5.2 |
| ibm | aix | 4.1 |
| debian | debian_linux | 0.93 |
| debian | debian_linux | 1.2 |
| sgi | irix | 6.3 |
| sun | sunos | 5.3 |
| sun | solaris | 2.5.1 |
| debian | debian_linux | 1.1 |
| hp | hp-ux | 10.00 |
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sgi | irix | 6.2 |
| nec | up-ux_v | 4.2mp |
| hp | hp-ux | 10.16 |
| hp | hp-ux | 9.00 |
| hp | hp-ux | 10.30 |
| sun | solaris | 2.4 |
| sgi | irix | 5.0 |
| sgi | irix | 5.3 |
| hp | hp-ux | 10.08 |
| sgi | irix | 6.0 |
| bsdi | bsd_os | 2.0.1 |
| ibm | aix | 3.2 |
| sun | sunos | 5.5.1 |
| hp | hp-ux | 10.10 |
| sgi | irix | 6.1 |
| freebsd | freebsd | 1.1.5.1 |
| sun | sunos | 4.1.3u1 |
| sun | sunos | 4.1.4 |
| sun | sunos | 5.4 |
| sun | sunos | 4.1.3 |
| ibm | aix | 4.2 |
| hp | hp-ux | 10.20 |
| hp | hp-ux | 10.01 |
| nec | ews-ux_v | 4.2mp |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.09 |
| sun | sunos | 5.5 |
| bsdi | bsd_os | 2.1 |
| sgi | irix | 6.4 |
| hp | hp-ux | 10.34 |
| hp | hp-ux | 9.01 |
| bsdi | bsd_os | 2.0 |
| sun | solaris | 2.5 |
| ibm | aix | 4.1 |
| sgi | irix | 4.0 |
| freebsd | freebsd | 2.0 |
| sgi | irix | 6.3 |
| nec | ews-ux_v | 4.2 |
| hp | hp-ux | 9.10 |
| sun | sunos | 5.3 |
| sun | solaris | 2.5.1 |
| nec | asl_ux_4800 | 64 |
| hp | hp-ux | 10.00 |
Buffer overflow of rlogin program using TERM environmental variable.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.16 |
| oracle | solaris | 7.0 |
| sun | solaris | 2.4 |
| ibm | aix | 4.1.1 |
| next | nextstep | - |
| bsdi | bsd_os | 2.0.1 |
| freebsd | freebsd | 2.0.5 |
| digital | ultrix | 4.2 |
| next | nextstep | 3.3 |
| next | nextstep | 4.0 |
| freebsd | freebsd | 1.1.5.1 |
| sun | sunos | 4.1.3u1 |
| data_general | dg_ux | 4.0 |
| sun | sunos | 5.4 |
| netbsd | netbsd | 1.1 |
| data_general | dg_ux | 1.0 |
| hp | hp-ux | 10.20 |
| digital | unix | 3.2g |
| hp | hp-ux | 10.01 |
| next | nextstep | 3.1 |
| ibm | aix | 4.1.4 |
| freebsd | freebsd | 2.1.5 |
| bsdi | bsd_os | 2.1 |
| digital | unix | 4.0a |
| debian | debian_linux | 0.93 |
| freebsd | freebsd | 2.0 |
| ibm | aix | 4.1.3 |
| sun | solaris | 2.5.1 |
| next | nextstep | 2.0 |
| oracle | solaris | 8 |
| digital | ultrix | 4.3 |
| hp | hp-ux | 10.30 |
| next | nextstep | 1.0a |
| digital | ultrix | 4.1 |
| hp | hp-ux | 10.08 |
| bsdi | bsd_os | 1.1 |
| ibm | aix | 3.2 |
| digital | ultrix | 4.3a |
| sun | sunos | 5.5.1 |
| next | nextstep | 3.0 |
| ibm | aix | 4.1.5 |
| hp | hp-ux | 10.10 |
| data_general | dg_ux | 2.0 |
| digital | unix | 4.0b |
| sun | sunos | 4.1.4 |
| data_general | dg_ux | 3.0 |
| next | nextstep | 3.2 |
| hp | hp-ux | 10.24 |
| digital | ultrix | 2.2 |
| freebsd | freebsd | 2.1.0 |
| next | nextstep | 2.1 |
| hp | hp-ux | 10.09 |
| next | nextstep | 1.0 |
| sun | sunos | 5.5 |
| oracle | solaris | 2.6 |
| hp | hp-ux | 10.34 |
| ibm | aix | 4.1.2 |
| digital | ultrix | 4.4 |
| netbsd | netbsd | 1.0 |
| bsdi | bsd_os | 2.0 |
| sun | solaris | 2.5 |
| digital | ultrix | 4.5 |
| oracle | solaris | - |
| digital | ultrix | 4.0 |
| digital | ultrix | - |
| ibm | aix | 4.1 |
| sun | sunos | 5.3 |
| digital | ultrix | 3.0 |
| digital | unix | 4.0 |
| hp | hp-ux | 10.00 |
Buffer overflow in HP-UX newgrp program.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 9.05 |
| hp | hp-ux | 9.00 |
| hp | hp-ux | 9.09 |
| hp | hp-ux | 9.04 |
| hp | hp-ux | 9.07 |
| hp | hp-ux | 9.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 9.06 |
| hp | hp-ux | 9.10 |
| hp | hp-ux | 9.08 |
| hp | hp-ux | 9.03 |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
Vacation program allows command execution by remote users through a sendmail command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| freebsd | freebsd | 6.2 |
| hp | hp-ux | 10.24 |
| sun | sunos | * |
| ibm | aix | * |
| hp | hp-ux | 10.09 |
| hp | vvos | * |
| eric_allman | vacation | * |
| sun | solaris | * |
| hp | hp-ux | 10.00 |
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| next | nextstep | * |
| ncr | mp-ras | 3.0 |
| sco | unixware | 2.1 |
| bsdi | bsd_os | * |
| sgi | irix | 5.3 |
| sun | sunos | 5.5 |
| ncr | mp-ras | 2.03 |
| ibm | aix | 3.2 |
| ncr | mp-ras | 3.01 |
| nec | up-ux_v | * |
| freebsd | freebsd | 6.2 |
| ibm | aix | 4.1 |
| sun | sunos | 4.1 |
| sco | openserver | 5 |
| hp | hp-ux | * |
| sun | sunos | 5.4 |
| ibm | aix | 4.2 |
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.16 |
| hp | hp-ux | 9.00 |
| sun | solaris | 2.4 |
| ibm | aix | 4.1.1 |
| hp | hp-ux | 9.09 |
| hp | hp-ux | 9.04 |
| ibm | aix | 3.2 |
| sun | sunos | 5.5.1 |
| ibm | aix | 4.1.5 |
| hp | hp-ux | 10.10 |
| sun | sunos | 4.1.3u1 |
| sun | sunos | 4.1.4 |
| sun | sunos | 4.1.3c |
| sun | sunos | 5.4 |
| ibm | aix | 3.2.5 |
| hp | hp-ux | 9.03 |
| ibm | aix | 4.2.1 |
| ibm | aix | 4.2 |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
| hp | hp-ux | 9.05 |
| hp | hp-ux | 10.24 |
| sun | sunos | - |
| ibm | aix | 4.1.4 |
| sun | sunos | 5.5 |
| hp | hp-ux | 9.07 |
| ibm | aix | 4.1.2 |
| hp | hp-ux | 9.01 |
| sun | solaris | 2.5 |
| ibm | aix | 4.1 |
| hp | hp-ux | 9.06 |
| ibm | aix | 4.1.3 |
| hp | hp-ux | 9.10 |
| sun | sunos | 5.3 |
| sun | solaris | 2.5.1 |
| hp | hp-ux | 9.08 |
| hp | hp-ux | 11.00 |
| ibm | aix | 3.2.4 |
| hp | hp-ux | 10.00 |
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| microsoft | windows_95 | 0a |
| microsoft | windows_nt | 4.0 |
| hp | hp-ux | * |
| sun | sunos | 4.1.3u1 |
| sun | sunos | 4.1.4 |
| caldera | openlinux | 2.0 |
swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 8.8.2 |
| hp | hp-ux | 10.16 |
| sun | solaris | 2.4 |
| eric_allman | sendmail | 8.8.3 |
| ibm | aix | 3.2 |
| eric_allman | sendmail | 8.8.1 |
| sco | openserver | 5.0.2 |
| sun | sunos | 5.5.1 |
| hp | hp-ux | 10.10 |
| sco | openserver | 5.0 |
| freebsd | freebsd | 2.1.6 |
| eric_allman | sendmail | 8.8 |
| sun | sunos | 4.1.3u1 |
| sun | sunos | 4.1.4 |
| sun | sunos | 5.4 |
| sco | internet_faststart | 1.0 |
| ibm | aix | 4.2 |
| hp | hp-ux | 10.20 |
| sco | internet_faststart | 1.1 |
| hp | hp-ux | 10.01 |
| freebsd | freebsd | 2.1.5 |
| sun | sunos | 5.5 |
| bsdi | bsd_os | 2.1 |
| sun | solaris | 2.5 |
| ibm | aix | 4.1 |
| freebsd | freebsd | 2.1.6.1 |
| sun | sunos | 5.3 |
| sun | solaris | 2.5.1 |
| hp | hp-ux | 10.00 |
Local users can start Sendmail in daemon mode and gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | linux | 4.0 |
| eric_allman | sendmail | 8.8.2 |
| hp | hp-ux | 10.01 |
| caldera | network_desktop | 1.0 |
| eric_allman | sendmail | 8.7 |
| freebsd | freebsd | 2.1.5 |
| bsdi | bsd_os | 2.1 |
| eric_allman | sendmail | 8.8.1 |
| hp | hp-ux | 10.10 |
| freebsd | freebsd | 2.1.6 |
| eric_allman | sendmail | 8.8 |
| ibm | aix | 4.2 |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 8.6 |
| eric_allman | sendmail | 8.7.5 |
| hp | hp-ux | 10.01 |
| eric_allman | sendmail | 8.7.3 |
| freebsd | freebsd | 2.1.5 |
| eric_allman | sendmail | 8.7.1 |
| bsdi | bsd_os | 2.1 |
| digital | osf_1 | 1.3.2 |
| ibm | aix | 3.2 |
| redhat | linux | 3.0.3 |
| eric_allman | sendmail | 8.7.2 |
| sco | openserver | 5.0.2 |
| hp | hp-ux | 10.10 |
| ibm | aix | 4.1 |
| sco | openserver | 5.0 |
| eric_allman | sendmail | 8.7.4 |
| sco | internet_faststart | 1.0 |
| ibm | aix | 4.2 |
| hp | hp-ux | 10.20 |
Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| sun | sunos | 5.1 |
| sun | sunos | 5.0 |
| sun | sunos | 4.1.2 |
| sun | solaris | 2.4 |
| hp | hp-ux | 10 |
| sun | sunos | 4.1.1 |
| sun | sunos | 4.1.3u1 |
| sun | sunos | 4.1.3c |
| sun | sunos | 5.3 |
| sun | sunos | 5.4 |
| sun | sunos | 4.1.3 |
| sun | sunos | 5.2 |
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nec | asl_ux_4800 | * |
| hp | hp-ux | 9 |
| nec | ews-ux_v | 4.2mp |
| hp | hp-ux | 8 |
| linux | linux_kernel | 2.0 |
| nec | up-ux_v | 4.2mp |
| freebsd | freebsd | 2.1.0 |
| hp | hp-ux | 10 |
| linux | linux_kernel | 1.2.0 |
| freebsd | freebsd | 2.0.5 |
| apple | a_ux | 3.1.1 |
| ibm | aix | 4 |
| digital | osf_1 | 1.3 |
| freebsd | freebsd | 2.0 |
| nec | ews-ux_v | 4.2 |
| ibm | aix | 3.2.5 |
Denial of service of inetd on Linux through SYN and RST packets.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 2.6.20.1 |
| hp | hp-ux | 10 |
| gnu | inet | 5.01 |
HP Remote Watch allows a remote user to gain root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
buffer overflow in HP xlock program.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | vvos | 10.24 |
Buffer overflow in HP-UX cstm program allows local users to gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9.00 |
| hp | hp-ux | 10.00 |
HP-UX gwind program allows users to modify arbitrary files.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | 8 |
HP-UX vgdisplay program gives root access to local users.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
fpkg2swpk in HP-UX allows local users to gain root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10 |
HP ypbind allows attackers with root privileges to modify NIS data.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | linux | 6.0 |
| sun | sunos | 5.8 |
| sun | sunos | 5.5.1 |
| sun | sunos | 5.7 |
| ibm | aix | 4 |
| hp | hp-ux | 11 |
| sun | solaris | 2.6 |
ppl program in HP-UX allows local users to create root files through symlinks.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
vhe_u_mnt program in HP-UX allows local users to create root files through symlinks.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | 8 |
Vulnerability in HP-UX mediainit program.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.30 |
| hp | hp-ux | 10.20 |
HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
Buffer overflow in mstm in HP-UX allows local users to gain root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10 |
rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
ftp on HP-UX 11.00 allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | desms | * |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Local users can gain privileges using the debug utility in the MPE/iX operating system.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mpe_ix | * |
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.24 |
| netscape | enterprise_server | 3.6 |
A Unix account has a default, null, blank, or missing password.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | linux | 6.0 |
| sun | sunos | 5.8 |
| sun | sunos | 5.5.1 |
| sun | sunos | 5.7 |
| hp | hp-ux | 10.20 |
| hp | hp-ux | 11 |
| sun | solaris | 2.6 |
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 2.0 |
| sun | solaris | 2.4 |
| netbsd | netbsd | 1.2 |
| freebsd | freebsd | 2.2.2 |
| freebsd | freebsd | 2.0.5 |
| ibm | aix | 3.2 |
| linux | linux_kernel | 2.1 |
| sun | sunos | 5.5.1 |
| digital | unix | 4.0d |
| freebsd | freebsd | 2.1.6 |
| digital | unix | 4.0b |
| freebsd | freebsd | 1.1.5.1 |
| sun | sunos | 5.4 |
| ibm | aix | 3.2.5 |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
| digital | unix | 4.0c |
| digital | unix | 3.2g |
| sun | sunos | - |
| freebsd | freebsd | 2.1.0 |
| freebsd | freebsd | 2.2.3 |
| freebsd | freebsd | 2.1.5 |
| sun | sunos | 5.5 |
| sun | solaris | 2.5 |
| digital | unix | 4.0a |
| ibm | aix | 3.1 |
| freebsd | freebsd | 2.2.4 |
| sun | solaris | 2.5.1 |
| hp | hp-ux | 11.00 |
| freebsd | freebsd | 2.1.7.1 |
| digital | unix | 4.0 |
| ibm | aix | 3.2.4 |
An SNMP community name is the default (e.g. public), null, or missing.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | sunos | 5.0 |
| hp | hp-ux | 10 |
| hp | hp-ux | 11.00 |
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,NVD-CWE-noinfo,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | - |
| hp | tru64 | - |
| sgi | irix | - |
| apple | mac_os_x | - |
| ibm | aix | - |
| apple | macos | - |
| oracle | solaris | - |
| cisco | ios | - |
| sco | sco_unix | - |
| novell | netware | - |
| ibm | os2 | - |
| microsoft | windows | - |
| windriver | bsdos | - |
| hp | hp-ux | - |
HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openmail | 5.10 |
| hp | openmail | 4.1 |
| hp | openmail | 5.1 |
Denial of service in Sendmail 8.8.6 in HPUX.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sendmail | 8.8.6 |
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | * |
| hp | hp-ux | 10.24 |
Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.24 |
| hp | hp-ux | 11.00 |
HP CDE program includes the current directory in root's PATH variable.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10 |
| cde | cde | * |
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | 7 |
| hp | hp-ux | 10 |
| ibm | aix | 4 |
| hp | hp-ux | 11 |
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | solaris | 2.5 |
| sun | sunos | 5.5.1 |
| hp | hp-ux | 10.24 |
| sun | sunos | 5.5 |
| sun | sunos | 5.3 |
| sun | sunos | 5.4 |
| sun | sunos | 4.1.3 |
| hp | hp-ux | 11.00 |
| sun | solaris | 2.6 |
The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | visualize_conference_ftp | * |
| hp | hp-ux | 10.20 |
Denial of service in HP-UX SharedX recserv program.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
HP Secure Web Console uses weak encryption.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | secure_web_console | * |
HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9.05 |
| hp | hp-ux | 9.04 |
Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | 10 |
HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | vvos | * |
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetdirect | * |
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetdirect | * |
Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | * |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | 10 |
| hp | hp-ux | * |
Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | apollo_domain_os | * |
| hp | apollo_domain_os | sr10.2 |
HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | 10 |
Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4994 and PHSS_5438.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mpe_ix | 5.0 |
| hp | mpe_ix | * |
| hp | hp-ux | * |
Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | * |
Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 8 |
| hp | hp-ux | * |
Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | 10 |
Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | * |
Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 9000 | 800 |
nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.00 |
Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.30 |
Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
| hp | hp-ux | 8 |
| hp | hp-ux | * |
HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9.00 |
| hp | hp-ux | 9.01 |
Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9 |
Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 8.00 |
| hp | hp-ux | * |
| hp | hp-ux | 8.06 |
| hp | hp-ux | 8.02 |
movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.20 |
Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.20 |
Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.20 |
Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows local users to bypass authentication and gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.20 |
VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for attackers to conduct brute force password guessing.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-307,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| dec | dec_openvms_vax | 5.3 |
| hp | openvms_vax | * |
| dec | dec_openvms_vax | 5.5.2 |
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 9.05 |
| ibm | aix | 4.1.5 |
| ibm | aix | 4.1 |
| ibm | aix | 4.1.1 |
| ibm | aix | 4.1.3 |
| ibm | aix | 4.1.4 |
| ibm | aix | 4.1.2 |
| hp | hp-ux | 10.20 |
HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetadmin | rev._d.01.09 |
Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk().
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | apollo_domain_os | * |
Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.30 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
HP-UX aserver program allows local users to gain privileges via a symlink attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 7.06 |
| hp | hp-ux | 7.08 |
| hp | hp-ux | 10.16 |
| hp | hp-ux | 8.04 |
| hp | hp-ux | 9.00 |
| hp | hp-ux | 10.30 |
| hp | hp-ux | 7.04 |
| hp | hp-ux | 9.09 |
| hp | hp-ux | 9.04 |
| hp | hp-ux | 10.08 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 8.09 |
| hp | hp-ux | 8.01 |
| hp | hp-ux | 8.06 |
| hp | hp-ux | 9.03 |
| hp | hp-ux | 8.02 |
| hp | hp-ux | 10.20 |
| hp | hp-ux | 8.05 |
| hp | hp-ux | 10.01 |
| hp | hp-ux | 9.05 |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 7.02 |
| hp | aserver | * |
| hp | hp-ux | 10.09 |
| hp | hp-ux | 9.07 |
| hp | hp-ux | 10.34 |
| hp | hp-ux | 8.08 |
| hp | hp-ux | 9.01 |
| hp | hp-ux | 7.00 |
| hp | 9000 | 7_800 |
| hp | hp-ux | 9.06 |
| hp | hp-ux | 8.00 |
| hp | hp-ux | 9.10 |
| hp | hp-ux | 8.07 |
| hp | hp-ux | 9.08 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.00 |
The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10 |
| hp | hp-ux | 11 |
The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10 |
| hp | hp-ux | 11 |
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10 |
| hp | hp-ux | 11 |
The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.30 |
| hp | hp-ux | 11.00 |
HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of connections to port 5555.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_omniback_ii | 3.0 |
| hp | openview_omniback_ii | 3.1 |
| hp | openview_omniback_ii | 2.55 |
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | vvos | 3.50 |
| hp | hp-ux | 11.4 |
Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.10 |
| hp | vvos | 10.24 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
| hp | vvos | 11.04 |
The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetadmin | 6.0 |
HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetadmin | 6.0 |
man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 6.1 |
The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain additional privileges via DBUTIL.PUB.SYS.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mpe_ix | 4.5 |
| hp | mpe_ix | 5.0 |
| hp | mpe_ix | 6.5 |
| hp | mpe_ix | 5.5 |
| hp | mpe_ix | 6.0 |
HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetdirect | j3111a_rev._g.07.02 |
| hp | jetdirect | rev._g.08.20 |
| hp | jetdirect | j3111a_rev._g.08.03 |
| hp | jetdirect | j3111a_rev._g.07.03 |
| hp | jetdirect | rev._h.08.05 |
| hp | jetdirect | rev._h.08.20 |
| hp | jetdirect | rev._g.08.04 |
| hp | jetdirect | j3111a_rev._a.08.06 |
| hp | jetdirect | j3111a_rev._g.07.17 |
| hp | jetdirect | j3111a_rev._g.05.35 |
Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 6.1 |
Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 6.1 |
Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization).
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | vvos | 10.24 |
| hp | vvos | 11.04 |
Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.00 |
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 9.05 |
| hp | hp-ux | 9.06 |
| hp | hp-ux | 9.00 |
| hp | hp-ux | 9.10 |
| hp | hp-ux | 9.09 |
| hp | hp-ux | 9.04 |
| hp | hp-ux | 9.07 |
| hp | hp-ux | 9.08 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 9.01 |
| hp | hp-ux | 10.20 |
Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.24 |
| hp | tru64 | 5.1 |
| hp | hp-ux | 10.10 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
| hp | hp-ux | 10.20 |
Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 4.11 |
| hp | openview_network_node_manager | 5.01 |
| hp | openview_network_node_manager | 6.1 |
Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, in the SNMP service (snmp.exe), aka the "Java SNMP MIB Browser Object ID parsing problem."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 4.11 |
| hp | openview_network_node_manager | 5.01 |
| hp | openview_network_node_manager | 6.1 |
Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetdirect | x.08.04 |
| hp | jetdirect | x.08.05 |
| hp | jetdirect | x.08.20 |
Buffer overflow in the Telnet service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetdirect | x.08.04 |
| hp | jetdirect | x.08.05 |
| hp | jetdirect | x.08.20 |
Buffer overflow in the LPD service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetdirect | x.08.04 |
| hp | jetdirect | x.08.05 |
| hp | jetdirect | x.08.20 |
Vulnerability in IP implementation of HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service (printer crash) via a malformed packet.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetdirect | x.08.04 |
| hp | jetdirect | x.08.05 |
| hp | jetdirect | x.08.20 |
Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
| hp | hp-ux | 10.20 |
registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.20 |
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| caldera | openlinux_edesktop | 2.4 |
| conectiva | linux | 4.2 |
| conectiva | linux | 5.0 |
| mandrakesoft | mandrake_linux | 6.0 |
| caldera | openlinux | * |
| suse | suse_linux | 7.0 |
| redhat | linux | 6.2 |
| conectiva | linux | 5.1 |
| redhat | linux | 6.0 |
| redhat | linux | 5.2 |
| hp | hp-ux | 11.11 |
| conectiva | linux | 4.1 |
| mandrakesoft | mandrake_linux | 7.0 |
| redhat | linux | 6.1 |
| redhat | linux | 6.2e |
| mandrakesoft | mandrake_linux | 7.2 |
| immunix | immunix | 6.2 |
| mandrakesoft | mandrake_linux | 7.1 |
| mandrakesoft | mandrake_linux | 6.1 |
| caldera | openlinux_eserver | 2.3 |
| conectiva | linux | 4.0 |
| conectiva | linux | 4.0es |
Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via a symlink attack on the tool_stat.txt log file.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_tools_manager | a.22.00 |
Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to cause a denial of service and possibly execute arbitrary commands.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10 |
| hp | hp-ux | 11 |
Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-131,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sgi | irix | 6.5.2 |
| sgi | irix | 6.5.1 |
| sgi | irix | 6.5 |
| hp | hp-ux | 11.00 |
Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-131,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | solaris | 8 |
| sgi | irix | * |
| hp | hp-ux | 11.00 |
Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mpe_ix | 5.5 |
Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mpe_ix | * |
Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
| hp | omniback_ii | a.03.50 |
Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.26 |
| hp | hp-ux | 10.20 |
Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 5.01 |
| ibm | tivoli_netview | 6.0 |
| ibm | tivoli_netview | 5.0 |
| hp | openview_network_node_manager | 6.1 |
Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | iplanet_web_server | 4.1 |
| hp | virtualvault | 4.0 |
asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
HP architected interface facility (AIF) as includes with MPE/iX 5.5 through 6.5 running on a HP3000 allows an attacker to gain additional privileges and gain access to databases via the AIF - AIFCHANGELOGON program.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mpe | * |
HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 6.1 |
Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.10 |
| hp | hp-ux | * |
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | sunos | 5.1 |
| sun | sunos | 5.0 |
| hp | hp-ux | 11.0.4 |
| sun | solaris | 2.4 |
| sco | openserver | 5.0.3 |
| sgi | irix | 3.3 |
| sun | sunos | 5.7 |
| sgi | irix | 3.3.3 |
| sco | openserver | 5.0.2 |
| sun | sunos | 5.5.1 |
| sco | openserver | 5.0.6 |
| hp | hp-ux | 10.10 |
| sco | openserver | 5.0 |
| sgi | irix | 3.3.1 |
| sun | sunos | 5.4 |
| sco | openserver | 5.0.4 |
| sco | openserver | 5.0.1 |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
| sco | openserver | 5.0.6a |
| ibm | aix | 5.1 |
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.24 |
| sco | openserver | 5.0.5 |
| sun | sunos | - |
| sgi | irix | 3.3.2 |
| sun | sunos | 5.5 |
| ibm | aix | 4.3.3 |
| sun | sunos | 5.8 |
| sun | solaris | 2.5 |
| ibm | aix | 4.3.1 |
| ibm | aix | 4.3.2 |
| hp | hp-ux | 11.11 |
| sun | solaris | 7.0 |
| sun | solaris | 8.0 |
| ibm | aix | 4.3 |
| sun | sunos | 5.3 |
| sun | solaris | 2.5.1 |
| hp | hp-ux | 11.00 |
| sun | sunos | 5.2 |
| hp | hp-ux | 10.00 |
| sgi | irix | 3.2 |
Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment variables.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | process_resource_manager | * |
login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.26 |
Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | cifs-9000_server | * |
The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetadmin | 5.5.177 |
| hp | jetadmin | 6.0 |
| hp | jetadmin | 4.0 |
| hp | jetadmin | 5.6 |
| hp | jetadmin | 4.1.2 |
| hp | jetadmin | 6.1 |
| hp | jetadmin | 5.1 |
| hp | jetadmin | 5.5 |
| hp | jetadmin | 6.2 |
HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetadmin | 5.5.177 |
| hp | jetadmin | 6.0 |
| hp | jetadmin | 4.0 |
| hp | jetadmin | 5.6 |
| hp | jetadmin | 4.1.2 |
| hp | jetadmin | 6.1 |
| hp | jetadmin | 5.1 |
| hp | jetadmin | 5.5 |
| hp | jetadmin | 6.2 |
Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP OpenView allows a local user to execute arbitrary code, possibly via a buffer overflow in a long hostname or object ID.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 5.01 |
| hp | openview_network_node_manager | 6.2 |
| hp | openview_network_node_manager | 6.1 |
rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.00 |
The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to cause a denial of service.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.04 |
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samba | samba | 2.0.5 |
| samba | samba | 2.0.6 |
| samba | samba | 2.0.9 |
| samba | samba | 2.0.8 |
| hp | cifs-9000_server | a.01.06 |
| samba | samba | 2.0.7 |
| hp | cifs-9000_server | a.01.05 |
| samba | samba | 2.2.0 |
Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| microsoft | windows_2000 | * |
| openbsd | openbsd | 2.9 |
| linux | linux_kernel | 2.4.3 |
| hp | hp-ux | 11.0.4 |
| netbsd | netbsd | 1.5.1 |
| openbsd | openbsd | 2.8 |
| netbsd | netbsd | 1.5 |
| sun | sunos | 5.7 |
| hp | vvos | 11.04 |
| linux | linux_kernel | 2.4.5 |
| sun | sunos | 5.8 |
| sun | sunos | 5.5.1 |
| hp | hp-ux | 11.11 |
| linux | linux_kernel | 2.4.0 |
| linux | linux_kernel | 2.4.1 |
| microsoft | windows_nt | 4.0 |
| linux | linux_kernel | 2.4.2 |
| hp | hp-ux | 11.00 |
| linux | linux_kernel | 2.4.4 |
| freebsd | freebsd | 4.3 |
kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the (1) /tmp/.kmmodreg_lock and (2) /tmp/kmpath.tmp temporary files.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.00 |
Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | vvos | 4.5 |
| hp | hp-ux | 11.04 |
| hp | vvos | 4.0 |
Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 and Series 800 allows local users to cause a denial of service ("system availability") via text editors such as (1) e, (2) ex, (3) vi, (4) edit, (5) view, and (6) vedit.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | secure_os | 1.0 |
geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.20 |
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | secure_os | 1.0 |
| apache | tomcat | 3.2.1 |
setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | jre | 1.1.8 |
| sun | sdk | 1.3.1_01a |
| microsoft | virtual_machine | 3802 |
| sun | sdk | 1.3.1_01 |
| sun | jre | 1.2.2 |
| sun | jre | 1.3.0 |
| hp | java_jre-jdk | 1.2.2 |
| sun | sdk | 1.3_05 |
| sun | sdk | 1.2.2_10 |
| hp | java_jre-jdk | 1.1.8 |
| sun | sdk | 1.2.2_010 |
| sun | jre | 1.3.1 |
| sun | jdk | 1.1.8 |
| hp | java_jre-jdk | 1.3 |
Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | advancestack_10base-t_switching_hub_j3202a | a.03.07 |
| hp | advancestack_10base-t_switching_hub_j3205a | a.03.07 |
| hp | advancestack_10base-t_switching_hub_j3203a | a.03.07 |
| hp | advancestack_10base-t_switching_hub_j3201a | a.03.07 |
| hp | advancestack_10base-t_switching_hub_j3204a | a.03.07 |
| hp | advancestack_10base-t_switching_hub_j3210a | a.03.07 |
| hp | advancestack_10base-t_switching_hub_j3200a | a.03.07 |
The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_switch_4000m | c.09.09 |
| hp | procurve_switch_4000m | c.08.22 |
HP Photosmart printer driver for Mac OS X installs the hp_imaging_connectivity program and the hp_imaging_connectivity.app directory with world-writable permissions, which allows local users to gain privileges of other Photosmart users by replacing hp_imaging_connectivity with a Trojan horse.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | photosmart_print_driver | 1.2.1 |
Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.0.4 |
| hp | hp-ux | 11.00 |
Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a denial of service (system failure with "SA1457 out of i_port_timeout.fix_up_message_frame") via malformed IP packets.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mpe_ix | 6.5 |
| hp | mpe_ix | 6.0 |
| hp | mpe_ix | 7.0 |
Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properly validate certain FTP commands, which allows attackers to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mpe_ix | 6.5 |
| hp | mpe_ix | 6.0 |
| hp | mpe_ix | 7.0 |
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mandrakesoft | mandrake_single_network_firewall | 7.2 |
| redhat | linux | 6.2 |
| mandrakesoft | mandrake_linux | 8.2 |
| redhat | linux | 6.0 |
| redhat | linux | 7.0 |
| mandrakesoft | mandrake_linux | 8.1 |
| mandrakesoft | mandrake_linux | 7.0 |
| redhat | linux | 6.1 |
| redhat | linux | 7.1 |
| mandrakesoft | mandrake_linux | 7.2 |
| mandrakesoft | mandrake_linux | 7.1 |
| hp | secure_os | 1.0 |
| mandrakesoft | mandrake_linux_corporate_server | 1.0.1 |
| redhat | linux | 7.3 |
| redhat | linux | 7.2 |
| mandrakesoft | mandrake_linux | 8.0 |
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sgi | irix | 6.2 |
| compaq | tru64 | 4.0f |
| caldera | unixware | 7.1.1 |
| sgi | irix | 5.3 |
| sgi | irix | 6.0 |
| sun | sunos | 5.7 |
| sgi | irix | 6.5.9 |
| sgi | irix | 6.5.5 |
| sun | sunos | 5.5.1 |
| hp | hp-ux | 10.10 |
| sgi | irix | 6.5.6 |
| xi_graphics | dextop | 2.1 |
| sgi | irix | 6.1 |
| sgi | irix | 6.5.12 |
| sgi | irix | 6.5.14 |
| compaq | tru64 | 5.1a |
| sgi | irix | 6.5.11 |
| caldera | openunix | 8.0 |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
| ibm | aix | 5.1 |
| caldera | unixware | 7.1_.0 |
| hp | hp-ux | 10.24 |
| sgi | irix | 6.5.2 |
| caldera | unixware | 7 |
| compaq | tru64 | 5.0a |
| sgi | irix | 6.5.3 |
| ibm | aix | 4.3.3 |
| sgi | irix | 6.4 |
| sgi | irix | 6.5 |
| compaq | tru64 | 5.1 |
| sgi | irix | 6.5.8 |
| sgi | irix | 6.5.15 |
| sun | sunos | 5.8 |
| sgi | irix | 6.0.1 |
| sgi | irix | 5.2 |
| hp | hp-ux | 11.11 |
| compaq | tru64 | 4.0g |
| sgi | irix | 6.5.16 |
| sgi | irix | 6.5.10 |
| sgi | irix | 6.3 |
| sgi | irix | 6.5.1 |
| sgi | irix | 6.5.4 |
| sgi | irix | 6.5.7 |
| hp | hp-ux | 11.00 |
| sgi | irix | 6.5.13 |
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sgi | irix | 6.2 |
| compaq | tru64 | 4.0f |
| caldera | unixware | 7.1.1 |
| sgi | irix | 5.3 |
| sgi | irix | 6.0 |
| sun | sunos | 5.7 |
| sgi | irix | 6.5.9 |
| sgi | irix | 6.5.5 |
| caldera | unixware | 7.0 |
| sun | sunos | 5.5.1 |
| sun | solaris | 9.0 |
| hp | hp-ux | 10.10 |
| sgi | irix | 6.5.6 |
| xi_graphics | dextop | 2.1 |
| sgi | irix | 6.1 |
| sgi | irix | 6.5.12 |
| sgi | irix | 6.5.14 |
| compaq | tru64 | 5.1a |
| sgi | irix | 6.5.11 |
| caldera | openunix | 8.0 |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
| ibm | aix | 5.1 |
| hp | hp-ux | 10.24 |
| sgi | irix | 6.5.2 |
| compaq | tru64 | 5.0a |
| sgi | irix | 6.5.3 |
| ibm | aix | 4.3.3 |
| sgi | irix | 6.4 |
| sgi | irix | 6.5 |
| compaq | tru64 | 5.1 |
| sgi | irix | 6.5.8 |
| sgi | irix | 6.5.15 |
| sun | sunos | 5.8 |
| sgi | irix | 6.0.1 |
| sgi | irix | 5.2 |
| hp | hp-ux | 11.11 |
| compaq | tru64 | 4.0g |
| sgi | irix | 6.5.16 |
| sgi | irix | 6.5.10 |
| sgi | irix | 6.3 |
| sgi | irix | 6.5.1 |
| sgi | irix | 6.5.4 |
| sgi | irix | 6.5.7 |
| hp | hp-ux | 11.00 |
| caldera | unixware | 7.1.0 |
| sgi | irix | 6.5.13 |
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ibm | aix | 5.1 |
| hp | hp-ux | 10.24 |
| compaq | tru64 | 4.0f |
| caldera | unixware | 7.1.1 |
| compaq | tru64 | 5.0a |
| ibm | aix | 4.3.3 |
| sun | sunos | 5.7 |
| compaq | tru64 | 5.1 |
| sun | sunos | 5.8 |
| caldera | unixware | 7.0 |
| sun | sunos | 5.5.1 |
| sun | solaris | 9.0 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.11 |
| compaq | tru64 | 4.0g |
| xi_graphics | dextop | 2.1 |
| compaq | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| caldera | openunix | 8.0 |
| caldera | unixware | 7.1.0 |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
Unknown vulnerability in Cluster Interconnect for HP TruCluster Server 5.0A, 5.1, and 5.1A may allow local and remote attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | trucluster_server | 5.0a |
| hp | trucluster_server | 5.1 |
| hp | trucluster_server | 5.1a |
Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the server.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | virtualvault | 4.5 |
Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| caldera | openlinux_server | 3.1.1 |
| redhat | pre-execution_environment | 0.1 |
| caldera | openlinux_workstation | 3.1 |
| caldera | openlinux_server | 3.1 |
| hp | secure_os | 1.0 |
| caldera | openlinux_workstation | 3.1.1 |
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mandrakesoft | mandrake_linux | 9.0 |
| redhat | linux | 6.2 |
| mandrakesoft | mandrake_linux | 8.2 |
| redhat | linux | 7.0 |
| mandrakesoft | mandrake_linux | 8.1 |
| redhat | linux | 8.0 |
| redhat | linux | 7.1 |
| mandrakesoft | mandrake_linux | 7.2 |
| hp | secure_os | 1.0 |
| redhat | linux | 7.3 |
| redhat | linux | 7.2 |
| mandrakesoft | mandrake_linux | 8.0 |
Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | cifs-9000_server | a.01.06 |
| hp | cifs-9000_server | a.01.05 |
Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instant_support | * |
HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetdirect | j3111a_rev._g.08.03 |
| hp | jetdirect | x.08.04 |
| hp | jetdirect | x.20.00 |
| hp | jetdirect | j3111a_rev._a.08.06 |
| hp | jetdirect | j3111a_rev._g.07.17 |
| hp | jetdirect | j3111a_rev._g.05.35 |
| hp | jetdirect | j3111a_rev._g.07.02 |
| hp | jetdirect | x.08.00 |
| hp | jetdirect | x.21.00 |
| hp | jetdirect | j3111a_rev._g.07.03 |
| hp | jetdirect | x.08.05 |
| hp | jetdirect | x.08.20 |
| hp | jetdirect | x.08.32 |
Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows local users to read privileged files.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | webes_service_tools | 2.0 |
| hp | webes_service_tools | 4.0 |
| hp | webes_service_tools | 3.1 |
The HTTP administration interface for HP Procurve 4000M Switch firmware before C.09.16, with stacking features and remote administration enabled, does not authenticate requests to reset the device, which allows remote attackers to cause a denial of service via a direct request to the device_reset CGI program.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_switch_4000m | * |
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | linux | 7.0 |
| debian | debian_linux | 2.2 |
| redhat | linux | 7.1 |
| debian | debian_linux | 3.0 |
| hp | secure_os | 1.0 |
| redhat | linux | 7.3 |
| redhat | linux | 7.2 |
| redhat | linux | 6.2 |
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | sunos | 5.7 |
| sgi | irix | 6.5.9 |
| xfree86_project | x11r6 | 3.3.5 |
| xfree86_project | x11r6 | 3.3.4 |
| sgi | irix | 6.5.5 |
| sun | sunos | 5.5.1 |
| sun | solaris | 9.0 |
| hp | hp-ux | 10.10 |
| sgi | irix | 6.5.6 |
| xfree86_project | x11r6 | 3.3.3 |
| sgi | irix | 6.5.12 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| sgi | irix | 6.5.11 |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
| hp | hp-ux | 10.24 |
| sun | sunos | - |
| sgi | irix | 6.5.2 |
| sgi | irix | 6.5.3 |
| sgi | irix | 6.5 |
| sgi | irix | 6.5.8 |
| sun | sunos | 5.8 |
| hp | hp-ux | 11.11 |
| sun | solaris | 7.0 |
| xfree86_project | x11r6 | 3.3 |
| xfree86_project | x11r6 | 3.3.2 |
| sgi | irix | 6.5.10 |
| sgi | irix | 6.5.1 |
| sgi | irix | 6.5.4 |
| sun | solaris | 8.0 |
| sgi | irix | 6.5.7 |
| sun | solaris | 2.5.1 |
| hp | hp-ux | 11.00 |
| sgi | irix | 6.5.13 |
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sgi | irix | 6.5.17 |
| sgi | irix | 6.5.9 |
| sgi | irix | 6.5.5 |
| sgi | irix | 6.5.18 |
| sgi | irix | 6.5.6 |
| samba | samba | 2.2.4 |
| hp | cifs-9000_server | a.01.09 |
| sgi | irix | 6.5.12 |
| sgi | irix | 6.5.14 |
| sgi | irix | 6.5.11 |
| sgi | irix | 6.5.2 |
| sgi | irix | 6.5.3 |
| samba | samba | 2.2.6 |
| hp | cifs-9000_server | a.01.08.01 |
| sgi | irix | 6.5 |
| samba | samba | 2.2.5 |
| sgi | irix | 6.5.8 |
| sgi | irix | 6.5.15 |
| samba | samba | 2.2.2 |
| sgi | irix | 6.5.16 |
| sgi | irix | 6.5.10 |
| sgi | irix | 6.5.1 |
| sgi | irix | 6.5.4 |
| hp | cifs-9000_server | a.01.08 |
| sgi | irix | 6.5.7 |
| samba | samba | 2.2.3 |
| sgi | irix | 6.5.13 |
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | solaris | 8 |
| oracle | solaris | 7.0 |
| hp | hp-ux | 11.0.4 |
| windriver | bsdos | 5.0 |
| sun | sunos | 5.7 |
| netbsd | netbsd | 1.5.2 |
| hp | hp-ux | 10.10 |
| hp | alphaserver_sc | * |
| gentoo | linux | 1.4 |
| windriver | platform_sa | 1.0 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 10.20 |
| sun | sunos | - |
| oracle | solaris | 9 |
| netbsd | netbsd | 1.6 |
| netbsd | netbsd | 1.5.1 |
| netbsd | netbsd | 1.5 |
| oracle | solaris | 2.6 |
| sun | sunos | 5.8 |
| sendmail | sendmail | * |
| windriver | bsdos | 4.2 |
| windriver | bsdos | 4.3.1 |
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| netbsd | netbsd | 1.5.3 |
Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.04 |
Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_emanate_snmp_agent | 14.2 |
| hp | vvos | 11.04 |
ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.00 |
HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_switch_4000m | c.07.23 |
Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | virtualvault | 4.5 |
| hp | virtualvault | 4.0 |
| hp | virtualvault | 4.6 |
| hp | vvos | 11.04 |
Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Unknown vulnerability or vulnerabilities in TCP/IP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to "take over packets destined for another host" and cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | tru64 | 5.1a |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 5.1af |
| hp | tru64 | 4.0g |
Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1b_pk2_bl22 |
JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jfs | 3.1 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.0.4 |
| hp | hp-ux_series_800 | 10.20 |
| hp | hp-ux | 11.00 |
| hp | hp-ux_series_700 | 10.20 |
Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a denial of service via unknown attack vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | tru64 | 4.0f |
| hp | tru64 | 5.0a |
| hp | tru64 | 4.0g |
| hp | tru64 | 5.1a |
HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | virtualvault | 4.5 |
| hp | virtualvault | 4.6 |
| hp | vvos | 11.04 |
Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ldap-ux_integration | b.02.00 |
| hp | hp-ux | 11.11 |
| hp | ldap-ux_integration | b.03.00 |
| hp | hp-ux | 11.00 |
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-347,CWE-347,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | chaivm_ezloader | - |
ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 8150 does not properly enforce access control restrictions, which could allow local users to add, delete, or modify any services hosted by the ChaiServer.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | chaivm | * |
HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | application_server | 8.0 |
HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | praesidium_webproxy | 1.0 |
RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | advanced_server_9000 | b.04.07 |
| hp | advanced_server_9000 | b.04.05 |
| hp | advanced_server_9000 | b.04.09 |
| hp | advanced_server_9000 | b.04.06 |
| hp | advanced_server_9000 | b.04.08 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.24 |
| hp | hp-ux | 11.11i |
| hp | hp-ux | 10.30 |
| hp | hp-ux | 11.0.4 |
| hp | hp-ux | 10 |
| hp | hp-ux | 10.09 |
| hp | hp-ux | 10.08 |
| hp | hp-ux | 10.34 |
| hp | hp-ux | 10.03 |
| hp | hp-ux | 11 |
| hp | hp-ux | 11.11 |
| hp | hp-ux | 10.26 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-16,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | visualize_conference_ftp | b.11.00.11 |
Unspecified vulnerability in Internet Group Management Protocol (IGMP) of HP Tru64 4.0F through 5.1A allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: this might be the same issue as CVE-2002-2185, but there are insufficient details to be certain.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | secure_web_server_for_tru64 | 5.1 |
| hp | secure_web_server_for_tru64 | 4.0 |
| hp | secure_web_server_for_tru64 | 5.0 |
Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cray | unicos | 8.3 |
| cray | unicos | 6.0 |
| sgi | irix | 6.5.6f |
| openafs | openafs | 1.3 |
| gnu | glibc | 2.1.3 |
| sgi | irix | 6.5.13m |
| openbsd | openbsd | 2.1 |
| sgi | irix | 6.5.5 |
| sgi | irix | 6.5.17m |
| sun | solaris | 9.0 |
| gnu | glibc | 2.1.2 |
| sgi | irix | 6.5.6 |
| freebsd | freebsd | 4.7 |
| sgi | irix | 6.5.4f |
| sgi | irix | 6.5.2m |
| sgi | irix | 6.5.14 |
| sgi | irix | 6.5.20 |
| sgi | irix | 6.5.6m |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
| freebsd | freebsd | 4.6 |
| openafs | openafs | 1.2.2a |
| ibm | aix | 5.1 |
| sgi | irix | 6.5.11f |
| sgi | irix | 6.5.5f |
| gnu | glibc | 2.1.1 |
| sun | sunos | - |
| sgi | irix | 6.5.3 |
| ibm | aix | 4.3.3 |
| mit | kerberos_5 | 1.2.4 |
| sgi | irix | 6.5.8 |
| hp | hp-ux | 11.11 |
| sun | solaris | 7.0 |
| sgi | irix | 6.5.4 |
| sgi | irix | 6.5.8f |
| sgi | irix | 6.5.12f |
| freebsd | freebsd | 4.1 |
| openafs | openafs | 1.2.2b |
| freebsd | freebsd | 4.3 |
| gnu | glibc | 2.2.4 |
| gnu | glibc | 2.2 |
| openbsd | openbsd | 2.6 |
| mit | kerberos_5 | 1.2.3 |
| openafs | openafs | 1.1.1a |
| sgi | irix | 6.5.16f |
| sgi | irix | 6.5.9m |
| sgi | irix | 6.5.10m |
| sgi | irix | 6.5.9 |
| sgi | irix | 6.5.4m |
| sgi | irix | 6.5.18 |
| sun | sunos | 5.5.1 |
| mit | kerberos_5 | 1.2.6 |
| sgi | irix | 6.5.15f |
| openafs | openafs | 1.2.3 |
| freebsd | freebsd | 4.5 |
| mit | kerberos_5 | 1.2.7 |
| cray | unicos | 9.0.2.5 |
| openafs | openafs | 1.3.2 |
| sgi | irix | 6.5.11 |
| freebsd | freebsd | 4.2 |
| sgi | irix | 6.5.11m |
| openbsd | openbsd | 3.0 |
| openafs | openafs | 1.1 |
| hp | hp-ux | 10.24 |
| sgi | irix | 6.5.18m |
| freebsd | freebsd | 4.0 |
| sgi | irix | 6.5.2f |
| sgi | irix | 6.5 |
| sgi | irix | 6.5.3m |
| sgi | irix | 6.5.15 |
| sgi | irix | 6.5.19 |
| sgi | irix | 6.5.10f |
| sgi | irix | 6.5.16 |
| mit | kerberos_5 | 1.2.2 |
| openbsd | openbsd | 3.1 |
| hp | hp-ux_series_800 | 10.20 |
| sun | solaris | 8.0 |
| openafs | openafs | 1.2 |
| hp | hp-ux | 11.00 |
| openbsd | openbsd | 2.4 |
| hp | hp-ux | 11.20 |
| sgi | irix | 6.5.13 |
| openafs | openafs | 1.0.4 |
| openbsd | openbsd | 2.2 |
| openbsd | openbsd | 2.0 |
| sgi | irix | 6.5.7f |
| openbsd | openbsd | 2.8 |
| sgi | irix | 6.5.18f |
| hp | hp-ux_series_700 | 10.20 |
| freebsd | freebsd | 5.0 |
| sgi | irix | 6.5.5m |
| sgi | irix | 6.5.8m |
| openafs | openafs | 1.2.5 |
| sgi | irix | 6.5.14m |
| gnu | glibc | 2.2.3 |
| openafs | openafs | 1.2.2 |
| gnu | glibc | 2.2.2 |
| hp | hp-ux | 11.22 |
| gnu | glibc | 2.3.2 |
| mit | kerberos_5 | 1.2.5 |
| cray | unicos | 9.2.4 |
| freebsd | freebsd | 4.1.1 |
| openafs | openafs | 1.3.1 |
| sgi | irix | 6.5.2 |
| sgi | irix | 6.5.9f |
| sgi | irix | 6.5.13f |
| gnu | glibc | 2.1 |
| gnu | glibc | 2.2.5 |
| cray | unicos | 6.1 |
| sgi | irix | 6.5.3f |
| sgi | irix | 6.5.10 |
| sgi | irix | 6.5.1 |
| openbsd | openbsd | 2.5 |
| openafs | openafs | 1.0.4a |
| freebsd | freebsd | 4.4 |
| sun | solaris | 2.5.1 |
| cray | unicos | 9.2 |
| openafs | openafs | 1.0 |
| sgi | irix | 6.5.17 |
| cray | unicos | 9.0 |
| openafs | openafs | 1.0.3 |
| sgi | irix | 6.5.15m |
| mit | kerberos_5 | 1.2.1 |
| sun | sunos | 5.7 |
| sgi | irix | 6.5.12m |
| sgi | irix | 6.5.14f |
| sgi | irix | 6.5.7m |
| gnu | glibc | 2.3 |
| cray | unicos | 6.0e |
| openafs | openafs | 1.0.1 |
| sgi | irix | 6.5.12 |
| hp | hp-ux | 11.04 |
| openafs | openafs | 1.2.6 |
| openbsd | openbsd | 2.3 |
| cray | unicos | 8.0 |
| openbsd | openbsd | 2.9 |
| gnu | glibc | 2.3.1 |
| openafs | openafs | 1.2.4 |
| openafs | openafs | 1.0.2 |
| openbsd | openbsd | 3.2 |
| sun | sunos | 5.8 |
| openbsd | openbsd | 2.7 |
| openafs | openafs | 1.1.1 |
| gnu | glibc | 2.2.1 |
| sgi | irix | 6.5.17f |
| openafs | openafs | 1.2.1 |
| sgi | irix | 6.5.16m |
| ibm | aix | 5.2 |
| sgi | irix | 6.5.7 |
| cray | unicos | 7.0 |
| freebsd | freebsd | 4.6.2 |
| mit | kerberos_5 | 1.2 |
Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.20 |
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sgi | irix | 5.1 |
| sgi | irix | 6.5.6f |
| sgi | irix | 6.5.7f |
| sgi | irix | 5.3 |
| sgi | irix | 6.5.18f |
| sgi | irix | 5.1.1 |
| sgi | irix | 6.5.13m |
| sgi | irix | 6.5.5 |
| sgi | irix | 6.5.17m |
| sun | solaris | 9.0 |
| sgi | irix | 6.5.6 |
| sgi | irix | 6.5.5m |
| sgi | irix | 6.5.8m |
| sgi | irix | 6.5.4f |
| hp | hp-ux | 10.26 |
| sgi | irix | 6.5.14m |
| sgi | irix | 6.1 |
| sgi | irix | 6.5.2m |
| hp | hp-ux | 11.22 |
| sgi | irix | 6.5.14 |
| sgi | irix | 6.5.6m |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
| ibm | aix | 5.1 |
| sgi | irix | 6.5.11f |
| sgi | irix | 6.5.5f |
| sun | sunos | - |
| sgi | irix | 6.5.2 |
| sgi | irix | 6.5.9f |
| sgi | irix | 6.5.3 |
| ibm | aix | 4.3.3 |
| sgi | irix | 6.4 |
| sgi | irix | 6.5.8 |
| sgi | irix | 6.5.13f |
| sgi | irix | 5.2 |
| hp | hp-ux | 11.11 |
| sun | solaris | 7.0 |
| sgi | irix | 6.5.3f |
| sgi | irix | 6.5.10 |
| sgi | irix | 6.3 |
| sgi | irix | 6.5.1 |
| sgi | irix | 6.5.4 |
| sgi | irix | 6.5.8f |
| ibm | aix | 4.3 |
| sgi | irix | 6.5.12f |
| sun | solaris | 2.5.1 |
| sgi | irix | 6.2 |
| hp | hp-ux | 10.30 |
| sgi | irix | 6.5.17 |
| sgi | irix | 5.0 |
| sgi | irix | 6.5.16f |
| sgi | irix | 6.5.15m |
| sgi | irix | 6.5.9m |
| sgi | irix | 6.5.10m |
| sgi | irix | 6.0 |
| sun | sunos | 5.7 |
| sgi | irix | 6.5.12m |
| sgi | irix | 6.5.9 |
| sgi | irix | 6.5.14f |
| sgi | irix | 6.5.4m |
| sgi | irix | 6.5.18 |
| sun | sunos | 5.5.1 |
| sgi | irix | 6.5.7m |
| sgi | irix | 6.5.15f |
| sgi | irix | 5.0.1 |
| sgi | irix | 6.5.12 |
| hp | hp-ux | 11.04 |
| sgi | irix | 6.5.11 |
| sgi | irix | 6.5.11m |
| hp | hp-ux | 10.24 |
| sgi | irix | 6.5.18m |
| sgi | irix | 6.5.2f |
| hp | hp-ux | 10.34 |
| sgi | irix | 6.5 |
| sgi | irix | 6.5.3m |
| sgi | irix | 6.5.15 |
| sun | sunos | 5.8 |
| sgi | irix | 6.0.1 |
| sgi | irix | 6.5.10f |
| ibm | aix | 4.3.1 |
| ibm | aix | 4.3.2 |
| sgi | irix | 6.5.16 |
| sgi | irix | 6.5.17f |
| sun | solaris | 8.0 |
| sgi | irix | 6.5.16m |
| ibm | aix | 5.2 |
| sgi | irix | 6.5.7 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.20 |
| sgi | irix | 6.5.13 |
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samba | samba | 2.0.6 |
| samba | samba | 2.0.9 |
| samba | samba | 2.0.10 |
| samba | samba | 2.2.1a |
| samba | samba | 2.2.0 |
| samba | samba | 2.2.0a |
| samba | samba | 2.2.4 |
| samba | samba | 2.2.3a |
| hp | cifs-9000_server | a.01.09 |
| samba | samba | 2.2.7a |
| samba | samba | 2.0.8 |
| hp | cifs-9000_server | a.01.06 |
| samba | samba | 2.0.0 |
| samba | samba | 2.0.3 |
| hp | cifs-9000_server | a.01.09.01 |
| samba | samba | 2.0.5 |
| samba | samba | 2.2.7 |
| samba | samba | 2.2.6 |
| hp | cifs-9000_server | a.01.08.01 |
| samba | samba | 2.0.4 |
| samba | samba | 2.0.7 |
| samba | samba | 2.2.5 |
| samba | samba | 2.0.2 |
| samba | samba | 2.2.2 |
| hp | cifs-9000_server | a.01.08 |
| samba | samba | 2.2.3 |
| samba | samba | 2.0.1 |
| hp | cifs-9000_server | a.01.05 |
| hp | cifs-9000_server | a.01.07 |
Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| compaq | tru64 | 4.0d |
| compaq | tru64 | 4.0g_pk3_bl17 |
| sendmail | sendmail | 3.0.1 |
| sendmail | sendmail_switch | 2.1.1 |
| sun | solaris | 9.0 |
| sendmail | sendmail | 8.12.3 |
| sendmail | sendmail_switch | 2.1.3 |
| sendmail | sendmail_switch | 3.0.3 |
| sendmail | sendmail_switch | 2.1.2 |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
| sendmail | sendmail | 8.9.1 |
| compaq | tru64 | 5.0 |
| sun | sunos | - |
| sendmail | sendmail | 8.11.3 |
| sendmail | sendmail_switch | 2.2.5 |
| sendmail | sendmail | 8.12 |
| sendmail | sendmail | 8.11.1 |
| compaq | tru64 | 5.1_pk6_bl20 |
| compaq | tru64 | 5.1_pk5_bl19 |
| hp | hp-ux | 11.11 |
| compaq | tru64 | 5.1a_pk1_bl1 |
| sun | solaris | 7.0 |
| sendmail | sendmail_switch | 2.1.4 |
| sendmail | sendmail | 8.12.8 |
| hp | hp-ux | 11.0.4 |
| sendmail | sendmail | 8.11.2 |
| sendmail | sendmail_switch | 2.2.4 |
| sendmail | sendmail_switch | 3.0.1 |
| hp | hp-ux | 10.08 |
| sendmail | sendmail_switch | 3.0.2 |
| sun | sunos | 5.5.1 |
| sendmail | sendmail_switch | 2.1 |
| sendmail | sendmail | 8.10.1 |
| sendmail | sendmail | 8.12.7 |
| sendmail | sendmail | 8.12.6 |
| compaq | tru64 | 4.0f_pk7_bl18 |
| sendmail | sendmail | 8.9.3 |
| sendmail | sendmail | 8.10 |
| sendmail | sendmail_switch | 2.2.2 |
| sendmail | sendmail | 8.11.4 |
| hp | hp-ux | 10.24 |
| sendmail | sendmail | 8.12.0 |
| compaq | tru64 | 5.0_pk4_bl18 |
| hp | sis | * |
| sendmail | sendmail | 8.11.6 |
| sendmail | sendmail_switch | 2.2.1 |
| sendmail | sendmail | 8.9.2 |
| hp | hp-ux_series_800 | 10.20 |
| sun | solaris | 8.0 |
| sendmail | sendmail | 3.0.2 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.20 |
| hp | hp-ux | 10.00 |
| sendmail | sendmail | 2.6.1 |
| compaq | tru64 | 4.0f |
| hp | hp-ux | 10.16 |
| sun | solaris | 2.4 |
| compaq | tru64 | 5.1_pk3_bl17 |
| sendmail | sendmail_switch | 2.1.5 |
| hp | hp-ux_series_700 | 10.20 |
| hp | hp-ux | 10.26 |
| sendmail | sendmail | 2.6.2 |
| sendmail | sendmail | 3.0 |
| sendmail | sendmail | 3.0.3 |
| compaq | tru64 | 4.0d_pk9_bl17 |
| sun | sunos | 5.4 |
| hp | hp-ux | 11.22 |
| compaq | tru64 | 5.1a |
| sendmail | sendmail | 8.11.5 |
| hp | hp-ux | 10.01 |
| compaq | tru64 | 5.1b |
| compaq | tru64 | 5.0a |
| compaq | tru64 | 5.0f |
| compaq | tru64 | 5.1a_pk2_bl2 |
| compaq | tru64 | 5.1b_pk1_bl1 |
| sendmail | sendmail | 8.11.0 |
| compaq | tru64 | 4.0g |
| sendmail | sendmail | 8.9.0 |
| compaq | tru64 | 5.1a_pk3_bl3 |
| sun | solaris | 2.5.1 |
| hp | hp-ux | 10.30 |
| sendmail | sendmail | 8.12.2 |
| sun | sunos | 5.7 |
| sendmail | sendmail | 2.6 |
| hp | hp-ux | 10.10 |
| sendmail | sendmail_switch | 3.0 |
| compaq | tru64 | 4.0f_pk6_bl17 |
| compaq | tru64 | 5.0a_pk3_bl17 |
| sendmail | sendmail | 8.12.4 |
| compaq | tru64 | 4.0b |
| sendmail | sendmail | 8.10.2 |
| sendmail | sendmail | 8.12.5 |
| hp | hp-ux | 10.09 |
| sun | sunos | 5.5 |
| hp | hp-ux | 10.34 |
| compaq | tru64 | 5.1 |
| sun | sunos | 5.8 |
| compaq | tru64 | 5.1_pk4_bl18 |
| sun | solaris | 2.5 |
| compaq | tru64 | 5.0_pk4_bl17 |
| sendmail | sendmail_switch | 2.2.3 |
| sendmail | sendmail | 8.12.1 |
| sendmail | sendmail_switch | 2.2 |
hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instant_toptools | 5.04 |
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| compaq | tru64 | 4.0d |
| hp | cifs-9000_server | a.01.09.02 |
| compaq | tru64 | 4.0f |
| compaq | tru64 | 4.0g_pk3_bl17 |
| compaq | tru64 | 5.1_pk3_bl17 |
| samba | samba | 2.2.8 |
| samba | samba | 2.2.1a |
| sun | solaris | 9.0 |
| hp | cifs-9000_server | a.01.09 |
| samba | samba | 2.0.0 |
| compaq | tru64 | 4.0d_pk9_bl17 |
| hp | hp-ux | 11.22 |
| compaq | tru64 | 5.1a |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
| hp | cifs-9000_server | a.01.09.01 |
| compaq | tru64 | 5.0 |
| hp | hp-ux | 10.01 |
| samba | samba | 2.0.5 |
| sun | sunos | - |
| compaq | tru64 | 5.1b |
| compaq | tru64 | 5.0a |
| compaq | tru64 | 5.0f |
| samba | samba | 2.2.6 |
| compaq | tru64 | 5.1a_pk2_bl2 |
| compaq | tru64 | 5.1b_pk1_bl1 |
| samba | samba | 2.0.2 |
| compaq | tru64 | 5.1_pk6_bl20 |
| samba | samba | 2.2.2 |
| compaq | tru64 | 5.1_pk5_bl19 |
| hp | hp-ux | 11.11 |
| compaq | tru64 | 4.0g |
| compaq | tru64 | 5.1a_pk1_bl1 |
| sun | solaris | 7.0 |
| hp | cifs-9000_server | a.01.08 |
| compaq | tru64 | 5.1a_pk3_bl3 |
| sun | solaris | 2.5.1 |
| samba | samba | 2.0.6 |
| samba | samba | 2.0.9 |
| samba | samba | 2.0.10 |
| sun | sunos | 5.7 |
| samba | samba | 2.2.0 |
| sun | sunos | 5.5.1 |
| samba | samba | 2.2.0a |
| samba | samba | 2.2.4 |
| samba | samba | 2.2.3a |
| samba | samba | 2.2.7a |
| samba | samba | 2.0.8 |
| hp | cifs-9000_server | a.01.06 |
| samba | samba | 2.0.3 |
| hp | hp-ux | 11.04 |
| compaq | tru64 | 4.0f_pk6_bl17 |
| compaq | tru64 | 4.0f_pk7_bl18 |
| compaq | tru64 | 5.0a_pk3_bl17 |
| compaq | tru64 | 4.0b |
| hp | hp-ux | 10.24 |
| samba | samba | 2.2.7 |
| compaq | tru64 | 5.0_pk4_bl18 |
| hp | cifs-9000_server | a.01.08.01 |
| samba | samba | 2.0.4 |
| samba | samba | 2.0.7 |
| compaq | tru64 | 5.1 |
| samba | samba | 2.2.5 |
| sun | sunos | 5.8 |
| compaq | tru64 | 5.1_pk4_bl18 |
| compaq | tru64 | 5.0_pk4_bl17 |
| samba-tng | samba-tng | 0.3 |
| sun | solaris | 8.0 |
| samba | samba | 2.2.3 |
| samba | samba | 2.0.1 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.20 |
| hp | cifs-9000_server | a.01.05 |
| hp | cifs-9000_server | a.01.07 |
| samba-tng | samba-tng | 0.3.1 |
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| compaq | tru64 | 4.0d |
| hp | cifs-9000_server | a.01.09.02 |
| compaq | tru64 | 4.0f |
| compaq | tru64 | 4.0g_pk3_bl17 |
| compaq | tru64 | 5.1_pk3_bl17 |
| samba | samba | 2.2.8 |
| samba | samba | 2.2.1a |
| apple | mac_os_x | 10.2 |
| sun | solaris | 9.0 |
| hp | cifs-9000_server | a.01.09 |
| samba | samba | 2.0.0 |
| compaq | tru64 | 4.0d_pk9_bl17 |
| hp | hp-ux | 11.22 |
| compaq | tru64 | 5.1a |
| hp | hp-ux | 10.20 |
| sun | solaris | 2.6 |
| hp | cifs-9000_server | a.01.09.01 |
| compaq | tru64 | 5.0 |
| hp | hp-ux | 10.01 |
| samba | samba | 2.0.5 |
| sun | sunos | - |
| compaq | tru64 | 5.1b |
| compaq | tru64 | 5.0a |
| compaq | tru64 | 5.0f |
| samba | samba | 2.2.6 |
| compaq | tru64 | 5.1a_pk2_bl2 |
| compaq | tru64 | 5.1b_pk1_bl1 |
| samba | samba | 2.0.2 |
| compaq | tru64 | 5.1_pk6_bl20 |
| apple | mac_os_x | 10.2.3 |
| compaq | tru64 | 5.1_pk5_bl19 |
| hp | hp-ux | 11.11 |
| compaq | tru64 | 4.0g |
| compaq | tru64 | 5.1a_pk1_bl1 |
| sun | solaris | 7.0 |
| hp | cifs-9000_server | a.01.08 |
| compaq | tru64 | 5.1a_pk3_bl3 |
| sun | solaris | 2.5.1 |
| samba | samba | 2.0.6 |
| samba | samba | 2.0.9 |
| samba | samba | 2.0.10 |
| apple | mac_os_x | 10.2.4 |
| sun | sunos | 5.7 |
| samba | samba | 2.2.0 |
| sun | sunos | 5.5.1 |
| samba | samba | 2.2.0a |
| samba | samba | 2.2.4 |
| apple | mac_os_x | 10.2.1 |
| samba | samba | 2.2.3a |
| samba | samba | 2.2.7a |
| samba | samba | 2.0.8 |
| hp | cifs-9000_server | a.01.06 |
| samba | samba | 2.0.3 |
| hp | hp-ux | 11.04 |
| compaq | tru64 | 4.0f_pk6_bl17 |
| compaq | tru64 | 4.0f_pk7_bl18 |
| compaq | tru64 | 5.0a_pk3_bl17 |
| compaq | tru64 | 4.0b |
| apple | mac_os_x | 10.2.2 |
| hp | hp-ux | 10.24 |
| samba | samba | 2.2.7 |
| compaq | tru64 | 5.0_pk4_bl18 |
| hp | cifs-9000_server | a.01.08.01 |
| samba | samba | 2.0.4 |
| samba | samba | 2.0.7 |
| compaq | tru64 | 5.1 |
| samba | samba | 2.2.5 |
| sun | sunos | 5.8 |
| compaq | tru64 | 5.1_pk4_bl18 |
| compaq | tru64 | 5.0_pk4_bl17 |
| samba-tng | samba-tng | 0.3 |
| sun | solaris | 8.0 |
| samba | samba | 2.0.1 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.20 |
| hp | cifs-9000_server | a.01.05 |
| hp | cifs-9000_server | a.01.07 |
| samba-tng | samba-tng | 0.3.1 |
The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | * |
Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_seeview_server_gateway | d48.03 |
| hp | nonstop_seeview_server_gateway | g06.00 |
| hp | nonstop_seeview_server_gateway | d45.01 |
| hp | nonstop_seeview_server_gateway | g04.00 |
| hp | nonstop_seeview_server_gateway | g06.04 |
| hp | nonstop_seeview_server_gateway | g06.12 |
| hp | nonstop_seeview_server_gateway | d41.00 |
| hp | nonstop_seeview_server_gateway | g06.03 |
| hp | nonstop_seeview_server_gateway | g06.14 |
| hp | nonstop_seeview_server_gateway | g06.18 |
| hp | nonstop_seeview_server_gateway | d48.02 |
| hp | nonstop_seeview_server_gateway | g06.05 |
| hp | nonstop_seeview_server_gateway | g06.11 |
| hp | nonstop_seeview_server_gateway | g03.00 |
| hp | nonstop_seeview_server_gateway | g06.07 |
| hp | nonstop_seeview_server_gateway | d42.00 |
| hp | nonstop_seeview_server_gateway | d48.00 |
| hp | nonstop_seeview_server_gateway | d44.00 |
| hp | nonstop_seeview_server_gateway | d43.01 |
| hp | nonstop_seeview_server_gateway | d48.01 |
| hp | nonstop_seeview_server_gateway | g05.01 |
| hp | nonstop_seeview_server_gateway | g02.00 |
| hp | nonstop_seeview_server_gateway | g06.10 |
| hp | nonstop_seeview_server_gateway | g06.09 |
| hp | nonstop_seeview_server_gateway | g06.17 |
| hp | nonstop_seeview_server_gateway | g06.06 |
| hp | nonstop_seeview_server_gateway | g06.16 |
| hp | nonstop_seeview_server_gateway | g06.08 |
| hp | nonstop_seeview_server_gateway | d44.02 |
| hp | nonstop_seeview_server_gateway | d42.01 |
| hp | nonstop_seeview_server_gateway | g01.00 |
| hp | nonstop_seeview_server_gateway | g06.19 |
| hp | nonstop_seeview_server_gateway | g06.20 |
| hp | nonstop_seeview_server_gateway | d40.00 |
| hp | nonstop_seeview_server_gateway | d47.00 |
| hp | nonstop_seeview_server_gateway | d44.01 |
| hp | nonstop_seeview_server_gateway | d46.00 |
| hp | nonstop_seeview_server_gateway | g06.01 |
| hp | nonstop_seeview_server_gateway | d43.00 |
| hp | nonstop_seeview_server_gateway | d43.02 |
| hp | nonstop_seeview_server_gateway | d45.00 |
| hp | nonstop_seeview_server_gateway | g06.13 |
| hp | nonstop_seeview_server_gateway | g06.15 |
| hp | nonstop_seeview_server_gateway | g05.00 |
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sendmail | sendmail | 3.0.1 |
| apple | mac_os_x | 10.2.5 |
| sendmail | sendmail_switch | 2.1.1 |
| apple | mac_os_x | 10.2 |
| sendmail | sendmail | 8.12.3 |
| sendmail | sendmail_switch | 2.1.3 |
| sendmail | sendmail_switch | 3.0.3 |
| sendmail | sendmail_switch | 2.1.2 |
| turbolinux | turbolinux_server | 6.5 |
| apple | mac_os_x_server | 10.2.4 |
| ibm | aix | 5.1 |
| sendmail | sendmail | 8.9.1 |
| netbsd | netbsd | 1.6 |
| turbolinux | turbolinux_workstation | 8.0 |
| sendmail | sendmail | 8.11.3 |
| ibm | aix | 4.3.3 |
| sendmail | sendmail_switch | 2.2.5 |
| sendmail | sendmail | 8.12 |
| sendmail | sendmail | 8.11.1 |
| apple | mac_os_x | 10.2.3 |
| hp | hp-ux | 11.11 |
| sendmail | sendmail_pro | 8.9.2 |
| sendmail | sendmail_switch | 2.1.4 |
| netbsd | netbsd | 1.5.3 |
| sendmail | sendmail | 8.12.8 |
| hp | hp-ux | 11.0.4 |
| sendmail | sendmail | 8.11.2 |
| sendmail | sendmail_switch | 2.2.4 |
| apple | mac_os_x_server | 10.2.2 |
| sendmail | sendmail_switch | 3.0.1 |
| sendmail | sendmail_switch | 3.0.2 |
| sendmail | sendmail_switch | 2.1 |
| apple | mac_os_x | 10.2.1 |
| sendmail | sendmail | 8.10.1 |
| sendmail | sendmail | 8.12.7 |
| sendmail | sendmail | 8.12.6 |
| gentoo | linux | 0.5 |
| openbsd | openbsd | 3.3 |
| sendmail | sendmail | 8.9.3 |
| apple | mac_os_x_server | 10.2.3 |
| sendmail | advanced_message_server | 1.3 |
| sendmail | sendmail | 8.10 |
| sendmail | sendmail_switch | 2.2.2 |
| sendmail | sendmail | 8.11.4 |
| sendmail | sendmail | 8.12.0 |
| sendmail | sendmail | 8.12.9 |
| sendmail | sendmail | 8.11.6 |
| sendmail | sendmail_switch | 2.2.1 |
| sendmail | sendmail | 8.9.2 |
| apple | mac_os_x_server | 10.2.6 |
| sendmail | sendmail | 3.0.2 |
| hp | hp-ux | 11.00 |
| sendmail | sendmail | 2.6.1 |
| netbsd | netbsd | 1.4.3 |
| apple | mac_os_x | 10.2.6 |
| sendmail | sendmail_switch | 2.1.5 |
| turbolinux | turbolinux_workstation | 6.0 |
| netbsd | netbsd | 1.6.1 |
| apple | mac_os_x_server | 10.2 |
| sendmail | sendmail | 2.6.2 |
| sendmail | sendmail | 3.0 |
| sendmail | sendmail | 3.0.3 |
| hp | hp-ux | 11.22 |
| sendmail | sendmail | 8.11.5 |
| netbsd | netbsd | 1.5 |
| apple | mac_os_x_server | 10.2.1 |
| sendmail | sendmail | 8.11.0 |
| apple | mac_os_x_server | 10.2.5 |
| sendmail | sendmail | 8.9.0 |
| gentoo | linux | 1.2 |
| sendmail | sendmail | 8.12.2 |
| apple | mac_os_x | 10.2.4 |
| sendmail | sendmail | 2.6 |
| turbolinux | turbolinux_workstation | 7.0 |
| netbsd | netbsd | 1.5.2 |
| turbolinux | turbolinux_server | 8.0 |
| sendmail | sendmail | 8.8.8 |
| gentoo | linux | 0.7 |
| sendmail | sendmail_switch | 3.0 |
| gentoo | linux | 1.4 |
| sendmail | sendmail | 8.12.4 |
| sendmail | sendmail | 8.10.2 |
| turbolinux | turbolinux_server | 6.1 |
| sendmail | sendmail | 8.12.5 |
| apple | mac_os_x | 10.2.2 |
| turbolinux | turbolinux_server | 7.0 |
| netbsd | netbsd | 1.5.1 |
| turbolinux | turbolinux_advanced_server | 6.0 |
| openbsd | openbsd | 3.2 |
| sendmail | advanced_message_server | 1.2 |
| sendmail | sendmail_pro | 8.9.3 |
| sendmail | sendmail_switch | 2.2.3 |
| sendmail | sendmail | 8.12.1 |
| ibm | aix | 5.2 |
| gentoo | linux | 1.1a |
| sendmail | sendmail_switch | 2.2 |
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| compaq | tru64 | 4.0g_pk3_bl17 |
| sendmail | sendmail | 3.0.1 |
| sgi | irix | 6.5.20f |
| apple | mac_os_x | 10.2.5 |
| sendmail | sendmail_switch | 2.1.1 |
| sgi | irix | 6.5.17m |
| apple | mac_os_x | 10.2 |
| sun | solaris | 9.0 |
| sendmail | sendmail | 8.12.3 |
| freebsd | freebsd | 4.7 |
| sendmail | sendmail_switch | 2.1.3 |
| freebsd | freebsd | 4.9 |
| sendmail | sendmail_switch | 3.0.3 |
| sendmail | sendmail_switch | 2.1.2 |
| turbolinux | turbolinux_server | 6.5 |
| sun | solaris | 2.6 |
| freebsd | freebsd | 4.6 |
| apple | mac_os_x_server | 10.2.4 |
| ibm | aix | 5.1 |
| sendmail | sendmail | 8.9.1 |
| sun | sunos | - |
| netbsd | netbsd | 1.6 |
| turbolinux | turbolinux_workstation | 8.0 |
| sendmail | sendmail | 8.11.3 |
| ibm | aix | 4.3.3 |
| sendmail | sendmail_switch | 2.2.5 |
| sendmail | sendmail | 8.12 |
| sendmail | sendmail | 8.11.1 |
| compaq | tru64 | 5.1_pk6_bl20 |
| apple | mac_os_x | 10.2.3 |
| compaq | tru64 | 5.1_pk5_bl19 |
| hp | hp-ux | 11.11 |
| compaq | tru64 | 5.1a_pk1_bl1 |
| sendmail | sendmail_pro | 8.9.2 |
| sun | solaris | 7.0 |
| sgi | irix | 6.5.21m |
| sendmail | sendmail_switch | 2.1.4 |
| netbsd | netbsd | 1.5.3 |
| freebsd | freebsd | 4.3 |
| sendmail | sendmail | 8.12.8 |
| hp | hp-ux | 11.0.4 |
| sendmail | sendmail | 8.11.2 |
| sendmail | sendmail_switch | 2.2.4 |
| apple | mac_os_x_server | 10.2.2 |
| sendmail | sendmail_switch | 3.0.1 |
| sendmail | sendmail_switch | 3.0.2 |
| sendmail | sendmail_switch | 2.1 |
| apple | mac_os_x | 10.2.1 |
| sendmail | sendmail | 8.10.1 |
| sendmail | sendmail | 8.12.7 |
| freebsd | freebsd | 4.5 |
| sgi | irix | 6.5.19m |
| sendmail | sendmail | 8.12.6 |
| compaq | tru64 | 4.0f_pk7_bl18 |
| gentoo | linux | 0.5 |
| sendmail | sendmail | 8.9.3 |
| apple | mac_os_x_server | 10.2.3 |
| sendmail | advanced_message_server | 1.3 |
| sendmail | sendmail | 8.10 |
| sendmail | sendmail_switch | 2.2.2 |
| sendmail | sendmail | 8.11.4 |
| sgi | irix | 6.5.18m |
| freebsd | freebsd | 4.0 |
| sendmail | sendmail | 8.12.0 |
| sendmail | sendmail | 8.12.9 |
| sgi | irix | 6.5.15 |
| sendmail | sendmail | 8.11.6 |
| sgi | irix | 6.5.16 |
| sendmail | sendmail_switch | 2.2.1 |
| sendmail | sendmail | 8.9.2 |
| apple | mac_os_x_server | 10.2.6 |
| sun | solaris | 8.0 |
| sendmail | sendmail | 3.0.2 |
| freebsd | freebsd | 5.1 |
| hp | hp-ux | 11.00 |
| sendmail | sendmail | 2.6.1 |
| netbsd | netbsd | 1.4.3 |
| compaq | tru64 | 4.0f |
| apple | mac_os_x | 10.2.6 |
| sgi | irix | 6.5.19f |
| compaq | tru64 | 5.1_pk3_bl17 |
| freebsd | freebsd | 3.0 |
| sendmail | sendmail_switch | 2.1.5 |
| sgi | irix | 6.5.18f |
| turbolinux | turbolinux_workstation | 6.0 |
| netbsd | netbsd | 1.6.1 |
| freebsd | freebsd | 5.0 |
| apple | mac_os_x_server | 10.2 |
| sendmail | sendmail | 2.6.2 |
| sendmail | sendmail | 3.0 |
| sendmail | sendmail | 3.0.3 |
| hp | hp-ux | 11.22 |
| compaq | tru64 | 5.1a |
| freebsd | freebsd | 4.8 |
| sendmail | sendmail | 8.11.5 |
| compaq | tru64 | 5.1b |
| compaq | tru64 | 4.0f_pk8_bl22 |
| netbsd | netbsd | 1.5 |
| compaq | tru64 | 5.1a_pk2_bl2 |
| compaq | tru64 | 5.1b_pk1_bl1 |
| apple | mac_os_x_server | 10.2.1 |
| sendmail | sendmail | 8.11.0 |
| compaq | tru64 | 4.0g |
| apple | mac_os_x_server | 10.2.5 |
| compaq | tru64 | 5.1a_pk5_bl23 |
| sendmail | sendmail | 8.9.0 |
| gentoo | linux | 1.2 |
| freebsd | freebsd | 4.4 |
| compaq | tru64 | 5.1a_pk3_bl3 |
| compaq | tru64 | 5.1a_pk4_bl21 |
| sendmail | sendmail | 8.12.2 |
| apple | mac_os_x | 10.2.4 |
| compaq | tru64 | 5.1b_pk2_bl22 |
| sun | sunos | 5.7 |
| sgi | irix | 6.5.21f |
| sendmail | sendmail | 2.6 |
| turbolinux | turbolinux_workstation | 7.0 |
| netbsd | netbsd | 1.5.2 |
| turbolinux | turbolinux_server | 8.0 |
| sendmail | sendmail | 8.8.8 |
| gentoo | linux | 0.7 |
| compaq | tru64 | 4.0g_pk4_bl22 |
| sendmail | sendmail_switch | 3.0 |
| gentoo | linux | 1.4 |
| compaq | tru64 | 4.0f_pk6_bl17 |
| sendmail | sendmail | 8.12.4 |
| sendmail | sendmail | 8.10.2 |
| turbolinux | turbolinux_server | 6.1 |
| sendmail | sendmail | 8.12.5 |
| apple | mac_os_x | 10.2.2 |
| turbolinux | turbolinux_server | 7.0 |
| netbsd | netbsd | 1.5.1 |
| turbolinux | turbolinux_advanced_server | 6.0 |
| compaq | tru64 | 5.1 |
| sun | sunos | 5.8 |
| compaq | tru64 | 5.1_pk4_bl18 |
| sendmail | advanced_message_server | 1.2 |
| sendmail | sendmail_pro | 8.9.3 |
| sendmail | sendmail_switch | 2.2.3 |
| sgi | irix | 6.5.17f |
| sendmail | sendmail | 8.12.1 |
| sgi | irix | 6.5.20m |
| ibm | aix | 5.2 |
| gentoo | linux | 1.1a |
| sendmail | sendmail_switch | 2.2 |
Various Distributed Computing Environment (DCE) implementations, including HP OpenView, allow remote attackers to cause a denial of service (process hang or termination) via certain malformed inputs, as triggered by attempted exploits against the vulnerabilities CVE-2003-0352 or CVE-2003-0605, such as the Blaster/MSblast/LovSAN worm.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview | * |
Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| compaq | tru64 | 4.0f |
| compaq | tru64 | 4.0g_pk3_bl17 |
| compaq | tru64 | 5.1_pk3_bl17 |
| netbsd | netbsd | 1.6.1 |
| freebsd | freebsd | 5.0 |
| ibm | aix | 5.1l |
| nixu | namesurfer | suite_3.0.1 |
| sun | solaris | 9.0 |
| freebsd | freebsd | 4.7 |
| isc | bind | 8.3.0 |
| freebsd | freebsd | 4.9 |
| isc | bind | 8.4.1 |
| nixu | namesurfer | standard_3.0.1 |
| compaq | tru64 | 5.1a |
| freebsd | freebsd | 4.8 |
| freebsd | freebsd | 4.6 |
| compaq | tru64 | 5.1b |
| compaq | tru64 | 4.0f_pk8_bl22 |
| netbsd | netbsd | 1.6 |
| compaq | tru64 | 5.1a_pk2_bl2 |
| compaq | tru64 | 5.1b_pk1_bl1 |
| isc | bind | 8.2.6 |
| isc | bind | 8.3.5 |
| compaq | tru64 | 5.1_pk6_bl20 |
| compaq | tru64 | 5.1_pk5_bl19 |
| hp | hp-ux | 11.11 |
| compaq | tru64 | 4.0g |
| compaq | tru64 | 5.1a_pk1_bl1 |
| sun | solaris | 7.0 |
| compaq | tru64 | 5.1a_pk5_bl23 |
| isc | bind | 8.3.6 |
| freebsd | freebsd | 4.4 |
| compaq | tru64 | 5.1a_pk3_bl3 |
| compaq | tru64 | 5.1a_pk4_bl21 |
| isc | bind | 8.3.1 |
| compaq | tru64 | 5.1b_pk2_bl22 |
| sun | sunos | 5.7 |
| freebsd | freebsd | 4.5 |
| compaq | tru64 | 4.0g_pk4_bl22 |
| isc | bind | 8.4 |
| isc | bind | 8.2.4 |
| compaq | tru64 | 4.0f_pk6_bl17 |
| compaq | tru64 | 4.0f_pk7_bl18 |
| isc | bind | 8.2.3 |
| isc | bind | 8.3.2 |
| isc | bind | 8.2.5 |
| isc | bind | 8.2.7 |
| compaq | tru64 | 5.1 |
| sun | sunos | 5.8 |
| compaq | tru64 | 5.1_pk4_bl18 |
| netbsd | netbsd | current |
| isc | bind | 8.3.4 |
| sco | unixware | 7.1.1 |
| isc | bind | 8.3.3 |
| sun | solaris | 8.0 |
| hp | hp-ux | 11.00 |
| freebsd | freebsd | 4.6.2 |
Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.23 |
Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.16 |
| hp | hp-ux | 10.30 |
| hp | hp-ux | 10.34 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.11 |
| hp | hp-ux | 10.26 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.20 |
| hp | hp-ux | 10.20 |
The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.22 |
The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.16 |
| hp | hp-ux | 10.30 |
| hp | hp-ux | 11.0.4 |
| hp | hp-ux | 10.09 |
| hp | hp-ux | 10.08 |
| hp | hp-ux | 10.34 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.11 |
| hp | hp-ux | 10.26 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.20 |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.16 |
| hp | hp-ux | 10.30 |
| hp | hp-ux | 11.0.4 |
| hp | hp-ux | 10.09 |
| hp | hp-ux | 10.08 |
| hp | hp-ux | 10.34 |
| avaya | predictive_dialer_system | 9.0 |
| avaya | predictive_dialer_system | 12 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.11 |
| hp | hp-ux | 10.26 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| avaya | predictive_dialer_system | 11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.20 |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.16 |
| hp | hp-ux | 10.30 |
| hp | hp-ux | 10.26 |
| hp | hp-ux | 10.09 |
| hp | hp-ux | 10.08 |
| hp | hp-ux | 10.34 |
| hp | hp-ux | 10.00 |
| hp | hp-ux | 10.20 |
Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-16,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | bastille | b.02.00.05 |
Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11 |
Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473).
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (memory exhaustion) via crafted TCP packets.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 6.0.1 |
| hp | openview_network_node_manager | 5.0.1 |
| hp | openview_network_node_manager | 6.4 |
| hp | openview_network_node_manager | 6.10 |
| hp | openview_network_node_manager | 6.2 |
| hp | openview_network_node_manager | 6.41 |
| hp | openview_network_node_manager | 6.31 |
| hp | openview_network_node_manager | 6.1 |
Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 6.4 |
| hp | openview_network_node_manager | 6.2 |
Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_manager | 1.0 |
| hp | remote_diagnostics_enabling_agent | * |
| hp | insight_management_suite | 3.5 |
| hp | insight_management_suite | 5.0 |
| hp | insight_manager | 1.6 |
| hp | insight_management_suite | 4.0 |
Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1 |
| hp | tru64 | 4.0g_pk3_bl17 |
| hp | tru64 | 5.1b |
| hp | tru64 | 5.1_pk4_bl18 |
| hp | tru64 | 5.1_pk6_bl20 |
| hp | tru64 | 4.0f_pk8_bl22 |
| hp | tru64 | 5.1a_pk4_bl21 |
| hp | tru64 | 5.1a_pk5_bl23 |
| hp | tru64 | 5.1a_pk3_bl3 |
| hp | tru64 | 5.1_pk5_bl19 |
| hp | tru64 | 4.0f_pk6_bl17 |
| hp | tru64 | 4.0f |
| hp | tru64 | 4.0g_pk4_bl22 |
| hp | tru64 | 5.1a_pk2_bl2 |
| hp | tru64 | 5.1_pk3_bl17 |
| hp | tru64 | 4.0f_pk7_bl18 |
| hp | tru64 | 5.1a_pk1_bl1 |
| hp | tru64 | 4.0g |
| hp | tru64 | 5.1a |
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cisco | css_secure_content_accelerator | 1.0 |
| avaya | intuity_audix | 5.1.46 |
| vmware | gsx_server | 2.0.1_build_2129 |
| avaya | sg200 | 4.31.29 |
| stonesoft | stonebeat_securitycluster | 2.0 |
| avaya | intuity_audix | s3210 |
| stonesoft | stonegate | 1.5.18 |
| novell | edirectory | 8.5.27 |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence |
| openssl | openssl | 0.9.6c |
| lite | speed_technologies_litespeed_web_server | 1.0.2 |
| vmware | gsx_server | 2.5.1 |
| avaya | vsu | 5 |
| novell | edirectory | 8.6.2 |
| 4d | webstar | 5.2.4 |
| stonesoft | stonegate | 1.7 |
| avaya | s8300 | r2.0.1 |
| cisco | pix_firewall_software | 6.0 |
| avaya | sg203 | 4.4 |
| 4d | webstar | 5.3.1 |
| neoteris | instant_virtual_extranet | 3.3.1 |
| sgi | propack | 2.4 |
| hp | hp-ux | 11.11 |
| openssl | openssl | 0.9.7b |
| redhat | openssl | 0.9.7a-2 |
| sgi | propack | 3.0 |
| avaya | vsu | 5000_r2.0.1 |
| hp | apache-based_web_server | 2.0.43.04 |
| cisco | access_registrar | * |
| cisco | css11000_content_services_switch | * |
| sun | crypto_accelerator_4000 | 1.0 |
| cisco | webns | 7.10 |
| cisco | pix_firewall_software | 6.0(4.101) |
| avaya | vsu | 500 |
| avaya | vsu | 10000_r2.0.1 |
| 4d | webstar | 5.2.3 |
| lite | speed_technologies_litespeed_web_server | 1.0.3 |
| novell | edirectory | 8.7.1 |
| avaya | sg5 | 4.2 |
| cisco | pix_firewall_software | 6.3(1) |
| openssl | openssl | 0.9.6k |
| redhat | linux | 7.3 |
| cisco | pix_firewall_software | 6.2(2) |
| cisco | css_secure_content_accelerator | 2.0 |
| dell | bsafe_ssl-j | 3.0.1 |
| openbsd | openbsd | 3.3 |
| 4d | webstar | 5.2.2 |
| avaya | intuity_audix | * |
| securecomputing | sidewinder | 5.2 |
| stonesoft | stonebeat_securitycluster | 2.5 |
| stonesoft | servercluster | 2.5 |
| cisco | pix_firewall_software | 6.2(1) |
| cisco | webns | 7.10_.0.06s |
| securecomputing | sidewinder | 5.2.0.04 |
| tarantella | tarantella_enterprise | 3.20 |
| stonesoft | stonegate | 2.0.8 |
| bluecoat | proxysg | * |
| redhat | enterprise_linux | 3.0 |
| checkpoint | firewall-1 | * |
| checkpoint | firewall-1 | next_generation_fp0 |
| bluecoat | cacheos_ca_sa | 4.1.10 |
| securecomputing | sidewinder | 5.2.0.02 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc3 |
| apple | mac_os_x | 10.3.3 |
| stonesoft | stonegate | 1.5.17 |
| avaya | vsu | 100_r2.0.1 |
| stonesoft | stonegate_vpn_client | 1.7 |
| 4d | webstar | 5.3 |
| checkpoint | vpn-1 | next_generation_fp2 |
| redhat | enterprise_linux_desktop | 3.0 |
| cisco | pix_firewall_software | 6.0(2) |
| checkpoint | firewall-1 | next_generation_fp2 |
| stonesoft | stonebeat_fullcluster | 1_2.0 |
| freebsd | freebsd | 5.2.1 |
| stonesoft | servercluster | 2.5.2 |
| openssl | openssl | 0.9.6h |
| stonesoft | stonegate | 2.0.7 |
| stonesoft | stonegate_vpn_client | 2.0.9 |
| lite | speed_technologies_litespeed_web_server | 1.1 |
| cisco | content_services_switch_11500 | * |
| stonesoft | stonegate | 1.6.3 |
| checkpoint | firewall-1 | 2.0 |
| lite | speed_technologies_litespeed_web_server | 1.0.1 |
| hp | hp-ux | 11.23 |
| openssl | openssl | 0.9.6j |
| vmware | gsx_server | 3.0_build_7592 |
| avaya | s8500 | r2.0.0 |
| cisco | mds_9000 | * |
| sgi | propack | 2.3 |
| cisco | pix_firewall_software | 6.3(2) |
| lite | speed_technologies_litespeed_web_server | 1.3_rc1 |
| cisco | ios | 12.1(11)e |
| cisco | pix_firewall_software | 6.0(1) |
| avaya | s8300 | r2.0.0 |
| cisco | ios | 12.1(11b)e12 |
| cisco | ciscoworks_common_services | 2.2 |
| cisco | okena_stormwatch | 3.2 |
| cisco | ios | 12.1(13)e9 |
| checkpoint | provider-1 | 4.1 |
| cisco | pix_firewall_software | 6.1(5) |
| avaya | vsu | 2000_r2.0.1 |
| avaya | s8700 | r2.0.0 |
| redhat | linux | 8.0 |
| neoteris | instant_virtual_extranet | 3.3 |
| cisco | ios | 12.1(19)e1 |
| symantec | clientless_vpn_gateway_4400 | 5.0 |
| redhat | linux | 7.2 |
| stonesoft | stonegate | 2.0.1 |
| cisco | firewall_services_module | 2.1_(0.208) |
| novell | imanager | 1.5 |
| cisco | ios | 12.2(14)sy1 |
| cisco | threat_response | * |
| vmware | gsx_server | 2.0 |
| cisco | pix_firewall_software | 6.0(3) |
| cisco | pix_firewall | 6.2.2_.111 |
| cisco | webns | 7.2_0.0.03 |
| novell | imanager | 2.0 |
| stonesoft | stonebeat_fullcluster | 1_3.0 |
| freebsd | freebsd | 5.2 |
| openssl | openssl | 0.9.6d |
| cisco | pix_firewall_software | 6.2(3.100) |
| avaya | vsu | 7500_r2.0.1 |
| novell | edirectory | 8.0 |
| cisco | firewall_services_module | 1.1.2 |
| avaya | sg5 | 4.4 |
| securecomputing | sidewinder | 5.2.1 |
| stonesoft | stonegate_vpn_client | 2.0.7 |
| hp | apache-based_web_server | 2.0.43.00 |
| stonesoft | stonegate_vpn_client | 1.7.2 |
| neoteris | instant_virtual_extranet | 3.1 |
| securecomputing | sidewinder | 5.2.1.02 |
| lite | speed_technologies_litespeed_web_server | 1.2.2 |
| neoteris | instant_virtual_extranet | 3.0 |
| cisco | pix_firewall_software | 6.2(3) |
| stonesoft | stonegate | 2.0.5 |
| redhat | openssl | 0.9.6-15 |
| freebsd | freebsd | 4.9 |
| openssl | openssl | 0.9.6f |
| openssl | openssl | 0.9.7 |
| checkpoint | vpn-1 | next_generation_fp1 |
| cisco | pix_firewall_software | 6.3(3.109) |
| vmware | gsx_server | 2.5.1_build_5336 |
| avaya | sg208 | 4.4 |
| dell | bsafe_ssl-j | 3.0 |
| hp | wbem | a.02.00.01 |
| novell | edirectory | 8.5.12a |
| checkpoint | vpn-1 | next_generation_fp0 |
| cisco | webns | 6.10_b4 |
| lite | speed_technologies_litespeed_web_server | 1.3 |
| stonesoft | stonegate | 2.0.4 |
| 4d | webstar | 5.2 |
| stonesoft | stonebeat_webcluster | 2.5 |
| stonesoft | stonebeat_webcluster | 2.0 |
| lite | speed_technologies_litespeed_web_server | 1.2.1 |
| stonesoft | stonegate_vpn_client | 2.0.8 |
| cisco | webns | 7.1_0.2.06 |
| cisco | application_and_content_networking_software | * |
| openssl | openssl | 0.9.6i |
| tarantella | tarantella_enterprise | 3.30 |
| novell | edirectory | 8.5 |
| cisco | pix_firewall_software | 6.1(3) |
| cisco | pix_firewall_software | 6.1(2) |
| lite | speed_technologies_litespeed_web_server | 1.2_rc2 |
| cisco | call_manager | * |
| cisco | pix_firewall_software | 6.0(4) |
| 4d | webstar | 4.0 |
| hp | aaa_server | * |
| apple | mac_os_x_server | 10.3.3 |
| stonesoft | stonegate | 1.7.2 |
| freebsd | freebsd | 5.1 |
| cisco | ciscoworks_common_management_foundation | 2.1 |
| hp | wbem | a.01.05.08 |
| hp | hp-ux | 11.00 |
| sco | openserver | 5.0.7 |
| stonesoft | stonegate | 1.6.2 |
| stonesoft | stonegate_vpn_client | 2.0 |
| securecomputing | sidewinder | 5.2.0.01 |
| cisco | ios | 12.2za |
| checkpoint | firewall-1 | next_generation_fp1 |
| cisco | webns | 6.10 |
| openssl | openssl | 0.9.7c |
| sco | openserver | 5.0.6 |
| cisco | ios | 12.1(11b)e |
| avaya | sg208 | * |
| openbsd | openbsd | 3.4 |
| cisco | pix_firewall_software | 6.1(4) |
| cisco | gss_4490_global_site_selector | * |
| freebsd | freebsd | 4.8 |
| stonesoft | stonegate | 2.2.1 |
| hp | hp-ux | 8.05 |
| cisco | pix_firewall_software | 6.2 |
| dell | bsafe_ssl-j | 3.1 |
| avaya | converged_communications_server | 2.0 |
| cisco | ios | 12.2sy |
| avaya | sg200 | 4.4 |
| lite | speed_technologies_litespeed_web_server | 1.3.1 |
| lite | speed_technologies_litespeed_web_server | 1.1.1 |
| openssl | openssl | 0.9.7a |
| cisco | webns | 7.1_0.1.02 |
| avaya | sg203 | 4.31.29 |
| avaya | intuity_audix | s3400 |
| cisco | firewall_services_module | 1.1.3 |
| redhat | openssl | 0.9.6b-3 |
| openssl | openssl | 0.9.6g |
| cisco | secure_content_accelerator | 10000 |
| securecomputing | sidewinder | 5.2.0.03 |
| stonesoft | stonebeat_fullcluster | 2.5 |
| stonesoft | stonegate | 2.0.6 |
| neoteris | instant_virtual_extranet | 3.2 |
| cisco | pix_firewall_software | 6.1(1) |
| tarantella | tarantella_enterprise | 3.40 |
| avaya | s8700 | r2.0.1 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc2 |
| stonesoft | stonegate | 2.2.4 |
| stonesoft | stonebeat_fullcluster | 3.0 |
| avaya | vsu | 5x |
| stonesoft | stonegate | 2.0.9 |
| novell | edirectory | 8.7 |
| 4d | webstar | 5.2.1 |
| cisco | firewall_services_module | * |
| lite | speed_technologies_litespeed_web_server | 1.2_rc1 |
| openssl | openssl | 0.9.6e |
| stonesoft | stonegate | 1.7.1 |
| cisco | pix_firewall_software | 6.3(3.102) |
| cisco | gss_4480_global_site_selector | * |
| stonesoft | stonebeat_fullcluster | 2.0 |
| hp | wbem | a.02.00.00 |
| bluecoat | cacheos_ca_sa | 4.1.12 |
| cisco | pix_firewall_software | 6.1 |
| stonesoft | stonegate | 2.2 |
| stonesoft | stonegate | 2.1 |
| avaya | s8500 | r2.0.1 |
| cisco | firewall_services_module | 1.1_(3.005) |
| avaya | sg5 | 4.3 |
| cisco | ios | 12.2(14)sy |
| cisco | pix_firewall_software | 6.3 |
| cisco | ios | 12.1(11b)e14 |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cisco | css_secure_content_accelerator | 1.0 |
| avaya | intuity_audix | 5.1.46 |
| vmware | gsx_server | 2.0.1_build_2129 |
| avaya | sg200 | 4.31.29 |
| stonesoft | stonebeat_securitycluster | 2.0 |
| avaya | intuity_audix | s3210 |
| stonesoft | stonegate | 1.5.18 |
| novell | edirectory | 8.5.27 |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence |
| openssl | openssl | 0.9.6c |
| lite | speed_technologies_litespeed_web_server | 1.0.2 |
| vmware | gsx_server | 2.5.1 |
| avaya | vsu | 5 |
| novell | edirectory | 8.6.2 |
| 4d | webstar | 5.2.4 |
| stonesoft | stonegate | 1.7 |
| avaya | s8300 | r2.0.1 |
| cisco | pix_firewall_software | 6.0 |
| avaya | sg203 | 4.4 |
| 4d | webstar | 5.3.1 |
| neoteris | instant_virtual_extranet | 3.3.1 |
| sgi | propack | 2.4 |
| hp | hp-ux | 11.11 |
| openssl | openssl | 0.9.7b |
| redhat | openssl | 0.9.7a-2 |
| sgi | propack | 3.0 |
| avaya | vsu | 5000_r2.0.1 |
| hp | apache-based_web_server | 2.0.43.04 |
| cisco | access_registrar | * |
| cisco | css11000_content_services_switch | * |
| sun | crypto_accelerator_4000 | 1.0 |
| cisco | webns | 7.10 |
| cisco | pix_firewall_software | 6.0(4.101) |
| avaya | vsu | 500 |
| avaya | vsu | 10000_r2.0.1 |
| 4d | webstar | 5.2.3 |
| lite | speed_technologies_litespeed_web_server | 1.0.3 |
| novell | edirectory | 8.7.1 |
| avaya | sg5 | 4.2 |
| cisco | pix_firewall_software | 6.3(1) |
| openssl | openssl | 0.9.6k |
| checkpoint | vpn-1 | next_generation |
| redhat | linux | 7.3 |
| cisco | pix_firewall_software | 6.2(2) |
| cisco | css_secure_content_accelerator | 2.0 |
| dell | bsafe_ssl-j | 3.0.1 |
| openbsd | openbsd | 3.3 |
| 4d | webstar | 5.2.2 |
| avaya | intuity_audix | * |
| securecomputing | sidewinder | 5.2 |
| stonesoft | stonebeat_securitycluster | 2.5 |
| stonesoft | servercluster | 2.5 |
| cisco | pix_firewall_software | 6.2(1) |
| cisco | webns | 7.10_.0.06s |
| securecomputing | sidewinder | 5.2.0.04 |
| tarantella | tarantella_enterprise | 3.20 |
| stonesoft | stonegate | 2.0.8 |
| bluecoat | proxysg | * |
| redhat | enterprise_linux | 3.0 |
| checkpoint | firewall-1 | * |
| checkpoint | firewall-1 | next_generation_fp0 |
| bluecoat | cacheos_ca_sa | 4.1.10 |
| securecomputing | sidewinder | 5.2.0.02 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc3 |
| apple | mac_os_x | 10.3.3 |
| stonesoft | stonegate | 1.5.17 |
| avaya | vsu | 100_r2.0.1 |
| stonesoft | stonegate_vpn_client | 1.7 |
| 4d | webstar | 5.3 |
| redhat | enterprise_linux_desktop | 3.0 |
| cisco | pix_firewall_software | 6.0(2) |
| checkpoint | firewall-1 | next_generation_fp2 |
| stonesoft | stonebeat_fullcluster | 1_2.0 |
| freebsd | freebsd | 5.2.1 |
| stonesoft | servercluster | 2.5.2 |
| openssl | openssl | 0.9.6h |
| stonesoft | stonegate | 2.0.7 |
| stonesoft | stonegate_vpn_client | 2.0.9 |
| lite | speed_technologies_litespeed_web_server | 1.1 |
| cisco | content_services_switch_11500 | * |
| stonesoft | stonegate | 1.6.3 |
| checkpoint | firewall-1 | 2.0 |
| lite | speed_technologies_litespeed_web_server | 1.0.1 |
| hp | hp-ux | 11.23 |
| openssl | openssl | 0.9.6j |
| vmware | gsx_server | 3.0_build_7592 |
| avaya | s8500 | r2.0.0 |
| cisco | mds_9000 | * |
| sgi | propack | 2.3 |
| cisco | pix_firewall_software | 6.3(2) |
| lite | speed_technologies_litespeed_web_server | 1.3_rc1 |
| cisco | ios | 12.1(11)e |
| cisco | pix_firewall_software | 6.0(1) |
| avaya | s8300 | r2.0.0 |
| cisco | ios | 12.1(11b)e12 |
| cisco | ciscoworks_common_services | 2.2 |
| cisco | okena_stormwatch | 3.2 |
| cisco | ios | 12.1(13)e9 |
| checkpoint | provider-1 | 4.1 |
| cisco | pix_firewall_software | 6.1(5) |
| avaya | vsu | 2000_r2.0.1 |
| avaya | s8700 | r2.0.0 |
| redhat | linux | 8.0 |
| neoteris | instant_virtual_extranet | 3.3 |
| cisco | ios | 12.1(19)e1 |
| symantec | clientless_vpn_gateway_4400 | 5.0 |
| redhat | linux | 7.2 |
| stonesoft | stonegate | 2.0.1 |
| cisco | firewall_services_module | 2.1_(0.208) |
| novell | imanager | 1.5 |
| cisco | ios | 12.2(14)sy1 |
| cisco | threat_response | * |
| vmware | gsx_server | 2.0 |
| cisco | pix_firewall_software | 6.0(3) |
| cisco | pix_firewall | 6.2.2_.111 |
| cisco | webns | 7.2_0.0.03 |
| novell | imanager | 2.0 |
| stonesoft | stonebeat_fullcluster | 1_3.0 |
| freebsd | freebsd | 5.2 |
| openssl | openssl | 0.9.6d |
| cisco | pix_firewall_software | 6.2(3.100) |
| avaya | vsu | 7500_r2.0.1 |
| novell | edirectory | 8.0 |
| cisco | firewall_services_module | 1.1.2 |
| avaya | sg5 | 4.4 |
| securecomputing | sidewinder | 5.2.1 |
| stonesoft | stonegate_vpn_client | 2.0.7 |
| hp | apache-based_web_server | 2.0.43.00 |
| stonesoft | stonegate_vpn_client | 1.7.2 |
| neoteris | instant_virtual_extranet | 3.1 |
| securecomputing | sidewinder | 5.2.1.02 |
| lite | speed_technologies_litespeed_web_server | 1.2.2 |
| neoteris | instant_virtual_extranet | 3.0 |
| cisco | pix_firewall_software | 6.2(3) |
| stonesoft | stonegate | 2.0.5 |
| redhat | openssl | 0.9.6-15 |
| freebsd | freebsd | 4.9 |
| openssl | openssl | 0.9.6f |
| openssl | openssl | 0.9.7 |
| checkpoint | vpn-1 | next_generation_fp1 |
| cisco | pix_firewall_software | 6.3(3.109) |
| vmware | gsx_server | 2.5.1_build_5336 |
| avaya | sg208 | 4.4 |
| dell | bsafe_ssl-j | 3.0 |
| hp | wbem | a.02.00.01 |
| novell | edirectory | 8.5.12a |
| checkpoint | vpn-1 | next_generation_fp0 |
| cisco | webns | 6.10_b4 |
| lite | speed_technologies_litespeed_web_server | 1.3 |
| stonesoft | stonegate | 2.0.4 |
| 4d | webstar | 5.2 |
| stonesoft | stonebeat_webcluster | 2.5 |
| stonesoft | stonebeat_webcluster | 2.0 |
| lite | speed_technologies_litespeed_web_server | 1.2.1 |
| stonesoft | stonegate_vpn_client | 2.0.8 |
| cisco | webns | 7.1_0.2.06 |
| cisco | application_and_content_networking_software | * |
| openssl | openssl | 0.9.6i |
| tarantella | tarantella_enterprise | 3.30 |
| novell | edirectory | 8.5 |
| cisco | pix_firewall_software | 6.1(3) |
| cisco | pix_firewall_software | 6.1(2) |
| lite | speed_technologies_litespeed_web_server | 1.2_rc2 |
| cisco | call_manager | * |
| cisco | pix_firewall_software | 6.0(4) |
| 4d | webstar | 4.0 |
| hp | aaa_server | * |
| apple | mac_os_x_server | 10.3.3 |
| stonesoft | stonegate | 1.7.2 |
| freebsd | freebsd | 5.1 |
| cisco | ciscoworks_common_management_foundation | 2.1 |
| hp | wbem | a.01.05.08 |
| hp | hp-ux | 11.00 |
| sco | openserver | 5.0.7 |
| stonesoft | stonegate | 1.6.2 |
| stonesoft | stonegate_vpn_client | 2.0 |
| securecomputing | sidewinder | 5.2.0.01 |
| cisco | ios | 12.2za |
| checkpoint | firewall-1 | next_generation_fp1 |
| cisco | webns | 6.10 |
| openssl | openssl | 0.9.7c |
| sco | openserver | 5.0.6 |
| cisco | ios | 12.1(11b)e |
| avaya | sg208 | * |
| openbsd | openbsd | 3.4 |
| cisco | pix_firewall_software | 6.1(4) |
| cisco | gss_4490_global_site_selector | * |
| freebsd | freebsd | 4.8 |
| stonesoft | stonegate | 2.2.1 |
| hp | hp-ux | 8.05 |
| cisco | pix_firewall_software | 6.2 |
| dell | bsafe_ssl-j | 3.1 |
| avaya | converged_communications_server | 2.0 |
| cisco | ios | 12.2sy |
| avaya | sg200 | 4.4 |
| lite | speed_technologies_litespeed_web_server | 1.3.1 |
| lite | speed_technologies_litespeed_web_server | 1.1.1 |
| openssl | openssl | 0.9.7a |
| cisco | webns | 7.1_0.1.02 |
| avaya | sg203 | 4.31.29 |
| avaya | intuity_audix | s3400 |
| cisco | firewall_services_module | 1.1.3 |
| redhat | openssl | 0.9.6b-3 |
| openssl | openssl | 0.9.6g |
| cisco | secure_content_accelerator | 10000 |
| securecomputing | sidewinder | 5.2.0.03 |
| stonesoft | stonebeat_fullcluster | 2.5 |
| stonesoft | stonegate | 2.0.6 |
| neoteris | instant_virtual_extranet | 3.2 |
| cisco | pix_firewall_software | 6.1(1) |
| tarantella | tarantella_enterprise | 3.40 |
| avaya | s8700 | r2.0.1 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc2 |
| stonesoft | stonegate | 2.2.4 |
| stonesoft | stonebeat_fullcluster | 3.0 |
| avaya | vsu | 5x |
| stonesoft | stonegate | 2.0.9 |
| novell | edirectory | 8.7 |
| 4d | webstar | 5.2.1 |
| cisco | firewall_services_module | * |
| lite | speed_technologies_litespeed_web_server | 1.2_rc1 |
| openssl | openssl | 0.9.6e |
| stonesoft | stonegate | 1.7.1 |
| cisco | pix_firewall_software | 6.3(3.102) |
| cisco | gss_4480_global_site_selector | * |
| stonesoft | stonebeat_fullcluster | 2.0 |
| hp | wbem | a.02.00.00 |
| bluecoat | cacheos_ca_sa | 4.1.12 |
| cisco | pix_firewall_software | 6.1 |
| stonesoft | stonegate | 2.2 |
| stonesoft | stonegate | 2.1 |
| avaya | s8500 | r2.0.1 |
| cisco | firewall_services_module | 1.1_(3.005) |
| avaya | sg5 | 4.3 |
| cisco | ios | 12.2(14)sy |
| cisco | pix_firewall_software | 6.3 |
| cisco | ios | 12.1(11b)e14 |
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cisco | css_secure_content_accelerator | 1.0 |
| forcepoint | stonegate | 2.2.1 |
| forcepoint | stonegate | 2.0.4 |
| avaya | intuity_audix | 5.1.46 |
| vmware | gsx_server | 2.0.1_build_2129 |
| avaya | sg200 | 4.31.29 |
| stonesoft | stonebeat_securitycluster | 2.0 |
| avaya | intuity_audix | s3210 |
| novell | edirectory | 8.5.27 |
| forcepoint | stonegate | 1.6.3 |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence |
| openssl | openssl | 0.9.6c |
| vmware | gsx_server | 2.5.1 |
| avaya | vsu | 5 |
| novell | edirectory | 8.6.2 |
| 4d | webstar | 5.2.4 |
| avaya | s8300 | r2.0.1 |
| cisco | pix_firewall_software | 6.0 |
| avaya | sg203 | 4.4 |
| 4d | webstar | 5.3.1 |
| neoteris | instant_virtual_extranet | 3.3.1 |
| sgi | propack | 2.4 |
| hp | hp-ux | 11.11 |
| openssl | openssl | 0.9.7b |
| redhat | openssl | 0.9.7a-2 |
| sgi | propack | 3.0 |
| avaya | vsu | 5000_r2.0.1 |
| hp | apache-based_web_server | 2.0.43.04 |
| cisco | access_registrar | * |
| cisco | css11000_content_services_switch | * |
| sun | crypto_accelerator_4000 | 1.0 |
| cisco | webns | 7.10 |
| cisco | pix_firewall_software | 6.0(4.101) |
| avaya | vsu | 500 |
| avaya | vsu | 10000_r2.0.1 |
| 4d | webstar | 5.2.3 |
| novell | edirectory | 8.7.1 |
| avaya | sg5 | 4.2 |
| cisco | pix_firewall_software | 6.3(1) |
| openssl | openssl | 0.9.6k |
| redhat | linux | 7.3 |
| cisco | pix_firewall_software | 6.2(2) |
| cisco | css_secure_content_accelerator | 2.0 |
| dell | bsafe_ssl-j | 3.0.1 |
| openbsd | openbsd | 3.3 |
| 4d | webstar | 5.2.2 |
| avaya | intuity_audix | * |
| securecomputing | sidewinder | 5.2 |
| stonesoft | stonebeat_securitycluster | 2.5 |
| stonesoft | servercluster | 2.5 |
| cisco | pix_firewall_software | 6.2(1) |
| forcepoint | stonegate | 2.0.9 |
| cisco | webns | 7.10_.0.06s |
| securecomputing | sidewinder | 5.2.0.04 |
| tarantella | tarantella_enterprise | 3.20 |
| bluecoat | proxysg | * |
| redhat | enterprise_linux | 3.0 |
| checkpoint | firewall-1 | * |
| checkpoint | firewall-1 | next_generation_fp0 |
| bluecoat | cacheos_ca_sa | 4.1.10 |
| securecomputing | sidewinder | 5.2.0.02 |
| apple | mac_os_x | 10.3.3 |
| avaya | vsu | 100_r2.0.1 |
| 4d | webstar | 5.3 |
| checkpoint | vpn-1 | next_generation_fp2 |
| redhat | enterprise_linux_desktop | 3.0 |
| cisco | pix_firewall_software | 6.0(2) |
| checkpoint | firewall-1 | next_generation_fp2 |
| stonesoft | stonebeat_fullcluster | 1_2.0 |
| freebsd | freebsd | 5.2.1 |
| stonesoft | servercluster | 2.5.2 |
| openssl | openssl | 0.9.6h |
| forcepoint | stonegate | 1.6.2 |
| cisco | content_services_switch_11500 | * |
| checkpoint | firewall-1 | 2.0 |
| hp | hp-ux | 11.23 |
| openssl | openssl | 0.9.6j |
| vmware | gsx_server | 3.0_build_7592 |
| avaya | s8500 | r2.0.0 |
| cisco | mds_9000 | * |
| sgi | propack | 2.3 |
| cisco | pix_firewall_software | 6.3(2) |
| cisco | ios | 12.1(11)e |
| cisco | pix_firewall_software | 6.0(1) |
| avaya | s8300 | r2.0.0 |
| cisco | ios | 12.1(11b)e12 |
| cisco | ciscoworks_common_services | 2.2 |
| cisco | okena_stormwatch | 3.2 |
| cisco | ios | 12.1(13)e9 |
| checkpoint | provider-1 | 4.1 |
| cisco | pix_firewall_software | 6.1(5) |
| avaya | vsu | 2000_r2.0.1 |
| avaya | s8700 | r2.0.0 |
| redhat | linux | 8.0 |
| neoteris | instant_virtual_extranet | 3.3 |
| cisco | ios | 12.1(19)e1 |
| symantec | clientless_vpn_gateway_4400 | 5.0 |
| redhat | linux | 7.2 |
| cisco | firewall_services_module | 2.1_(0.208) |
| novell | imanager | 1.5 |
| cisco | ios | 12.2(14)sy1 |
| cisco | threat_response | * |
| vmware | gsx_server | 2.0 |
| cisco | pix_firewall_software | 6.0(3) |
| cisco | pix_firewall | 6.2.2_.111 |
| cisco | webns | 7.2_0.0.03 |
| novell | imanager | 2.0 |
| stonesoft | stonebeat_fullcluster | 1_3.0 |
| freebsd | freebsd | 5.2 |
| openssl | openssl | 0.9.6d |
| cisco | pix_firewall_software | 6.2(3.100) |
| avaya | vsu | 7500_r2.0.1 |
| novell | edirectory | 8.0 |
| cisco | firewall_services_module | 1.1.2 |
| avaya | sg5 | 4.4 |
| forcepoint | stonegate | 2.0.6 |
| securecomputing | sidewinder | 5.2.1 |
| hp | apache-based_web_server | 2.0.43.00 |
| neoteris | instant_virtual_extranet | 3.1 |
| securecomputing | sidewinder | 5.2.1.02 |
| neoteris | instant_virtual_extranet | 3.0 |
| cisco | pix_firewall_software | 6.2(3) |
| redhat | openssl | 0.9.6-15 |
| freebsd | freebsd | 4.9 |
| openssl | openssl | 0.9.6f |
| openssl | openssl | 0.9.7 |
| checkpoint | vpn-1 | next_generation_fp1 |
| cisco | pix_firewall_software | 6.3(3.109) |
| vmware | gsx_server | 2.5.1_build_5336 |
| avaya | sg208 | 4.4 |
| dell | bsafe_ssl-j | 3.0 |
| hp | wbem | a.02.00.01 |
| novell | edirectory | 8.5.12a |
| checkpoint | vpn-1 | next_generation_fp0 |
| cisco | webns | 6.10_b4 |
| 4d | webstar | 5.2 |
| forcepoint | stonegate | 1.7 |
| stonesoft | stonebeat_webcluster | 2.5 |
| forcepoint | stonegate | 1.5.18 |
| stonesoft | stonebeat_webcluster | 2.0 |
| cisco | webns | 7.1_0.2.06 |
| cisco | application_and_content_networking_software | * |
| forcepoint | stonegate | 1.5.17 |
| openssl | openssl | 0.9.6i |
| tarantella | tarantella_enterprise | 3.30 |
| novell | edirectory | 8.5 |
| forcepoint | stonegate | 1.7.2 |
| cisco | pix_firewall_software | 6.1(3) |
| cisco | pix_firewall_software | 6.1(2) |
| cisco | call_manager | * |
| cisco | pix_firewall_software | 6.0(4) |
| forcepoint | stonegate | 2.1 |
| 4d | webstar | 4.0 |
| litespeedtech | litespeed_web_server | 1.0.1 |
| hp | aaa_server | * |
| forcepoint | stonegate | 1.7.1 |
| apple | mac_os_x_server | 10.3.3 |
| freebsd | freebsd | 5.1 |
| cisco | ciscoworks_common_management_foundation | 2.1 |
| hp | wbem | a.01.05.08 |
| hp | hp-ux | 11.00 |
| sco | openserver | 5.0.7 |
| securecomputing | sidewinder | 5.2.0.01 |
| cisco | ios | 12.2za |
| checkpoint | firewall-1 | next_generation_fp1 |
| forcepoint | stonegate | 2.2.4 |
| forcepoint | stonegate | 2.0.5 |
| cisco | webns | 6.10 |
| openssl | openssl | 0.9.7c |
| sco | openserver | 5.0.6 |
| cisco | ios | 12.1(11b)e |
| avaya | sg208 | * |
| openbsd | openbsd | 3.4 |
| cisco | pix_firewall_software | 6.1(4) |
| cisco | gss_4490_global_site_selector | * |
| freebsd | freebsd | 4.8 |
| hp | hp-ux | 8.05 |
| cisco | pix_firewall_software | 6.2 |
| dell | bsafe_ssl-j | 3.1 |
| avaya | converged_communications_server | 2.0 |
| cisco | ios | 12.2sy |
| avaya | sg200 | 4.4 |
| openssl | openssl | 0.9.7a |
| cisco | webns | 7.1_0.1.02 |
| avaya | sg203 | 4.31.29 |
| avaya | intuity_audix | s3400 |
| cisco | firewall_services_module | 1.1.3 |
| forcepoint | stonegate | 2.0.8 |
| redhat | openssl | 0.9.6b-3 |
| openssl | openssl | 0.9.6g |
| forcepoint | stonegate | 2.0.7 |
| cisco | secure_content_accelerator | 10000 |
| securecomputing | sidewinder | 5.2.0.03 |
| stonesoft | stonebeat_fullcluster | 2.5 |
| neoteris | instant_virtual_extranet | 3.2 |
| cisco | pix_firewall_software | 6.1(1) |
| tarantella | tarantella_enterprise | 3.40 |
| avaya | s8700 | r2.0.1 |
| forcepoint | stonegate | 2.2 |
| stonesoft | stonebeat_fullcluster | 3.0 |
| avaya | vsu | 5x |
| novell | edirectory | 8.7 |
| 4d | webstar | 5.2.1 |
| cisco | firewall_services_module | * |
| openssl | openssl | 0.9.6e |
| cisco | pix_firewall_software | 6.3(3.102) |
| cisco | gss_4480_global_site_selector | * |
| stonesoft | stonebeat_fullcluster | 2.0 |
| hp | wbem | a.02.00.00 |
| bluecoat | cacheos_ca_sa | 4.1.12 |
| cisco | pix_firewall_software | 6.1 |
| forcepoint | stonegate | 2.0.1 |
| avaya | s8500 | r2.0.1 |
| cisco | firewall_services_module | 1.1_(3.005) |
| avaya | sg5 | 4.3 |
| cisco | ios | 12.2(14)sy |
| cisco | pix_firewall_software | 6.3 |
| cisco | ios | 12.1(11b)e14 |
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openbsd | openbsd | 3.5 |
| apache | http_server | 1.3.27 |
| ibm | http_server | 1.3.26.1 |
| apache | http_server | 1.3.31 |
| ibm | http_server | 1.3.28 |
| apache | http_server | 1.3.29 |
| openbsd | openbsd | * |
| hp | vvos | 11.04 |
| apache | http_server | 1.3.26 |
| sgi | propack | 2.4 |
| hp | virtualvault | 11.0.4 |
| apache | http_server | 1.3.28 |
| openbsd | openbsd | 3.4 |
| ibm | http_server | 1.3.26.2 |
| ibm | http_server | 1.3.26 |
| hp | webproxy | 2.0 |
| hp | webproxy | 2.1 |
HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_firmware | 1.50a |
| hp | integrated_lights-out_firmware | 1.51a |
| hp | integrated_lights-out_firmware | 1.15 |
| hp | integrated_lights-out_firmware | 1.40a |
| hp | integrated_lights-out_firmware | 1.15a |
| hp | integrated_lights-out_firmware | 1.41a |
| hp | integrated_lights-out_firmware | 1.10 |
| hp | integrated_lights-out_firmware | 1.26a |
| hp | integrated_lights-out_firmware | 1.6a |
| hp | integrated_lights-out_firmware | 1.16a |
| hp | integrated_lights-out_firmware | 1.27a |
| hp | integrated_lights-out_firmware | 1.20a |
| hp | integrated_lights-out_firmware | 1.42a |
| hp | integrated_lights-out_firmware | 1.50 |
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-367,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| php | php | 5.0.0 |
| openpkg | openpkg | 2.0 |
| avaya | converged_communications_server | 2.0 |
| hp | hp-ux | b.11.11 |
| trustix | secure_linux | 2.0 |
| trustix | secure_linux | 2.1 |
| hp | hp-ux | b.11.22 |
| debian | debian_linux | 3.0 |
| hp | hp-ux | b.11.00 |
| trustix | secure_linux | 1.5 |
| openpkg | openpkg | 2.1 |
| php | php | * |
| hp | hp-ux | b.11.23 |
Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ntp | ntp | * |
| hp | tru64_unix | 5.1b |
| hp | tru64_unix | 4.0f |
| hp | tru64_unix | 51.1a |
| hp | tru64_unix | 4.0g |
HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_select_access | 6.0 |
| hp | openview_select_access | 5.2 |
| hp | openview_select_access | 5.0 |
| hp | openview_select_access | 5.1 |
Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11 |
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| apache | http_server | * |
| redhat | enterprise_linux_desktop | 3.0 |
| hp | secure_web_server_for_tru64 | 5.0_a |
| hp | secure_web_server_for_tru64 | 4.0_g |
| turbolinux | turbolinux_server | 10.0 |
| debian | debian_linux | 3.0 |
| gentoo | linux | 1.4 |
| hp | hp-ux | 11.22 |
| turbolinux | turbolinux_desktop | 10.0 |
| mandrakesoft | mandrake_linux | 9.2 |
| hp | secure_web_server_for_tru64 | 5.8.2 |
| hp | secure_web_server_for_tru64 | 5.8.1 |
| mandrakesoft | mandrake_linux | 10.0 |
| hp | secure_web_server_for_tru64 | 5.9.1 |
| redhat | enterprise_linux | 3.0 |
| turbolinux | turbolinux_home | * |
| trustix | secure_linux | 2.0 |
| hp | secure_web_server_for_tru64 | 4.0_f |
| hp | secure_web_server_for_tru64 | 5.1_a |
| hp | hp-ux | 11.23 |
| hp | secure_web_server_for_tru64 | 5.1 |
| trustix | secure_linux | 2.1 |
| hp | hp-ux | 11.11 |
| hp | secure_web_server_for_tru64 | 5.9.2 |
| hp | hp-ux | 11.00 |
| hp | secure_web_server_for_tru64 | 6.3.0 |
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.0.1b |
| netscape | directory_server | 3.1 |
| mozilla | network_security_services | 3.2.1 |
| mozilla | network_security_services | 3.4 |
| sun | one_web_server | 6.1 |
| mozilla | network_security_services | 3.7.5 |
| netscape | enterprise_server | 3.4 |
| mozilla | network_security_services | 3.6.1 |
| mozilla | network_security_services | 3.6 |
| mozilla | network_security_services | 3.2 |
| mozilla | network_security_services | 3.4.1 |
| mozilla | network_security_services | 3.5 |
| mozilla | network_security_services | 3.7.1 |
| netscape | enterprise_server | 4.1 |
| netscape | directory_server | 4.1 |
| netscape | directory_server | 4.13 |
| mozilla | network_security_services | 3.4.2 |
| sun | one_web_server | 4.1 |
| netscape | enterprise_server | 3.0 |
| netscape | directory_server | 4.11 |
| netscape | personalization_engine | * |
| hp | hp-ux | 11.23 |
| mozilla | network_security_services | 3.3.2 |
| netscape | enterprise_server | 3.0.1 |
| mozilla | network_security_services | 3.7.7 |
| hp | hp-ux | 11.11 |
| sun | java_system_application_server | 7.1 |
| netscape | enterprise_server | 3.0l |
| mozilla | network_security_services | 3.7.3 |
| netscape | certificate_server | 4.2 |
| sun | one_application_server | 6.0 |
| netscape | enterprise_server | 3.3 |
| netscape | enterprise_server | 5.0 |
| netscape | enterprise_server | 4.1.1 |
| mozilla | network_security_services | 3.9 |
| sun | java_system_application_server | 7.0 |
| mozilla | network_security_services | 3.7 |
| netscape | enterprise_server | 2.0 |
| netscape | enterprise_server | 3.6 |
| netscape | enterprise_server | 2.0.1c |
| mozilla | network_security_services | 3.7.2 |
| netscape | enterprise_server | 3.1 |
| netscape | enterprise_server | 2.0a |
| netscape | directory_server | 3.12 |
| mozilla | network_security_services | 3.3 |
| netscape | enterprise_server | 3.5.1 |
| sun | java_enterprise_system | 2003q4 |
| mozilla | network_security_services | 3.8 |
| netscape | enterprise_server | 4.0 |
| mozilla | network_security_services | 3.3.1 |
| sun | one_web_server | 6.0 |
| netscape | certificate_server | 1.0 |
| netscape | directory_server | 1.3 |
| netscape | enterprise_server | 3.0.7a |
| netscape | enterprise_server | 3.2 |
| netscape | enterprise_server | 3.5 |
| sun | java_enterprise_system | 2004q2 |
| hp | hp-ux | 11.00 |
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-131,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| slackware | slackware_linux | current |
| apache | http_server | * |
| suse | suse_linux | 9.1 |
| suse | suse_linux | 8.0 |
| openpkg | openpkg | 2.0 |
| slackware | slackware_linux | 8.0 |
| slackware | slackware_linux | 9.0 |
| suse | suse_linux | 8.1 |
| suse | suse_linux | 9.2 |
| slackware | slackware_linux | 10.0 |
| hp | hp-ux | 11.11 |
| suse | suse_linux | 8.2 |
| slackware | slackware_linux | 9.1 |
| slackware | slackware_linux | 8.1 |
| trustix | secure_linux | 1.5 |
| openpkg | openpkg | 2.1 |
| hp | hp-ux | 11.22 |
| openpkg | openpkg | 2.2 |
| hp | hp-ux | 11.00 |
| suse | suse_linux | 9.0 |
| hp | hp-ux | 11.20 |
The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ignite-ux | c.6.2.241 |
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.23 |
stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.23 |
Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sockd | 0.5 |
| hp | sockd | 0.4 |
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | jre | 1.3.1_09 |
| sun | jdk | 1.4.2_02 |
| sun | jdk | 1.4.0_02 |
| sun | jre | 1.3.1_07 |
| sun | jre | 1.4.2 |
| sun | jre | 1.4.0_04 |
| sun | jdk | 1.4.0_03 |
| sun | jre | 1.3.1_02 |
| sun | jre | 1.4.0_03 |
| sun | jdk | 1.3.1_01a |
| hp | hp-ux | 11.22 |
| sun | jdk | 1.4.2_03 |
| sun | jre | 1.3.1_05 |
| sun | jdk | 1.3.1_06 |
| conectiva | linux | 10.0 |
| sun | jdk | 1.3.1_01 |
| sun | jre | 1.4.1 |
| hp | hp-ux | 11.23 |
| sun | jdk | 1.4.0_4 |
| hp | hp-ux | 11.11 |
| sun | jdk | 1.4.0_01 |
| symantec | enterprise_firewall | 8.0 |
| sun | jre | 1.4.0_02 |
| hp | java_sdk-rte | 1.3 |
| sun | jdk | 1.4.2 |
| symantec | gateway_security_5400 | 2.0 |
| sun | jdk | 1.3.1_02 |
| sun | jdk | 1.4.2_05 |
| sun | jdk | 1.4 |
| sun | jre | 1.3.0 |
| sun | jdk | 1.3.1_04 |
| sun | jre | 1.4.1_02 |
| gentoo | linux | * |
| sun | jre | 1.3.1_03 |
| symantec | gateway_security_5400 | 2.0.1 |
| sun | jdk | 1.4.1_02 |
| sun | jre | 1.4.1_01 |
| sun | jdk | 1.3.1_05 |
| sun | jdk | 1.4.2_01 |
| sun | jdk | 1.3.1_03 |
| sun | jre | 1.3.1_06 |
| hp | java_sdk-rte | 1.4 |
| sun | jdk | 1.4.1_03 |
| sun | jdk | 1.4.2_04 |
| sun | jdk | 1.3.1_07 |
| sun | jre | 1.4.1_07 |
| sun | jre | 1.4 |
| sun | jdk | 1.4.1 |
| sun | jre | 1.4.0_01 |
| hp | hp-ux | 11.00 |
| sun | jre | 1.3.1 |
| sun | jdk | 1.4.1_01 |
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openbsd | openbsd | 3.5 |
| apple | apache_mod_digest_apple | * |
| ibm | http_server | 1.3.19 |
| apache | http_server | 1.3.27 |
| hp | virtualvault | 4.5 |
| avaya | network_routing | * |
| avaya | communication_manager | 2.0.1 |
| hp | virtualvault | 4.7 |
| apache | http_server | 1.3.4 |
| apache | http_server | 1.3.9 |
| openbsd | openbsd | current |
| apache | http_server | 1.3.29 |
| apache | http_server | 1.3 |
| apache | http_server | 1.3.14 |
| apache | http_server | 1.3.20 |
| apache | http_server | 1.3.26 |
| sun | solaris | 9.0 |
| apache | http_server | 1.3.11 |
| sco | openserver | 5.0.6 |
| apache | http_server | 1.3.1 |
| apache | http_server | 1.3.23 |
| apache | http_server | 1.3.3 |
| apache | http_server | 1.3.25 |
| hp | webproxy | a.02.00 |
| avaya | modular_messaging_message_storage_server | 1.1 |
| openbsd | openbsd | 3.4 |
| avaya | communication_manager | 1.1 |
| apache | http_server | 1.3.7 |
| hp | virtualvault | 4.6 |
| avaya | mn100 | * |
| apache | http_server | 1.3.24 |
| avaya | communication_manager | 1.3.1 |
| apache | http_server | 1.3.12 |
| apache | http_server | 1.3.6 |
| hp | webproxy | a.02.10 |
| sun | sunos | 5.8 |
| apache | http_server | 1.3.18 |
| apache | http_server | 1.3.28 |
| avaya | communication_manager | 2.0 |
| apache | http_server | 1.3.17 |
| apache | http_server | 1.3.22 |
| sun | solaris | 8.0 |
| avaya | modular_messaging_message_storage_server | 2.0 |
| apache | http_server | 1.3.19 |
| avaya | intuity_audix_lx | * |
| sco | openserver | 5.0.7 |
Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.01 |
| hp | hp-ux | 10.24 |
| hp | hp-ux | 11.11i |
| hp | vvos | 10.24 |
| hp | hp-ux | 11.4 |
| hp | hp-ux_series_700 | 10.20 |
| hp | sis | * |
| hp | vvos | 11.04 |
| hp | hp-ux | 11.23 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 11.11 |
| hp | hp-ux_series_800 | 10.20 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
| hp | hp-ux | 11.23 |
Unknown vulnerability in the management station in HP StorageWorks Command View XP 1.8B and earlier allows remote attackers to bypass access restrictions.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storageworks_command_view | 1.8b |
| hp | storageworks_command_view | 1.7a |
| hp | storageworks_command_view | 1.53.01a |
| hp | storageworks_command_view | 1.51.00 |
| hp | storageworks_command_view | 1.7b |
| hp | storageworks_command_view | 1.30.00 |
| hp | storageworks_command_view | 1.52.00 |
| hp | storageworks_command_view | 1.8a |
| hp | storageworks_command_view | 1.11.1 |
| hp | storageworks_command_view | 1.11.2 |
| hp | storageworks_command_view | 1.8 |
| hp | storageworks_command_view | 1.40.04 |
| hp | storageworks_command_view | 1.40.01 |
| hp | storageworks_command_view | 1.53.00 |
| hp | storageworks_command_view | 1.11 |
| hp | storageworks_command_view | 1.60.00 |
| hp | storageworks_command_view | 1.53.05a |
Unknown vulnerability in HP Process Resource Manager (PRM) C.02.01[.01] and earlier, as used by HP-UX Workload Manager (WLM), allows local users to corrupt data files.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | process_resource_manager | c.01.08.02 |
| hp | process_resource_manager | c.02.01.01 |
| hp | process_resource_manager | c.01.07 |
| hp | workload_manager | a.02.01 |
Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ssl_http_server | 5.92 |
| hp | ssl_http_server | 5.0 |
devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | web_jetadmin | 7.5.2546 |
Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | web_jetadmin | 7.5.2546 |
The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote attackers to upgrade firmware.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | color_laserjet | 4650 |
| hp | laserjet_4200 | * |
| hp | laserjet_4300 | * |
| hp | color_laserjet | 5500 |
| hp | laserjet_9065 | * |
| hp | laserjet_4100_mfp | * |
| hp | laserjet_9050_mpf | * |
| hp | laserjet_9500_mpf | * |
| hp | color_laserjet_4600 | * |
| hp | laserjet_3700 | * |
| hp | laserjet_9000_mfp | * |
| hp | laserjet_9040_mpf | * |
| hp | color_laserjet | 5550 |
| hp | laserjet_2500 | * |
| hp | laserjet_9050 | * |
| hp | laserjet_9500 | * |
| hp | laserjet_9000 | * |
| hp | laserjet_3000 | * |
| hp | laserjet_9055 | * |
The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | carrier_grade_server_cc2300 | a6898a |
| hp | carrier_grade_server_cc3300 | a6901a |
| intel | server_platform_spsh4 | * |
| intel | server_board_scb2 | * |
| intel | carrier_grade_server_tigpr2u | * |
| hp | carrier_grade_server_cc3300 | a6900a |
| hp | carrier_grade_server_cc3310 | a9862a |
| intel | server_control | * |
| intel | server_platform_srsh4 | * |
| intel | cli_auto-configuration_utility | * |
| hp | carrier_grade_server_cc2300 | a6899a |
| intel | server_board_shg2 | * |
| hp | carrier_grade_server_cc3310 | a9863a |
| intel | server_board_sds2 | * |
| intel | carrier_grade_server_tsrmt2 | * |
| intel | server_board_se7500wv2 | * |
| intel | client_system_setup_utility | * |
| intel | server_board_se7501hg2 | * |
| intel | carrier_grade_server_tsrlt2 | * |
| intel | entry_server_board_se7210tp1-e | * |
| intel | server_configuration_wizard | * |
| intel | entry_server_platform_sr1325tp1-e | * |
| intel | system_setup_utility | * |
| intel | server_platform_sr870bh2 | * |
| intel | server_platform_sr870bn4 | * |
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1b_p3k_bl24 |
| hp | tru64 | 5.1a |
| hp | tru64 | 5.1b_pk2_bl22 |
HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.00 |
Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "files in a potentially insecure manner."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
Unknown vulnerability in HP-UX B.11.04 running Virtualvault 4.5 through 4.7, when running the TGA daemon, allows remote attackers to cause a denial of service via certain network traffic.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | virtualvault | 4.5 |
| hp | virtualvault | 4.7 |
| hp | virtualvault | 4.6 |
Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.23 |
Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
| hp | hp-ux | 11.23 |
Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openvms | 6.2 |
| hp | openvms | 7.3-1 |
| hp | openvms | 7.3-2 |
| hp | openvms | 7.3 |
Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1b1 |
| hp | tru64 | 4.0f |
| hp | tru64 | 4.0g |
| hp | tru64 | 5.1a |
Unknown vulnerability in HP OpenView Network Node Manager (NMM) 6.2 through 6.4, and 7.01 through 7.50, allows remote attackers to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 6.4 |
| hp | openview_network_node_manager | 6.2 |
| hp | openview_network_node_manager | 6.31 |
| hp | openview_network_node_manager | 7.50 |
| hp | openview_network_node_manager | 7.01 |
Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.04 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.23 |
Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView Radia Management Portal (RMP) 1.x and 2.x allows remote attackers to execute arbitrary commands via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_radia_management_portal | 1.0 |
| hp | openview_radia_management_portal | 2.0 |
Multiple unknown vulnjerabilities HP OpenView Event Correlation Services (OV ECS) 3.32 and 3.33 allow attackers to cause a denial of service or execute arbitrary code.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_event_correlation_services | 3.2 |
| hp | openview_event_correlation_services | 3.3 |
Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 6.4 |
| hp | openview_network_node_manager | 6.2 |
| hp | openview_network_node_manager | 7.50 |
| hp | openview_network_node_manager | 7.01 |
Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameters to a RADEXECD process.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | radia_client | 3.1.2.0 |
Buffer overflow in HP Radia Notify Daemon 3.1.0.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a long file extension.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | radia_client | 3.1.0.0 |
HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | version_control_repository_manager | 1.0.2241.0 |
| hp | version_control_repository_manager | 1.0.2289.0 |
| hp | version_control_repository_manager | 1.0.3086.0 |
| hp | version_control_repository_manager | 1.0.1288.1 |
| hp | version_control_repository_manager | 2.0.1.30 |
| hp | version_control_repository_manager | 1.0.3085.0 |
| hp | version_control_repository_manager | 1.0.2345.0 |
| hp | version_control_repository_manager | 2.1.1.710 |
| hp | version_control_repository_manager | 2.0.0.50 |
| hp | version_control_repository_manager | 2.1.1.720 |
Unknown vulnerability in HP ProLiant DL585 servers running Integrated Lights Out (ILO) firmware before 1.81 allows attackers to access server controls when the server is "powered down."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | proliant_dl585 | * |
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | * |
HP LaserJet 2430, and possibly other printers that use Jetdirect controls, stores information about recently printed documents without proper protection, which could allow remote attackers to obtain sensitive information via SNMP.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_2430 | * |
Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | tru64 | 4.0f |
| hp | tru64 | * |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
| hp | hp-ux | 11.23 |
The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2002-1473.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 10.20 |
Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size."
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.23 |
envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.23 |
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tru64 | 5.1b1 |
| hp | hp-ux | 11.11 |
| hp | tru64 | 5.1b3 |
| hp | jetdirect_635n | * |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.23 |
Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.23 |
Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when accessed by Microsoft Internet Explorer with the MS04-025 patch, leads to a denial of service (browser hang). NOTE: although the advisory is vague, this issue does not appear to involve an attacker at all. If not, then this issue is not a vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 4.1 |
| hp | systems_insight_manager | 4.0 |
Unspecified vulnerability in HP-UX B.11.00 to B.11.23, when IPSEC is running, allows remote attackers to have unknown impact.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.22 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.23 |
HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
| hp | hp-ux | 11.23 |
Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
Multiple unspecified vulnerabilities in Oracle for OpenView (OfO) 8.1.7, 9.1.01, and 9.2, and OfO for Linux, allow remote attackers to have an unknown impact via unknown attack vectors. NOTE: because of the lack of details in the vendor advisory, it is unclear which set of existing CVEs this advisory might refer to.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oracle_for_openview | 9.1.01 |
| hp | oracle_for_openview | 8.1.7 |
| hp | oracle_for_openview | 9.2 |
Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP Web-enabled Management Software allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | http_server | 5.93 |
| hp | http_server | 5.92 |
| hp | http_server | 5.94 |
| hp | http_server | 5.0 |
Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
Directory traversal vulnerability in HP Systems Insight Manager 4.2 through 5.0 SP3 for Windows allows remote attackers to access arbitrary files via unspecified vectors, a different vulnerability than CVE-2005-2006.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 5.0 |
| hp | systems_insight_manager | 4.2 |
Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0.06 has unknown impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | psc_1210_all-in-one | 1.0 |
| hp | psc_1210_all-in-one | 1.0.0.1 |
| hp | psc_1210_all-in-one | * |
Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 2.1.4 |
Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.23 |
Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.23 |
Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | color_laserjet | 4600hdn |
| hp | color_laserjet_2500tn | * |
| hp | color_laserjet_2500_toolbox | * |
| hp | color_laserjet_2500l | * |
| hp | color_laserjet_4600 | * |
| hp | color_laserjet | 4600dtn |
| hp | color_laserjet_2500n | * |
| hp | color_laserjet_4600_toolbox | * |
| hp | color_laserjet_2500lse | * |
| hp | color_laserjet | 4600dn |
| hp | color_laserjet_2500 | * |
Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain unspecified access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when "Trust by Certificates" is not enabled, allows remote attackers to bypass authentication via a crafted URL.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.1.3.132 |
| hp | compaqhttpserver | 9.9 |
Unspecified vulnerability in HP StorageWorks Secure Path for Windows 4.0C-SP2 before 20060419 allows remote attackers to cause an unspecified denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storageworks_secure_path_windows | 4.0c |
Unspecified vulnerability in the kernel in HP-UX B.11.00 allows local users to cause an unspecified denial of service via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.00 |
Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
| hp | hp-ux | 11.23 |
Unspecified vulnerability in HP OpenView Storage Data Protector 5.1 and 5.5 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 5.1 |
| hp | openview_storage_data_protector | 5.5 |
Multiple unspecified vulnerabilities in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allow remote attackers to gain privileged access, execute arbitrary commands, or create arbitrary files via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 6.20 |
| hp | openview_network_node_manager | 6.4 |
| hp | openview_network_node_manager | 7.50 |
| hp | openview_network_node_manager | 7.01 |
Unspecified vulnerability in Support Tools Manager (xstm, cstm, and stm) on HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.23 |
Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.23 |
Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.00 |
| hp | hp-ux | 11.4 |
| hp | hp-ux | 11.23 |
Unspecified vulnerability in [SYSEXE]SMPUTIL.EXE in HP OpenVMS 7.3-2 allows local users and "remote users" to cause a denial of service (crash).
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openvms | 7.3-2 |
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | power_manager | 4.2.5 |
| hp | power_manager | * |
| hp | power_manager | 4.2.6 |
Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | power_manager | 4.2.5 |
| hp | power_manager | * |
| hp | power_manager | 4.2.6 |
| hp | power_manager | 4.2.7 |
| hp | power_manager | 4.2.8 |
Unspecified vulnerability in HP OpenView Storage Data Protector 6.00 and 6.10 allows local users to obtain unspecified "access" via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
Unspecified vulnerability in HP Enterprise Cluster Master Toolkit (ECMT) B.05.00 on HP-UX B.11.23 (11i v2) and HP-UX B.11.31 (11i v3) allows local users to gain access to an Oracle or Sybase database via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | enterprise_cluster_master_toolkit | b.05.00 |
Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 2.1.0-109 |
Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown impact and attack vectors related to an "included contact template file."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | palm_pre_webos | 1.0.3 |
| hp | palm_pre_webos | 1.0.2 |
| hp | palm_pre_webos | * |
| hp | palm_pre_webos | 1.0.4 |
| hp | palm_pre_webos | 1.1.0 |
Palm Pre WebOS 1.1 and earlier processes JavaScript in email messages, which allows remote attackers to execute arbitrary JavaScript, as demonstrated by reading PalmDatabase.db3.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | palm_pre_webos | 1.0.3 |
| hp | palm_pre_webos | 1.0.2 |
| hp | palm_pre_webos | * |
| hp | palm_pre_webos | 1.0.4 |
The LunaSysMgr process in Palm Pre WebOS 1.1 and earlier, when not viewing web pages in landscape mode, allows remote attackers to cause a denial of service (crash) via a web page containing a long string following a refresh tag, which triggers a floating point exception.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | palm_pre_webos | 1.0.3 |
| hp | palm_pre_webos | 1.0.2 |
| hp | palm_pre_webos | * |
| hp | palm_pre_webos | 1.0.4 |
Unspecified vulnerability in Record Management Services (RMS) before VMS83A_RMS-V1100 for HP OpenVMS on the Alpha platform allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openvms_rms | vms83a_rms-v1000 |
| hp | openvms_rms | vms83a_update-v1100 |
HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10 uses a blank password for the opc_op account, which allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_agent | 8.52 |
| hp | operations_agent | 8.51 |
| hp | operations_agent | 8.53 |
Unspecified vulnerability in HP Network Node Manager (NNM) 8.10, 8.11, 8.12, and 8.13 allows remote attackers to execute arbitrary commands via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager | 8.13 |
| hp | network_node_manager | 8.11 |
| hp | network_node_manager | 8.10 |
| hp | network_node_manager | 8.12 |
Unspecified vulnerability on the HP DreamScreen 100 and 130 with firmware before 1.6.0.0, when using a web-connected configuration, allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | dreamscreen | 130 |
| hp | dreamscreen | 100 |
The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_performance_insight | * |
Unspecified vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to obtain "unauthorized access to data" via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | soa_registry_foundation | 6.64 |
| hp | soa_registry_foundation | 6.63 |
Cross-site scripting (XSS) vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | soa_registry_foundation | 6.64 |
| hp | soa_registry_foundation | 6.63 |
Unspecified vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | soa_registry_foundation | 6.64 |
| hp | soa_registry_foundation | 6.63 |
The installation process for NFS/ONCplus B.11.31_08 and earlier on HP HP-UX B.11.31 changes the NFS_SERVER setting in the nfsconf file, which might allow remote attackers to obtain filesystem access via NFS requests.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.31 |
| hp | hp-ux | b.11.31 |
Multiple cross-site scripting (XSS) vulnerabilities in HP Project and Portfolio Management Center (PPMC, formerly Mercury IT Governance) 7.1 through SP10 and 7.5 through SP3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | project_and_portfolio_management_center | * |
Unspecified vulnerability in HP-UX B.11.31, with AudFilter rules enabled, allows local users to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | b.11.31 |
Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux or ICE-LX) 2.11 and earlier allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_suite_for_linux | 2.00 |
| hp | insight_control_suite_for_linux | 2.10 |
| hp | insight_control_suite_for_linux | 2.10.01 |
| hp | insight_control_suite_for_linux | * |
| hp | insight_control_suite_for_linux | 2.00.01 |
Unspecified vulnerability in HP HP-UX B.11.11 allows local users to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | b.11.11 |
Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argument to the (1) LoadFile or (2) SaveFile method, related to srcvw32.dll and srcvw4.dll.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_manager | 7.5 |
| hp | operations_manager | 8.16 |
| hp | operations_manager | 8.10 |
Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 6.0 |
Multiple unspecified vulnerabilities in HP Virtual Machine Manager (VMM) before 6.0 allow remote authenticated users to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_virtual_machine_management | * |
| hp | insight_virtual_machine_management | 3.6.1 |
Cross-site scripting (XSS) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 5.2 |
| hp | systems_insight_manager | 2.5 |
| hp | systems_insight_manager | 5.0 |
| hp | systems_insight_manager | 4.2 |
| hp | systems_insight_manager | 5.1 |
| hp | systems_insight_manager | 4.1 |
| hp | systems_insight_manager | 2.5.2.0 |
| hp | systems_insight_manager | * |
| hp | systems_insight_manager | 4.0 |
Cross-site request forgery (CSRF) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 5.2 |
| hp | systems_insight_manager | 2.5 |
| hp | systems_insight_manager | 5.0 |
| hp | systems_insight_manager | 4.2 |
| hp | systems_insight_manager | 5.1 |
| hp | systems_insight_manager | 4.1 |
| hp | systems_insight_manager | 2.5.2.0 |
| hp | systems_insight_manager | * |
| hp | systems_insight_manager | 4.0 |
Unspecified vulnerability in HP System Insight Manager before 6.0 allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 5.2 |
| hp | systems_insight_manager | 2.5 |
| hp | systems_insight_manager | 5.0 |
| hp | systems_insight_manager | 4.2 |
| hp | systems_insight_manager | 5.1 |
| hp | systems_insight_manager | 4.1 |
| hp | systems_insight_manager | 2.5.2.0 |
| hp | systems_insight_manager | * |
| hp | systems_insight_manager | 4.0 |
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-134,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ibm | aix | 5.2.0.54 |
| ibm | aix | 4.0 |
| ibm | vios | 2.1 |
| ibm | aix | 4.1.1 |
| ibm | aix | 430 |
| ibm | aix | * |
| ibm | aix | 4.3.0 |
| ibm | aix | 2.2.1 |
| ibm | aix | 5.2.0 |
| ibm | aix | 3.2 |
| ibm | aix | 4 |
| ibm | aix | 5.1l |
| ibm | aix | 4.1.5 |
| ibm | aix | 5.2.2 |
| hp | nfs/oncplus | * |
| ibm | aix | 6.1 |
| ibm | aix | 1.3 |
| ibm | aix | 3.2.5 |
| ibm | aix | 4.2.1 |
| ibm | aix | 4.2 |
| ibm | aix | 5.2.0.50 |
| ibm | aix | 5.1 |
| ibm | aix | 4.2.1.12 |
| ibm | aix | 4.1.4 |
| ibm | vios | * |
| ibm | aix | 3.2.0 |
| ibm | aix | 4.3.3 |
| sgi | irix | 6.5 |
| ibm | aix | 4.1.2 |
| ibm | aix | 4.2.0 |
| ibm | vios | 1.4 |
| ibm | aix | 4.3.1 |
| ibm | aix | 4.3.2 |
| ibm | aix | 4.1 |
| ibm | aix | 3.1 |
| ibm | aix | 1.2.1 |
| ibm | aix | 4.1.3 |
| ibm | aix | 5.2 |
| ibm | aix | 5.2_l |
| ibm | aix | 4.3 |
| ibm | aix | 3.2.4 |
| ibm | aix | 5.1.0.10 |
Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 7.6 |
| hp | loadrunner | 9.0 |
| hp | loadrunner | 7.5 |
| hp | loadrunner | 7.51 |
| hp | loadrunner | 8.14 |
| hp | loadrunner | 7.0 |
| hp | loadrunner | 8.0 |
| hp | loadrunner | * |
| hp | performance_center | * |
| hp | loadrunner | 7.02 |
| hp | loadrunner | 8.13 |
| hp | loadrunner | 7.8 |
| hp | loadrunner | 8.12 |
Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in the sel parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-134,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
| hp | openview_network_node_manager | 7.0.1 |
Stack-based buffer overflow in the _OVParseLLA function in ov.dll in netmon.exe in Network Monitor in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the sel parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
| hp | openview_network_node_manager | 7.0.1 |
Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the act and app parameters.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
| hp | openview_network_node_manager | 7.0.1 |
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
| hp | openview_network_node_manager | 7.0.1 |
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
| hp | openview_network_node_manager | 7.0.1 |
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
| hp | openview_network_node_manager | 7.0.1 |
Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 Update 1, and 6.0 allows remote attackers to obtain sensitive information and modify data via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 6.0 |
| hp | systems_insight_manager | 5.3 |
Multiple cross-site scripting (XSS) vulnerabilities in HP Insight Control Server Migration before 6.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_server_migration_for_windows | * |
Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | multifunction_peripheral_digital_sending_software | 4.13 |
| hp | multifunction_peripheral_digital_sending_software | 4.14 |
| hp | multifunction_peripheral_digital_sending_software | * |
| hp | multifunction_peripheral_digital_sending_software | 4.16 |
| hp | multifunction_peripheral_digital_sending_software | 4.07 |
| hp | multifunction_peripheral_digital_sending_software | 4.00 |
| hp | multifunction_peripheral_digital_sending_software | 4.03 |
| hp | multifunction_peripheral_digital_sending_software | 4.15 |
| hp | multifunction_peripheral_digital_sending_software | 4.08 |
| hp | multifunction_peripheral_digital_sending_software | 4.02 |
| hp | multifunction_peripheral_digital_sending_software | 4.04 |
| hp | multifunction_peripheral_digital_sending_software | 4.06 |
| hp | multifunction_peripheral_digital_sending_software | 4.11 |
| hp | multifunction_peripheral_digital_sending_software | 4.10 |
| hp | multifunction_peripheral_digital_sending_software | 4.05 |
| hp | multifunction_peripheral_digital_sending_software | 4.09 |
| hp | multifunction_peripheral_digital_sending_software | 4.17 |
| hp | multifunction_peripheral_digital_sending_software | 4.12 |
Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 2.1.0-109 |
Unspecified vulnerability in HP TestDirector for Quality Center 9.2 before Patch8 allows remote attackers to modify data via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mercury_testdirector_for_quality_center | * |
Buffer overflow in the error handling functionality in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long, invalid option to jovgraph.exe.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified variables to jovgraph.exe, which are not properly handled in a call to the sprintf function.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.2.1.870.0 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storageworks_storage_mirroring | 5.1 |
| hp | storageworks_storage_mirroring | 5 |
| hp | storageworks_storage_mirroring | 5.2 |
| hp | storageworks_storage_mirroring | 5.2.1 |
Cross-site scripting (XSS) vulnerability in HP ServiceCenter allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | servicecenter | * |
Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Unspecified vulnerability in HP Insight Orchestration for Windows before 6.1 allows remote attackers to read or modify data via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_orchestration | * |
Unspecified vulnerability in HP Insight Control power management for Windows before 6.1 allows local users to read or modify data, or cause a denial of service, via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control | 3.00 |
| hp | insight_control | * |
| hp | insight_control | 3.10 |
Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users to read or modify data via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_software_installer | 3.00 |
| hp | insight_software_installer | * |
| hp | insight_software_installer | 3.10 |
Cross-site request forgery (CSRF) vulnerability in HP Insight Software Installer for Windows before 6.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, a different vulnerability than CVE-2010-1971.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_software_installer | 3.00 |
| hp | insight_software_installer | * |
| hp | insight_software_installer | 3.10 |
Cross-site scripting (XSS) vulnerability in HP Virtual Connect Enterprise Manager for Windows before 6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | virtual_connect_enterprise_manager | 6.10 |
Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users to read or modify data, and consequently gain privileges, via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_software_installer | 3.00 |
| hp | insight_software_installer | * |
| hp | insight_software_installer | 3.10 |
Cross-site request forgery (CSRF) vulnerability in HP Insight Software Installer for Windows before 6.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, a different vulnerability than CVE-2010-1968.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_software_installer | 3.00 |
| hp | insight_software_installer | * |
| hp | insight_software_installer | 3.10 |
The default configuration of HP Client Automation (HPCA) Enterprise Infrastructure (aka Radia) allows remote attackers to read log files, and consequently cause a denial of service or have unspecified other impact, via web requests.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-16,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | client_automation_enterprise_infrastructure | * |
Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3, 8.2-1, and earlier on the Itanium platform, allows local users to gain privileges or obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openvms | 6.2 |
| hp | openvms | 7.3-1 |
| hp | openvms | 7.2-1 |
| hp | openvms | 7.2 |
| hp | openvms | 7.2-1h1 |
| hp | openvms | 8.3 |
| hp | openvms | 7.2-2 |
| hp | openvms | * |
| hp | openvms | 8.3-1h1 |
| hp | openvms | 8.2 |
| hp | openvms | 7.2-6c2 |
| hp | openvms | 7.3 |
Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3; and OpenVMS for Integrity Servers 8.3 AND 8.3-1H1; allows local users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openvms | 7.3-2 |
| hp | openvms | 8.3 |
| hp | openvms_for_integrity_servers | 8.3-1h1 |
| hp | openvms_for_integrity_servers | 8.3 |
| hp | openvms | 8.2 |
Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbitrary code via a long HTTP request to webappmon.exe.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long HTTP request to nnmrptconfig.exe.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and the ProCurve 1800-8G switch with software PA.03.02 and earlier, when SNMP is enabled, allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_switch_1800-8g | * |
| hp | procurve_switch_software | pa.02.06 |
| hp | procurve_switch_software | pb.02.07 |
| hp | procurve_switch_software | pb.02.04 |
| hp | procurve_switch_software | pa.02.03 |
| hp | procurve_switch_software | pa.02.07 |
| hp | procurve_switch_software | pa.03.01 |
| hp | procurve_switch_software | pb.02.01 |
| hp | procurve_switch_software | pb.02.03 |
| hp | procurve_switch_software | pa.03.00 |
| hp | procurve_switch_software | pa.02.01 |
| hp | procurve_switch_software | pa.02.05 |
| hp | procurve_switch_1800-24g | * |
| hp | procurve_switch_software | pb.02.08 |
| hp | procurve_switch_software | * |
| hp | procurve_switch_software | pb.03.01 |
| hp | procurve_switch_software | pa.02.02 |
| hp | procurve_switch_software | pa.02.08 |
| hp | procurve_switch_software | pb.02.05 |
| hp | procurve_switch_software | pa.02.09 |
| hp | procurve_switch_software | pb.03.00 |
| hp | procurve_switch_software | pa.02.04 |
| hp | procurve_switch_software | pb.02.06 |
| hp | procurve_switch_software | pb.02.02 |
| hp | procurve_switch_software | pb.02.09 |
Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 switch before R.11.30 allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_switch_software | r.11.10 |
| hp | procurve_switch_2610-24/12pwr | * |
| hp | procurve_switch_software | r.11.17 |
| hp | procurve_switch_software | r.11.12 |
| hp | procurve_switch_software | r.11.05 |
| hp | procurve_switch_software | r.11.16 |
| hp | procurve_switch_software | r.11.15 |
| hp | procurve_switch_software | r.11.04 |
| hp | procurve_switch_2610-24 | * |
| hp | procurve_switch_software | r.11.25 |
| hp | procurve_switch_software | r.11.11 |
| hp | procurve_switch_software | r.11.07 |
| hp | procurve_switch_software | r.11.26 |
| hp | procurve_switch_software | r.11.27 |
| hp | procurve_switch_software | r.11.21 |
| hp | procurve_switch_2610 | * |
| hp | procurve_switch_software | r.11.19 |
| hp | procurve_switch_2610-48-pwr | * |
| hp | procurve_switch_software | * |
| hp | procurve_switch_software | r.11.13 |
| hp | procurve_switch_software | r.11.08 |
| hp | procurve_switch_software | r.11.24 |
| hp | procurve_switch_software | r.11.18 |
| hp | procurve_switch_software | r.11.06 |
| hp | procurve_switch_software | r.11.09 |
| hp | procurve_switch_software | r.11.22 |
| hp | procurve_switch_software | r.11.20 |
| hp | procurve_switch_2610-24-pwr | * |
| hp | procurve_switch_2610-48 | * |
| hp | procurve_switch_software | r.11.23 |
| hp | procurve_switch_software | r.11.28 |
| hp | procurve_switch_software | r.11.14 |
Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_switch_software | h.08.105 |
| hp | procurve_switch_software | h.07.32 |
| hp | procurve_switch_software | h.08.88 |
| hp | procurve_switch_software | h.10.65 |
| hp | procurve_switch_software | h.08.91 |
| hp | procurve_switch_software | h.08.55 |
| hp | procurve_switch_software | h.08.74 |
| hp | procurve_switch_software | h.10.38 |
| hp | procurve_switch_software | h.10.63 |
| hp | procurve_switch_software | h.08.60 |
| hp | procurve_switch_software | h.08.65 |
| hp | procurve_switch_software | h.08.103 |
| hp | procurve_switch_2650-pwr | * |
| hp | procurve_switch_software | h.08.86 |
| hp | procurve_switch_software | h.08.99 |
| hp | procurve_switch_software | h.07.56 |
| hp | procurve_switch_software | h.08.56 |
| hp | procurve_switch_software | h.08.79 |
| hp | procurve_switch_software | h.08.75 |
| hp | procurve_switch_software | h.10.52 |
| hp | procurve_switch_software | h.08.81 |
| hp | procurve_switch_software | h.07.55 |
| hp | procurve_switch_software | h.08.57 |
| hp | procurve_switch_software | h.10.40 |
| hp | procurve_switch_software | h.10.33 |
| hp | procurve_switch_software | h.08.100 |
| hp | procurve_switch_software | h.08.106 |
| hp | procurve_switch_software | h.10.37 |
| hp | procurve_switch_software | h.10.59 |
| hp | procurve_switch_software | h.08.90 |
| hp | procurve_switch_software | h.10.24 |
| hp | procurve_switch_software | h.08.73 |
| hp | procurve_switch_software | h.08.64 |
| hp | procurve_switch_software | h.08.94 |
| hp | procurve_switch_software | h.10.27 |
| hp | procurve_switch_software | h.10.64 |
| hp | procurve_switch_2626-pwr | * |
| hp | procurve_switch_software | h.08.95 |
| hp | procurve_switch_software | h.10.47 |
| hp | procurve_switch_software | h.08.77 |
| hp | procurve_switch_software | h.08.107 |
| hp | procurve_switch_software | h.07.46 |
| hp | procurve_switch_software | h.08.61 |
| hp | procurve_switch_software | h.07.41 |
| hp | procurve_switch_software | h.10.62 |
| hp | procurve_switch_software | h.10.29 |
| hp | procurve_switch_software | h.10.72 |
| hp | procurve_switch_software | h.07.02 |
| hp | procurve_switch_software | h.10.50 |
| hp | procurve_switch_software | h.10.32 |
| hp | procurve_switch_software | h.10.57 |
| hp | procurve_switch_software | h.08.98 |
| hp | procurve_switch_software | h.07.54 |
| hp | procurve_switch_software | h.08.97 |
| hp | procurve_switch_software | h.08.85 |
| hp | procurve_switch_software | h.08.89 |
| hp | procurve_switch_2650 | * |
| hp | procurve_switch_software | h.08.80 |
| hp | procurve_switch_software | h.10.60 |
| hp | procurve_switch_software | h.10.46 |
| hp | procurve_switch_software | h.08.76 |
| hp | procurve_switch_software | h.10.44 |
| hp | procurve_switch_software | h.08.84 |
| hp | procurve_switch_software | h.08.92 |
| hp | procurve_switch_software | h.08.93 |
| hp | procurve_switch_software | h.10.39 |
| hp | procurve_switch_software | h.07.45 |
| hp | procurve_switch_software | h.10.21 |
| hp | procurve_switch_software | h.10.41 |
| hp | procurve_switch_software | h.10.42 |
| hp | procurve_switch_software | h.07.53 |
| hp | procurve_switch_software | h.08.96 |
| hp | procurve_switch_software | h.10.73 |
| hp | procurve_switch_software | h.10.28 |
| hp | procurve_switch_software | h.08.72 |
| hp | procurve_switch_software | h.10.54 |
| hp | procurve_switch_software | h.07.31 |
| hp | procurve_switch_software | h.10.55 |
| hp | procurve_switch_software | h.08.82 |
| hp | procurve_switch_software | h.10.68 |
| hp | procurve_switch_software | h.08.53 |
| hp | procurve_switch_software | h.08.109 |
| hp | procurve_switch_software | h.10.20 |
| hp | procurve_switch_software | h.10.35 |
| hp | procurve_switch_software | h.10.61 |
| hp | procurve_switch_software | h.08.102 |
| hp | procurve_switch_software | h.10.66 |
| hp | procurve_switch_software | h.10.70 |
| hp | procurve_switch_software | h.10.69 |
| hp | procurve_switch_software | h.10.48 |
| hp | procurve_switch_software | h.10.36 |
| hp | procurve_switch_software | h.08.70 |
| hp | procurve_switch_software | h.10.53 |
| hp | procurve_switch_software | h.10.22 |
| hp | procurve_switch_software | h.10.58 |
| hp | procurve_switch_software | h.08.69 |
| hp | procurve_switch_software | h.08.71 |
| hp | procurve_switch_software | h.08.62 |
| hp | procurve_switch_software | h.10.23 |
| hp | procurve_switch_software | h.10.67 |
| hp | procurve_switch_software | h.08.67 |
| hp | procurve_switch_software | h.08.104 |
| hp | procurve_switch_software | h.10.25 |
| hp | procurve_switch_software | h.10.49 |
| hp | procurve_switch_software | h.08.58 |
| hp | procurve_switch_software | h.07.50 |
| hp | procurve_switch_2626 | * |
| hp | procurve_switch_software | h.10.56 |
| hp | procurve_switch_software | h.10.71 |
| hp | procurve_switch_software | h.10.30 |
| hp | procurve_switch_software | * |
| hp | procurve_switch_software | h.08.78 |
| hp | procurve_switch_software | h.10.26 |
| hp | procurve_switch_software | h.07.03 |
| hp | procurve_switch_software | h.10.45 |
| hp | procurve_switch_software | h.08.87 |
| hp | procurve_switch_software | h.08.101 |
| hp | procurve_switch_software | h.08.59 |
| hp | procurve_switch_software | h.08.83 |
| hp | procurve_switch_software | h.10.43 |
| hp | procurve_switch_software | h.10.31 |
| hp | procurve_switch_software | h.10.51 |
| hp | procurve_switch_software | h.08.108 |
Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_switch_software | r.11.10 |
| hp | procurve_switch_2610-24/12pwr | * |
| hp | procurve_switch_software | r.11.17 |
| hp | procurve_switch_software | r.11.12 |
| hp | procurve_switch_software | r.11.05 |
| hp | procurve_switch_software | r.11.16 |
| hp | procurve_switch_software | r.11.15 |
| hp | procurve_switch_software | r.11.04 |
| hp | procurve_switch_2610-24 | * |
| hp | procurve_switch_software | r.11.11 |
| hp | procurve_switch_software | r.11.07 |
| hp | procurve_switch_2610 | * |
| hp | procurve_switch_software | r.11.19 |
| hp | procurve_switch_2610-48-pwr | * |
| hp | procurve_switch_software | * |
| hp | procurve_switch_software | r.11.13 |
| hp | procurve_switch_software | r.11.08 |
| hp | procurve_switch_software | r.11.18 |
| hp | procurve_switch_software | r.11.06 |
| hp | procurve_switch_software | r.11.09 |
| hp | procurve_switch_software | r.11.20 |
| hp | procurve_switch_2610-24-pwr | * |
| hp | procurve_switch_2610-48 | * |
| hp | procurve_switch_software | r.11.14 |
Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Unspecified vulnerability in the HP MagCloud app before 1.0.5 for the iPad allows remote attackers to read and modify MagCloud application data via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | magcloud | * |
Unspecified vulnerability in Software Distributor (sd) in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | b.11.11 |
| hp | hp-ux | b.11.23 |
| hp | hp-ux | b.11.31 |
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_diagnostics | 7.5.5-1 |
| hp | insight_diagnostics | 7.6.0-23 |
| hp | insight_diagnostics | 7.4.0-11 |
| hp | insight_diagnostics | 7.7.0-142 |
| hp | insight_diagnostics | 7.5.0-14 |
| hp | insight_diagnostics | 7.8.0-159 |
| hp | insight_diagnostics | 6.3.0-15 |
| hp | insight_diagnostics | 6.3.1-1 |
| hp | insight_diagnostics | 7.0.0-30 |
| hp | insight_diagnostics | 7.9.1-15 |
| hp | insight_diagnostics | 7.9.0-105 |
| hp | insight_diagnostics | 7.0.1-8 |
| hp | insight_diagnostics | * |
Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_agent | 8.60 |
| hp | operations_agent | 7.36 |
Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_agent | 8.60 |
| hp | operations_agent | 7.36 |
Unspecified vulnerability on the HP ProLiant G6 Lights-Out 100 Remote Management card with firmware before 4.06 allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | proliant_g6_lights-out_100_remote_management | * |
Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 allows local users to gain privileges or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_express | 3.1 |
| hp | data_protector_express | 4.0 |
| hp | data_protector_express | 3.5 |
Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain privileges or cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3007.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_express | 3.1 |
| hp | data_protector_express | 4.0 |
| hp | data_protector_express | 3.5 |
Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 6.0 |
Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3com_officeconnect_gigabit_vpn_firewall_software | 1.0.8 |
| hp | 3com_officeconnect_gigabit_vpn_firewall_software | * |
| hp | 3crevf100-73 | * |
CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 2.1.14.204 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 2.1.14.204 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Unspecified vulnerability in HP Systems Insight Manager (SIM) 6.0 and 6.1 allows remote attackers to read arbitrary files via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 6.0 |
| hp | systems_insight_manager | 6.1 |
Unspecified vulnerability on HP ProCurve Access Points, Access Controllers, and Mobility Controllers with software 5.1.x through 5.1.9, 5.2.x through 5.2.7, 5.3.x through 5.3.5, and 5.4.x through 5.4.0 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_msm422_access_point | * |
| hp | procurve_msm730_access_controller | * |
| hp | procurve_access_point_software | 5.4.0 |
| hp | procurve_miltope_dual_radio_access_point | * |
| hp | procurve_msm310_access_point | * |
| hp | procurve_access_point_software | 5.1.3 |
| hp | procurve_msm320-r_access_point | * |
| hp | procurve_msm710_access_controller | * |
| hp | procurve_access_point_software | 5.2.7 |
| hp | procurve_msm730_mobility_controller | * |
| hp | procurve_access_point_software | 5.1.6 |
| hp | procurve_access_point_software | 5.2.0 |
| hp | procurve_access_point_software | 5.2.4 |
| hp | procurve_access_point_software | 5.3.0 |
| hp | procurve_msm310-r_access_point | * |
| hp | procurve_msm325_access_point | * |
| hp | procurve_access_point_software | 5.3.4 |
| hp | procurve_msm320_access_point | * |
| hp | procurve_access_point_software | 5.3.1 |
| hp | procurve_msm750_access_controller | * |
| hp | procurve_msm335_access_point | * |
| hp | procurve_access_point_software | 5.1.4 |
| hp | procurve_access_point_software | 5.3.2 |
| hp | procurve_msm710_mobility_controller | * |
| hp | procurve_access_point_software | 5.1.0 |
| hp | procurve_access_point_software | 5.2.2 |
| hp | procurve_access_point_software | 5.2.1 |
| hp | procurve_access_point_software | 5.2.6 |
| hp | procurve_msm750_mobility_controller | * |
| hp | procurve_access_point_software | 5.2.5 |
| hp | procurve_access_point_software | 5.3.3 |
| hp | procurve_access_point_software | 5.1.7 |
| hp | procurve_msm410_access_point | * |
| hp | procurve_multi_service_access_point_miltope_nmap | * |
| hp | procurve_access_point_software | 5.3.5 |
| hp | procurve_access_point_software | 5.1.2 |
| hp | procurve_m110_access_point | * |
| hp | procurve_access_point_software | 5.1.8 |
| hp | procurve_access_point_software | 5.1.9 |
Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 5.0 |
| hp | systems_insight_manager | 6.0 |
| hp | systems_insight_manager | 4.2 |
| hp | systems_insight_manager | 4.1 |
| hp | systems_insight_manager | * |
| hp | systems_insight_manager | 4.0 |
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 5.2 |
| hp | systems_insight_manager | 2.5 |
| hp | systems_insight_manager | 5.0 |
| hp | systems_insight_manager | 6.0 |
| hp | systems_insight_manager | 4.2 |
| hp | systems_insight_manager | 5.1 |
| hp | systems_insight_manager | 4.1 |
| hp | systems_insight_manager | 2.5.2.0 |
| hp | systems_insight_manager | 5.3 |
| hp | systems_insight_manager | * |
| hp | systems_insight_manager | 4.0 |
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 5.2 |
| hp | systems_insight_manager | 2.5 |
| hp | systems_insight_manager | 5.0 |
| hp | systems_insight_manager | 6.0 |
| hp | systems_insight_manager | 4.2 |
| hp | systems_insight_manager | 5.1 |
| hp | systems_insight_manager | 4.1 |
| hp | systems_insight_manager | 2.5.2.0 |
| hp | systems_insight_manager | 5.3 |
| hp | systems_insight_manager | * |
| hp | systems_insight_manager | 4.0 |
Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x through AC_5.03, and AssetManager 5.1x through AM_5.12 and 5.2x through AM_5.22, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | assetcenter | ac_5.03 |
| hp | assetmanager | am_5.22 |
| hp | assetmanager | 5.2 |
| hp | assetcenter | 5.0 |
| hp | assetmanager | am_5.12 |
| hp | assetmanager | 5.1 |
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_orchestration | * |
| hp | operations_orchestration | 7.2 |
| hp | operations_orchestration | 7.1 |
Unspecified vulnerability in HP Virtual Connect Enterprise Manager (VCEM) 6.0 and 6.1 allows remote attackers to read arbitrary files via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | virtual_connect_enterprise_manager | 6.0 |
| hp | virtual_connect_enterprise_manager | 6.1 |
Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_virtual_machine_management | 6.1 |
| hp | insight_control_virtual_machine_management | 6.0 |
| hp | insight_control_virtual_machine_management | 6.0.1 |
| hp | insight_control_virtual_machine_management | * |
| hp | insight_control_virtual_machine_management | 6.0.2 |
Unspecified vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to bypass intended access restrictions and cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_virtual_machine_management | 6.1 |
| hp | insight_control_virtual_machine_management | 6.0 |
| hp | insight_control_virtual_machine_management | 6.0.1 |
| hp | insight_control_virtual_machine_management | * |
| hp | insight_control_virtual_machine_management | 6.0.2 |
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_virtual_machine_management | 6.1 |
| hp | insight_control_virtual_machine_management | 6.0 |
| hp | insight_control_virtual_machine_management | 6.0.1 |
| hp | insight_control_virtual_machine_management | * |
| hp | insight_control_virtual_machine_management | 6.0.2 |
Unspecified vulnerability in HP Virtual Server Environment before 6.2 allows remote attackers to read arbitrary files via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | virtual_server_environment | 6.0.1 |
| hp | virtual_server_environment | 6.0.2 |
| hp | virtual_server_environment | * |
| hp | virtual_server_environment | 6.1 |
| hp | virtual_server_environment | 6.0 |
Cross-site scripting (XSS) vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_server_migration | 6.1 |
| hp | insight_control_server_migration | * |
| hp | insight_control_server_migration | 6.0 |
| hp | insight_control_server_migration | 6.0.2 |
| hp | insight_control_server_migration6.0.1 | * |
Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_server_migration | 6.1 |
| hp | insight_control_server_migration | * |
| hp | insight_control_server_migration | 6.0 |
| hp | insight_control_server_migration | 6.0.2 |
| hp | insight_control_server_migration6.0.1 | * |
Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to obtain sensitive information or modify data via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_server_migration | 6.1 |
| hp | insight_control_server_migration | * |
| hp | insight_control_server_migration | 6.0 |
| hp | insight_control_server_migration | 6.0.2 |
| hp | insight_control_server_migration6.0.1 | * |
Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | version_control_repository_manager | 1.0.2289.0 |
| hp | version_control_repository_manager | 1.0.3086.0 |
| hp | version_control_repository_manager | 1.0.1288.1 |
| hp | version_control_repository_manager | 6.1 |
| hp | version_control_repository_manager | 2.0.1.30 |
| hp | version_control_repository_manager | 6.0.2 |
| hp | version_control_repository_manager | 2.1.1.710 |
| hp | version_control_repository_manager | 2.1.1.720 |
| hp | version_control_repository_manager | 1.0.2241.0 |
| hp | hp | version_control_repository_manager |
| hp | version_control_repository_manager | * |
| hp | version_control_repository_manager | 1.0.3085.0 |
| hp | version_control_repository_manager | 6.0.1 |
| hp | version_control_repository_manager | 1.0.2345.0 |
| hp | version_control_repository_manager | 2.0.0.50 |
Cross-site scripting (XSS) vulnerability in HP Insight Control Power Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_power_management | * |
| hp | insight_control_power_management | 6.0.2 |
| hp | insight_control_power_management | 6.0 |
| hp | insight_control_power_management | 6.1 |
| hp | insight_control_power_management | 6.0.1 |
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Power Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_power_management | * |
| hp | insight_control_power_management | 6.0.2 |
| hp | insight_control_power_management | 6.0 |
| hp | insight_control_power_management | 6.1 |
| hp | insight_control_power_management | 6.0.1 |
Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted document, as demonstrated by a Word document.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | palm_webos | 1.4.1 |
Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 allows local users to gain privileges by leveraging the ability to perform certain service calls.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | palm_webos | 1.4.1 |
Unspecified vulnerability in the camera application in HP Palm webOS 1.4.1 allows local users to overwrite arbitrary files via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | palm_webos | 1.4.1 |
Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remote attackers to cause a denial of service, and possibly obtain sensitive information or modify data, via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 7.6 |
| hp | loadrunner | 9.0 |
| hp | loadrunner | 7.5 |
| hp | loadrunner | 7.51 |
| hp | loadrunner | 8.14 |
| hp | loadrunner | 7.0 |
| hp | loadrunner | 8.0 |
| hp | loadrunner | * |
| hp | loadrunner | 7.02 |
| hp | loadrunner | 8.13 |
| hp | loadrunner | 7.8 |
| hp | loadrunner_web_tours | 9.10 |
| hp | loadrunner | 8.12 |
Unspecified vulnerability in HP Storage Essentials before 6.3.0, when LDAP authentication is enabled, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_essentials | 6.0.2 |
| hp | storage_essentials | 5.1 |
| hp | storage_essentials | 6.1 |
| hp | storage_essentials | 6.0 |
| hp | storage_essentials | * |
| hp | storage_essentials | 6.0.3 |
| hp | storage_essentials | 6.0.4 |
Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_performance_management | 5.0 |
| hp | insight_control_performance_management | 5.2.2 |
| hp | insight_control_performance_management | 5.2 |
| hp | insight_control_performance_management | * |
| hp | insight_control_performance_management | 6.0 |
Unspecified vulnerability in HP Insight Control Performance Management before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_performance_management | 5.0 |
| hp | insight_control_performance_management | 5.2.2 |
| hp | insight_control_performance_management | 5.2 |
| hp | insight_control_performance_management | * |
| hp | insight_control_performance_management | 6.0 |
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_performance_management | 5.0 |
| hp | insight_control_performance_management | 5.2.2 |
| hp | insight_control_performance_management | 5.2 |
| hp | insight_control_performance_management | * |
| hp | insight_control_performance_management | 6.0 |
Unspecified vulnerability in HP Insight Control Performance Management before 6.1 update 2 allows remote attackers to read arbitrary files via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_performance_management | 5.0 |
| hp | insight_control_performance_management | 5.2.2 |
| hp | insight_control_performance_management | 5.2 |
| hp | insight_control_performance_management | * |
| hp | insight_control_performance_management | 6.0 |
Cross-site scripting (XSS) vulnerability in HP Insight Recovery before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_recovery | 6.0 |
| hp | insight_recovery | 1.0 |
| hp | insight_recovery | * |
Unspecified vulnerability in HP Insight Recovery before 6.2 allows remote attackers to read arbitrary files via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_recovery | 6.0 |
| hp | insight_recovery | 1.0 |
| hp | insight_recovery | * |
Unspecified vulnerability in HP Insight Managed System Setup Wizard before 6.2 allows remote attackers to read arbitrary files via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_managed_system_setup_wizard | * |
| hp | insight_managed_system_setup_wizard | 6.0 |
| hp | insight_managed_system_setup_wizard | 6.0.1 |
Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to read arbitrary files via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_orchestration | * |
| hp | insight_orchestration | 6.0 |
Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to bypass intended access restrictions, and obtain sensitive information or modify data, via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_orchestration | * |
| hp | insight_orchestration | 6.0 |
Cross-site request forgery (CSRF) vulnerability in HP Insight Control for Linux before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_for_linux | 2.11 |
| hp | insight_control_for_linux | 6.0 |
| hp | insight_control_for_linux | 2.10.01 |
| hp | insight_control_for_linux | * |
| hp | insight_control_for_linux | 2.10 |
| hp | insight_control_for_linux | 2.00.01 |
| hp | insight_control_for_linux | 2.00 |
The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_4200 | * |
| hp | laserjet_4300 | * |
| hp | laserjet_8150 | * |
| hp | laserjet_5100 | * |
| hp | laserjet_mfp | * |
| hp | laserjet_4100 | * |
| hp | 9000 | * |
| hp | color_laserjet_mfp | * |
HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | b.11.11 |
| hp | hp-ux | b.11.23 |
| hp | hp-ux | b.11.31 |
Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | palm_webos | * |
| hp | palm_webos | 1.4.1 |
Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform on Integrity servers allows local users to gain privileges or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openvms | 8.3 |
| hp | openvms | 8.3-1h1 |
| hp | openvms | 8.4 |
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_diagnostics | 8.3.0.3320 |
| hp | insight_diagnostics | 7.5.5-1 |
| hp | insight_diagnostics | 8.0.0.2587 |
| hp | insight_diagnostics | 7.6.0-23 |
| hp | insight_diagnostics | 7.9.0.2359 |
| hp | insight_diagnostics | 7.5.0-14 |
| hp | insight_diagnostics | 7.8.0-159 |
| hp | insight_diagnostics | 6.3.0-15 |
| hp | insight_diagnostics | 8.4.0.3521 |
| hp | insight_diagnostics | 8.2.0.3058 |
| hp | insight_diagnostics | 6.3.1-1 |
| hp | insight_diagnostics | 7.0.0-30 |
| hp | insight_diagnostics | 7.0.1.1219 |
| hp | insight_diagnostics | 7.8.0.2257 |
| hp | insight_diagnostics | 7.9.0-105 |
| hp | insight_diagnostics | 8.1.0-136 |
| hp | insight_diagnostics | 8.3.1-105 |
| hp | insight_diagnostics | 7.5.5.1681 |
| hp | insight_diagnostics | 7.7.0.2112 |
| hp | insight_diagnostics | 7.4.0.1570 |
| hp | insight_diagnostics | 7.6.0.1984 |
| hp | insight_diagnostics | 8.1.0.2718 |
| hp | insight_diagnostics | 8.3.0-14 |
| hp | insight_diagnostics | 7.5.0.1679 |
| hp | insight_diagnostics | 8.1.1.2784 |
| hp | insight_diagnostics | 7.4.0-11 |
| hp | insight_diagnostics | 8.4.0-18 |
| hp | insight_diagnostics | 7.7.0-142 |
| hp | insight_diagnostics | 6.3.0.878 |
| hp | insight_diagnostics | 8.1.5-311 |
| hp | insight_diagnostics | 7.9.1-15 |
| hp | insight_diagnostics | 7.0.0.1198 |
| hp | insight_diagnostics | 8.2.5.3157 |
| hp | insight_diagnostics | 8.1.1-206 |
| hp | insight_diagnostics | 8.1.5.2890 |
| hp | insight_diagnostics | 8.0.0-210 |
| hp | insight_diagnostics | 6.3.1.887 |
| hp | insight_diagnostics | 7.9.1.2401 |
| hp | insight_diagnostics | 7.0.1-8 |
| hp | insight_diagnostics | * |
HP Insight Management Agents before 8.6 allows remote attackers to obtain sensitive information via an unspecified request that triggers disclosure of the full path.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_management_agents | 7.0.0.0 |
| hp | insight_management_agents | 7.10.0.0 |
| hp | insight_management_agents | 8.0.0.0 |
| hp | insight_management_agents | 8.40.0.0 |
| hp | insight_management_agents | 8.10.0.0 |
| hp | insight_management_agents | 7.91.0.0 |
| hp | insight_management_agents | 8.30.0.0 |
| hp | insight_management_agents | 6.40.0.0 |
| hp | insight_management_agents | 7.41.0.0 |
| hp | insight_management_agents | 7.60.0.0 |
| hp | insight_management_agents | 8.11.0.0 |
| hp | insight_management_agents | 7.80.0.0 |
| hp | insight_management_agents | 7.50.0.0 |
| hp | insight_management_agents | 7.40.0.0 |
| hp | insight_management_agents | 6.30.0.0 |
| hp | insight_management_agents | 7.20.0.0 |
| hp | insight_management_agents | 7.70.0.0 |
| hp | insight_management_agents | 6.31.0.0 |
| hp | insight_management_agents | 7.51.0.0 |
| hp | insight_management_agents | 7.40.1.0 |
| hp | insight_management_agents | 7.95.0.0 |
| hp | insight_management_agents | 8.20.0.0 |
| hp | insight_management_agents | 8.50.0.0 |
| hp | insight_management_agents | * |
| hp | insight_management_agents | 7.30.0.0 |
| hp | insight_management_agents | 8.26.0.0 |
| hp | insight_management_agents | 8.1.0.0 |
| hp | insight_management_agents | 8.15.0.0 |
| hp | insight_management_agents | 7.90.0.0 |
| hp | insight_management_agents | 8.22.0.0 |
Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | power_manager | 4.2.5 |
| hp | power_manager | * |
| hp | power_manager | 4.2.6 |
| hp | power_manager | 4.2.7 |
| hp | power_manager | 4.2.8 |
Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | discovery&dependency_mapping_inventory | 7.50 |
| hp | discovery&dependency_mapping_inventory | 2.50 |
| hp | discovery&dependency_mapping_inventory | 2.51 |
| hp | discovery&dependency_mapping_inventory | 7.51 |
| hp | discovery&dependency_mapping_inventory | 7.60 |
| hp | discovery&dependency_mapping_inventory | 2.52 |
HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, TS100R025, TS100P002, TS200R005, TS201R014, and TS201R015 installs an undocumented admin account with a default "!admin" password, which allows remote attackers to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storageworks_modular_smart_array_p2000_g3_firmware | ts201r014 |
| hp | storageworks_modular_smart_array_p2000_g3_firmware | ts100p002 |
| hp | storageworks_modular_smart_array_p2000_g3_firmware | ts100r011 |
| hp | storageworks_modular_smart_array_p2000_g3_firmware | ts200r005 |
| hp | storageworks_modular_smart_array_p2000_g3_firmware | ts100r025 |
| hp | storageworks_modular_smart_array_p2000_g3_firmware | ts201r015 |
Unspecified vulnerability in HP StorageWorks Storage Mirroring 5.x before 5.2.2.1771.2 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storageworks_storage_mirroring | 5.1 |
| hp | storageworks_storage_mirroring | 5.2 |
| hp | storageworks_storage_mirroring | 5.2.1 |
| hp | storageworks_storage_mirroring | 5.0 |
Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linux_imaging_and_printing_project | 1.6.7 |
| hp | linux_imaging_and_printing_project | 3.9.8 |
| hp | linux_imaging_and_printing_project | 3.10.9 |
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-415,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_eus | 6.3 |
| opensuse | opensuse | 11.2 |
| apple | mac_os_x | * |
| suse | suse_linux_enterprise_server | 11 |
| xmlsoft | libxml2 | * |
| hp | rapid_deployment_pack | * |
| hp | insight_control_server_deployment | * |
| apple | safari | * |
| opensuse | opensuse | 11.3 |
| redhat | enterprise_linux_workstation | 6.0 |
| apple | itunes | * |
| debian | debian_linux | 5.0 |
| chrome | * | |
| redhat | enterprise_linux_server | 6.0 |
| apache | openoffice | * |
| fedoraproject | fedora | 14 |
| apple | iphone_os | * |
Unspecified vulnerability in jovgraph.exe in jovgraph in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a malformed displayWidth option in the arg parameter.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Buffer overflow in the stringToSeconds function in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via large values of variables to jovgraph.exe.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Multiple stack-based buffer overflows in ovas.exe in the OVAS service in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) Source Node or (2) Destination Node variable.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long COOKIE variable.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long data_select1 parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long nameParams parameter, a different vulnerability than CVE-2011-0267.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long text1 parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long schd_select1 parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-134,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, related to the HttpTunnel feature.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 9.52 |
Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute arbitrary code via unspecified message types.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector_cell_manager | 6.11 |
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 and 8.x through 8.05, and Business Service Management (BSM) through 9.01, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | business_availability_center | 8.0 |
| hp | business_availability_center | 7.0 |
| hp | business_availability_center | 7.55 |
| hp | business_service_management | 9.01 |
| hp | business_availability_center | 8.05 |
Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.0 |
| hp | openview_storage_data_protector | 6.11 |
HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_performance_insight | 5.4 |
| hp | openview_performance_insight | 5.41 |
| hp | openview_performance_insight | 5.2 |
| hp | openview_performance_insight | 5.31 |
| hp | openview_performance_insight | 5.3 |
Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | power_manager | 4.2.5 |
| hp | power_manager | 4.2.9 |
| hp | power_manager | * |
| hp | power_manager | 4.2.6 |
| hp | power_manager | 4.2.7 |
| hp | power_manager | 4.2.8 |
Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 and 4 allows local users to bypass intended access restrictions via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | web_jetadmin | 10.2 |
HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication.
CVSS 2.0
Severity: LOW
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | multifunction_peripheral_digital_sending_software | 4.91.00 |
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | power_manager | 4.2.5 |
| hp | power_manager | 4.2.9 |
| hp | power_manager | * |
| hp | power_manager | 4.2.6 |
| hp | power_manager | 4.2.7 |
| hp | power_manager | 4.2.8 |
The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denial of service (crash) via a packet with a large data size to TCP port 1530.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_manager | 6.11 |
Cross-site scripting (XSS) vulnerability in Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 allows remote attackers to inject arbitrary web script or HTML via the Windows XP variable in a file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_c3200_appliance | * |
| hp | windows_event_log_smartconnector | * |
| hp | arcsight_c1300_appliance | * |
| hp | arcsight_c5200_appliance | * |
| hp | arcsight_c3400_appliance | * |
| hp | arcsight_c1000_appliance | * |
| hp | arcsight_c5400_appliance | * |
Unspecified vulnerability in HP Client Automation Enterprise (aka HPCA or Radia Notify) 5.11, 7.2, 7.5, 7.8, and 7.9 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | client_automation_enterprise | 7.2 |
| hp | client_automation_enterprise | 5.11 |
| hp | client_automation_enterprise | 7.9 |
| hp | client_automation_enterprise | 7.5 |
| hp | client_automation_enterprise | 7.8 |
HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | discovery&dependency_mapping_inventory | 7.50 |
| hp | discovery&dependency_mapping_inventory | 7.51 |
| hp | discovery&dependency_mapping_inventory | 7.61 |
| hp | discovery&dependency_mapping_inventory | 7.60 |
| hp | discovery&dependency_mapping_inventory | 7.70 |
| hp | discovery&dependency_mapping_inventory | 9.30 |
Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | b.11.23 |
| hp | hp-ux | b.11.31 |
Cross-site scripting (XSS) vulnerability in HP Diagnostics 7.5x and 8.0x before 8.05.54.225 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | diagnostics | 7.5 |
| hp | diagnostics | 8.0 |
Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX platforms allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations | 9.10 |
Unspecified vulnerability in HP Operations 9.10 on UNIX platforms allows remote authenticated users to bypass intended access restrictions via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations | 9.10 |
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and 8.1x allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 8.13.006 |
| hp | network_node_manager_i | 8.10 |
| hp | network_node_manager_i | 8.11.002 |
| hp | network_node_manager_i | 8.12.004 |
| hp | network_node_manager_i | 9.03 |
| hp | network_node_manager_i | 9.01 |
| hp | network_node_manager_i | 8.13.005 |
| hp | network_node_manager_i | 9.0 |
| hp | network_node_manager_i | 9.02 |
Unspecified vulnerability in HP NFS/ONCplus B.11.31.10 and earlier on HP-UX B.11.31 allows remote authenticated users to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nfs/oncplus | b.11.31.09.02 |
| hp | nfs/oncplus | b.11.31.03 |
| hp | nfs/oncplus | b.11.31.01 |
| hp | nfs/oncplus | b.11.31.06 |
| hp | nfs/oncplus | b.11.31.05 |
| hp | hp-ux | b.11.31 |
| hp | nfs/oncplus | b.11.31.07 |
| hp | nfs/oncplus | b.11.31.02 |
| hp | nfs/oncplus | b.11.31.04 |
| hp | nfs/oncplus | b.11.31.08 |
| hp | nfs/oncplus | b.11.31.07.01 |
| hp | nfs/oncplus | * |
| hp | nfs/oncplus | b.11.31.09 |
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00 allows local users to read arbitrary files via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.00 |
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.00 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.00 |
crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omni_chk_ds.sh.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request containing crafted parameters.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.20 |
| hp | openview_storage_data_protector | 6.11 |
The inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to cause a denial of service (daemon exit) via a request containing crafted parameters.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.20 |
| hp | openview_storage_data_protector | 6.11 |
The webscan component in the Embedded Web Server (EWS) on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to read documents on the scan surface via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | photosmart_d110 | * |
| hp | photosmart_premium_fax_all-in-one | * |
| hp | photosmart_premium_c310 | * |
| hp | photosmart_premium_c510 | * |
| hp | envy_100_d410 | * |
| hp | photosmart_b110 | * |
| hp | photosmart_plus_b210 | * |
Unspecified vulnerability in the SNMP component on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to obtain sensitive information or modify data via vectors related to the Embedded Web Server (EWS).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | photosmart_d110 | * |
| hp | photosmart_premium_fax_all-in-one | * |
| hp | photosmart_premium_c310 | * |
| hp | photosmart_premium_c510 | * |
| hp | envy_100_d410 | * |
| hp | photosmart_b110 | * |
| hp | photosmart_plus_b210 | * |
Cross-site scripting (XSS) vulnerability on the HP Photosmart D110 and B110; Photosmart Plus B210; Photosmart Premium C310, Fax All-in-One, and C510; and ENVY 100 D410 printers allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | photosmart_d110 | * |
| hp | photosmart_premium_fax_all-in-one | * |
| hp | photosmart_premium_c310 | * |
| hp | photosmart_premium_c510 | * |
| hp | envy_100_d410 | * |
| hp | photosmart_b110 | * |
| hp | photosmart_plus_b210 | * |
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows remote authenticated users to obtain access to processes via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.00 |
| hp | network_node_manager_i | 9.0.0 |
| hp | network_node_manager_i | 9.03 |
| hp | network_node_manager_i | 9.01 |
| hp | network_node_manager_i | 9.0 |
| hp | network_node_manager_i | 9.10 |
| hp | network_node_manager_i | 9.02 |
Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_for_linux | 2.11 |
| hp | insight_control_for_linux | 6.0 |
| hp | insight_control_for_linux | 6.1 |
| hp | insight_control_for_linux | 2.10.01 |
| hp | insight_control_for_linux | * |
| hp | insight_control_for_linux | 2.10 |
| hp | insight_control_for_linux | 2.00.01 |
| hp | insight_control_for_linux | 2.00 |
Unspecified vulnerability in HP Performance Insight 5.0, 5.1x. 5.2x, 5.3x, 5.4, 5.41, and 5.41.002 allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | performance_insight | 5.2 |
| hp | performance_insight | 5.1.2 |
| hp | performance_insight | 5.41.002 |
| hp | performance_insight | 5.41 |
| hp | performance_insight | 5.0 |
| hp | performance_insight | 5.1 |
| hp | performance_insight | 5.1.1 |
| hp | performance_insight | 5.3 |
| hp | performance_insight | 5.4 |
Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | proliant_support_pack | * |
| hp | proliant_support_pack | 8.5 |
Open redirect vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote authenticated users to redirect other users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | proliant_support_pack | * |
| hp | proliant_support_pack | 8.5 |
Unspecified vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | proliant_support_pack | * |
| hp | proliant_support_pack | 8.5 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 2.1.14.204 |
| hp | system_management_homepage | 6.2.2.7 |
| hp | system_management_homepage | 6.2.0-12 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.2.0.13 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 6.2.1.14 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 6.2 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.2.1-14 |
| hp | system_management_homepage | 6.2.2-2 |
| hp | system_management_homepage | 6.0 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 2.1.14.204 |
| hp | system_management_homepage | 6.2.2.7 |
| hp | system_management_homepage | 6.2.0-12 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.2.0.13 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 6.2.1.14 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 6.2 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.2.1-14 |
| hp | system_management_homepage | 6.2.2-2 |
| hp | system_management_homepage | 6.0 |
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 2.5 |
| hp | systems_insight_manager | 5.0 |
| hp | systems_insight_manager | 6.0 |
| hp | systems_insight_manager | 5.1 |
| hp | systems_insight_manager | 5.3 |
| hp | systems_insight_manager | * |
| hp | systems_insight_manager | 4.0 |
| hp | systems_insight_manager | 5.2 |
| hp | systems_insight_manager | 4.2 |
| hp | systems_insight_manager | 4.1 |
| hp | systems_insight_manager | 6.1 |
| hp | systems_insight_manager | 2.5.2.0 |
Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 2.5 |
| hp | systems_insight_manager | 5.0 |
| hp | systems_insight_manager | 6.0 |
| hp | systems_insight_manager | 5.1 |
| hp | systems_insight_manager | 5.3 |
| hp | systems_insight_manager | * |
| hp | systems_insight_manager | 4.0 |
| hp | systems_insight_manager | 5.2 |
| hp | systems_insight_manager | 4.2 |
| hp | systems_insight_manager | 4.1 |
| hp | systems_insight_manager | 6.1 |
| hp | systems_insight_manager | 2.5.2.0 |
Unspecified vulnerability in HP Insight Control Performance Management before 6.3 allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_performance_management | 5.0 |
| hp | insight_control_performance_management | 5.2.2 |
| hp | insight_control_performance_management | 5.2 |
| hp | insight_control_performance_management | * |
| hp | insight_control_performance_management | 6.0 |
| hp | insight_control_performance_management | 6.1 |
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_performance_management | 5.0 |
| hp | insight_control_performance_management | 5.2.2 |
| hp | insight_control_performance_management | 5.2 |
| hp | insight_control_performance_management | * |
| hp | insight_control_performance_management | 6.0 |
| hp | insight_control_performance_management | 6.1 |
Unspecified vulnerability in HP Virtual Server Environment before 6.3 allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | virtual_server_environment | 6.0.1 |
| hp | virtual_server_environment | * |
| hp | virtual_server_environment | 6.0 |
Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 7.6 |
| hp | network_automation | 9.10 |
| hp | network_automation | 7.5 |
| hp | network_automation | 9.0 |
| hp | network_automation | 7.2 |
Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.01 |
| hp | sitescope | 10.13 |
| hp | sitescope | 11.1 |
| hp | sitescope | 9.54 |
Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.01 |
| hp | sitescope | 10.13 |
| hp | sitescope | 11.1 |
| hp | sitescope | 9.54 |
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.11 |
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.11 |
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.11 |
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.11 |
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.11 |
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.11 |
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.11 |
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.11 |
Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.11 |
Multiple cross-site scripting (XSS) vulnerabilities in the Email application in HP Palm webOS 1.4.5 and 1.4.5.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | palm_webos | 1.4.5.1 |
| hp | palm_webos | 1.4.5 |
HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | palm_webos | 1.4.5.1 |
| hp | palm_webos | 1.4.5 |
Stack-based buffer overflow in img.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a crafted length field in a packet.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 5.0 |
tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 5.0 |
Stack-based buffer overflow in the logging functionality in dbman.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via vectors related to a received action.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 5.0 |
Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 5.0 |
Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allow remote attackers to execute arbitrary code via crafted packet content accompanying a (1) DATA or (2) ERROR opcode.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 5.0 |
tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a (1) large or (2) invalid opcode field, related to a function pointer table.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 5.0 |
Use-after-free vulnerability in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long syslog packet, related to an exception handler.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 5.0 |
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows local users to read or modify (1) log files or (2) other data via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.00 |
| hp | network_node_manager_i | 9.0.0 |
| hp | network_node_manager_i | 9.03 |
| hp | network_node_manager_i | 9.01 |
| hp | network_node_manager_i | 9.0 |
| hp | network_node_manager_i | 9.10 |
| hp | network_node_manager_i | 9.02 |
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.06 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | business_availability_center | 8.0 |
| hp | business_availability_center | 7.0 |
| hp | business_availability_center | 7.55 |
| hp | business_availability_center | 8.03 |
| hp | business_availability_center | * |
| hp | business_availability_center | 8.04 |
| hp | business_availability_center | 8.01 |
| hp | business_availability_center | 8.05 |
| hp | business_availability_center | 8.02 |
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote authenticated users to bypass intended access restrictions via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 7.02 |
| hp | service_manager | 7.11 |
| hp | service_manager | 9.20 |
| hp | service_center | 6.2.8 |
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows local users to bypass intended access restrictions via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 7.02 |
| hp | service_manager | 7.11 |
| hp | service_manager | 9.20 |
| hp | service_center | 6.2.8 |
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 7.02 |
| hp | service_manager | 7.11 |
| hp | service_manager | 9.20 |
| hp | service_center | 6.2.8 |
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to capture HTTP session credentials via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 7.02 |
| hp | service_manager | 7.11 |
| hp | service_manager | 9.20 |
| hp | service_center | 6.2.8 |
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 7.02 |
| hp | service_manager | 7.11 |
| hp | service_manager | 9.20 |
| hp | service_center | 6.2.8 |
Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 7.02 |
| hp | service_manager | 7.11 |
| hp | service_manager | 9.20 |
| hp | service_center | 6.2.8 |
HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allow remote authenticated users to conduct unspecified script injection attacks via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 7.02 |
| hp | service_manager | 7.11 |
| hp | service_manager | 9.20 |
| hp | service_center | 6.2.8 |
Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.0 |
| hp | openview_storage_data_protector | 6.11 |
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.20 |
| hp | openview_storage_data_protector | 6.11 |
Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXEC_CMD functionality.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_storage_data_protector | 6.10 |
| hp | openview_storage_data_protector | 6.00 |
| hp | openview_storage_data_protector | 6.20 |
| hp | openview_storage_data_protector | 6.11 |
Stack-based buffer overflow in iNodeMngChecker.exe in the User Access Manager (UAM) 5.0 before SP1 E0101P03 and Endpoint Admission Defense (EAD) 5.0 before SP1 E0101P03 components in HP Intelligent Management Center (aka iNode Management Center) allows remote attackers to execute arbitrary code via a 0x0A0BF007 packet.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | * |
| hp | endpoint_admission_defense | 5.0 |
| hp | user_access_manager | 5.0 |
Buffer overflow in HP LoadRunner allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a .usr (aka Virtual User script) file with long directives.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | * |
Integer overflow in img.exe in HP Intelligent Management Center (IMC) allows remote attackers to execute arbitrary code via a crafted length value in an a packet that triggers a heap-based buffer overflow, possibly related to an "recv" field.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | * |
Unspecified vulnerability in the dynamic loader in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | b.11.11 |
| hp | hp-ux | b.11.23 |
| hp | hp-ux | b.11.31 |
Unspecified vulnerability in the Media Management Daemon (mmd) in HP Data Protector 6.11 and earlier allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | 6.10 |
| hp | data_protector | * |
Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.01 |
| hp | sitescope | 10.00 |
| hp | sitescope | 10.13 |
| hp | sitescope | 11.1 |
| hp | sitescope | 9.54 |
| hp | sitescope | 9.0 |
Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack web sessions via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.01 |
| hp | sitescope | 10.00 |
| hp | sitescope | 10.13 |
| hp | sitescope | 11.1 |
| hp | sitescope | 9.54 |
| hp | sitescope | 9.0 |
Cross-site scripting (XSS) vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 7.6 |
| hp | network_automation | 9.10 |
| hp | network_automation | 7.5 |
| hp | network_automation | 9.0 |
| hp | network_automation | 7.2 |
SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 7.6 |
| hp | network_automation | 9.10 |
| hp | network_automation | 7.5 |
| hp | network_automation | 9.0 |
| hp | network_automation | 7.2 |
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-4786 and CVE-2011-4787.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | easy_printer_care_software | * |
The HP ProLiant SL Advanced Power Manager (SL-APM) with firmware before 1.20 does not properly validate users, which allows remote attackers to cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | proliant_sl_advanced_power_manager | * |
| hp | proliant_sl_advanced_power_manager_firmware | 1.10 |
| hp | proliant_sl_advanced_power_manager_firmware | * |
Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_performance_insight | 5.4 |
| hp | openview_performance_insight | 5.41.002 |
| hp | openview_performance_insight | 5.41 |
| hp | openview_performance_insight | 5.31 |
| hp | openview_performance_insight | 5.41.001 |
| hp | openview_performance_insight | 5.3 |
Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_performance_insight | 5.4 |
| hp | openview_performance_insight | 5.41.002 |
| hp | openview_performance_insight | 5.41 |
| hp | openview_performance_insight | 5.31 |
| hp | openview_performance_insight | 5.41.001 |
| hp | openview_performance_insight | 5.3 |
Cross-site scripting (XSS) vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | palm_webos | 3.0.0 |
Cross-site scripting (XSS) vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | palm_webos | 3.0.0 |
Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_performance_insight | 5.4 |
| hp | openview_performance_insight | 5.41.002 |
| hp | openview_performance_insight | 5.41 |
| hp | openview_performance_insight | 5.31 |
| hp | openview_performance_insight | 5.41.001 |
| hp | openview_performance_insight | 5.3 |
Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_server_software | h06.19.03 |
| hp | nonstop_server_software | j06.09.01 |
| hp | nonstop_server_software | j06.10.02 |
| hp | nonstop_server_software | h06.21.00 |
| hp | nonstop_server_software | j06.12.00 |
| hp | nonstop_server_software | j06.08.00 |
| hp | nonstop_server_software | j06.08.01 |
| hp | nonstop_server_software | h06.20.00 |
| hp | nonstop_server_software | h06.15.00 |
| hp | nonstop_server_software | h06.18.01 |
| hp | nonstop_server_software | j06.05.01 |
| hp | nonstop_server_software | j06.09.00 |
| hp | nonstop_server_software | j06.10.01 |
| hp | nonstop_server_software | h06.17.03 |
| hp | nonstop_server_software | h06.20.03 |
| hp | nonstop_server_software | j06.09.02 |
| hp | nonstop_server_software | h06.23.00 |
| hp | nonstop_server_software | j06.08.02 |
| hp | nonstop_server_software | j06.04.00 |
| hp | nonstop_server | * |
| hp | nonstop_server_software | h06.17.02 |
| hp | nonstop_server_software | h06.16.01 |
| hp | nonstop_server_software | h06.16.02 |
| hp | nonstop_server_software | h06.21.01 |
| hp | nonstop_server_software | j06.10.00 |
| hp | nonstop_server_software | h06.22.01 |
| hp | nonstop_server_software | h06.19.01 |
| hp | nonstop_server_software | h06.15.02 |
| hp | nonstop_server_software | j06.09.03 |
| hp | nonstop_server_software | h06.18.02 |
| hp | nonstop_server_software | j06.11.00 |
| samba | samba | * |
| hp | nonstop_server_software | j06.06.03 |
| hp | nonstop_server_software | h06.16.00 |
| hp | nonstop_server_software | j06.05.00 |
| hp | nonstop_server_software | j06.06.02 |
| hp | nonstop_server_software | h06.19.00 |
| hp | nonstop_server_software | h06.17.01 |
| hp | nonstop_server_software | j06.07.01 |
| hp | nonstop_server_software | h06.17.00 |
| hp | nonstop_server_software | j06.07.00 |
| hp | nonstop_server_software | j06.04.01 |
| hp | nonstop_server_software | j06.04.02 |
| hp | nonstop_server_software | h06.15.01 |
| hp | nonstop_server_software | h06.20.02 |
| hp | nonstop_server_software | j06.08.03 |
| hp | nonstop_server_software | h06.18.00 |
| hp | nonstop_server_software | j06.06.01 |
| hp | nonstop_server_software | j06.05.02 |
| hp | nonstop_server_software | j06.07.02 |
| hp | nonstop_server_software | h06.19.02 |
| hp | nonstop_server_software | h06.20.01 |
| hp | nonstop_server_software | j06.06.00 |
| hp | nonstop_server_software | j06.11.01 |
| hp | nonstop_server_software | h06.22.00 |
| hp | nonstop_server_software | h06.21.02 |
Unspecified vulnerability in HP Business Service Automation (BSA) Essentials 2.01 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | business_service_automation_essentials | 2.01 |
ovbbccb.exe 6.20.50.0 and other versions in HP OpenView Performance Agent 4.70 and 5.0; and Operations Agent 11.0, 8.60.005, 8.60.006, 8.60.007, 8.60.008, 8.60.501, and 8.53; allows remote attackers to delete arbitrary files via a full pathname in the File field in a Register command.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_performance_agent | 5.0 |
| hp | operations_agent | 8.60.007 |
| hp | operations_agent | 8.60.008 |
| hp | operations_agent | 8.53 |
| hp | operations_agent | 11.0 |
| hp | operations_agent | 8.60.006 |
| hp | operations_agent | 8.60.501 |
| hp | operations_agent | 8.60.005 |
| hp | openview_performance_agent | 4.70 |
foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linux_imaging_and_printing_project | 3.11.5 |
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linux_imaging_and_printing_project | 3.11.3 |
| hp | linux_imaging_and_printing_project | 3.9.10 |
| hp | linux_imaging_and_printing_project | * |
| hp | linux_imaging_and_printing_project | 3.10.2 |
| hp | linux_imaging_and_printing_project | 3.10.5 |
| hp | linux_imaging_and_printing_project | 3.10.6 |
| hp | linux_imaging_and_printing_project | 3.11.7 |
| hp | linux_imaging_and_printing_project | 3.9.2 |
| hp | linux_imaging_and_printing_project | 3.9.12 |
| hp | linux_imaging_and_printing_project | 3.9.6 |
| hp | linux_imaging_and_printing_project | 3.11.1 |
| hp | linux_imaging_and_printing_project | 3.9.8 |
| hp | linux_imaging_and_printing_project | 3.9.4b |
| hp | linux_imaging_and_printing_project | 3.10.9 |
| hp | linux_imaging_and_printing_project | 3.9.4 |
| hp | linux_imaging_and_printing_project | 3.11.3a |
Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 uses world-writable permissions for exported report files, which allows local users to change or delete log data by modifying a file, a different vulnerability than CVE-2011-0770.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_c3200_appliance | * |
| hp | windows_event_log_smartconnector | * |
| hp | arcsight_c1300_appliance | * |
| hp | arcsight_c5200_appliance | * |
| hp | arcsight_c3400_appliance | * |
| hp | arcsight_c1000_appliance | * |
| hp | arcsight_c5400_appliance | * |
Unspecified vulnerability in HP Onboard Administrator (OA) 3.21 through 3.31 allows remote attackers to bypass intended access restrictions via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | onboard_administrator | 3.21 |
| hp | onboard_administrator | 3.31 |
| hp | onboard_administrator | 3.30 |
Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1222.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_for_personal_computers | 7.0 |
| hp | data_protector_notebook_extension | 6.20 |
Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1225.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_for_personal_computers | 7.0 |
| hp | data_protector_notebook_extension | 6.20 |
Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1226.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_for_personal_computers | 7.0 |
| hp | data_protector_notebook_extension | 6.20 |
Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1227.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_for_personal_computers | 7.0 |
| hp | data_protector_notebook_extension | 6.20 |
Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1228.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_for_personal_computers | 7.0 |
| hp | data_protector_notebook_extension | 6.20 |
Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1229.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_for_personal_computers | 7.0 |
| hp | data_protector_notebook_extension | 6.20 |
Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1296.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_for_personal_computers | 7.0 |
| hp | data_protector_notebook_extension | 6.20 |
HP MFP Digital Sending Software 4.9x through 4.91.21 allows local users to obtain sensitive workflow-metadata information via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | multifunction_peripheral_digital_sending_software | 4.91.20 |
| hp | multifunction_peripheral_digital_sending_software | 4.91.21 |
Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure Resource Partitions (SRP)) A.03.00, A.03.00.002, and A.03.01, when running with patch PHKL_42310, allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux_containers | a.03.01 |
| hp | hp-ux_containers | a.03.00 |
| hp | hp-ux_containers | a.03.00.002 |
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1208.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1209.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openview_network_node_manager | 7.53 |
| hp | openview_network_node_manager | 7.51 |
Unspecified vulnerability in the POP and IMAP service implementations in HP TCP/IP Services 5.6 and 5.7 for OpenVMS allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tcp_ip_services_openvms | 5.6 |
| hp | tcp_ip_services_openvms | 5.7 |
Unspecified vulnerability in the SMTP service implementation in HP TCP/IP Services 5.6 and 5.7 for OpenVMS allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tcp_ip_services_openvms | 5.6 |
| hp | tcp_ip_services_openvms | 5.7 |
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 6.2.2.7 |
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4156.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.03 |
| hp | network_node_manager_i | 9.01 |
| hp | network_node_manager_i | 9.10 |
| hp | network_node_manager_i | 9.02 |
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4155.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.03 |
| hp | network_node_manager_i | 9.01 |
| hp | network_node_manager_i | 9.10 |
| hp | network_node_manager_i | 9.02 |
Stack-based buffer overflow in hydra.exe in HP SAN/iQ before 9.5 on the HP StorageWorks P4000 Virtual SAN Appliance allows remote attackers to execute arbitrary code via a crafted login request.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | san/iq | * |
| hp | centralized_management_console_software | 7.0.01 |
| hp | san/iq | 8.5 |
| hp | centralized_management_console_software | 8.0 |
| hp | san/iq | 8.0 |
| hp | san/iq | 8.1 |
| hp | centralized_management_console_software | 8.1 |
| hp | centralized_management_console_software | 8.5 |
| hp | storageworks_p4000_virtual_san_appliance | * |
| hp | centralized_management_console_software | * |
Unspecified vulnerability in HP Directories Support for ProLiant Management Processors 3.10 and 3.20 for Integrated Lights-Out iLO2 and iLO3 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | directories_support_for_proliant_management_processors | 3.20 |
| hp | directories_support_for_proliant_management_processors | 3.10 |
Unspecified vulnerability in System Administration Manager (SAM) in EMS before A.04.20.11.04_01 on HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | event_monitoring_service | * |
Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | performance_agent | 4.73 |
| hp | operations_agent | 11.0 |
| hp | performance_agent | 5.0 |
The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | color_laserjet_enterprise_cp4525 | * |
| hp | laserjet_4240 | * |
| hp | laserjet_enterprise_600 | m601 |
| hp | color_laserjet_4730_mfp | * |
| hp | laserjet_4350 | * |
| hp | color_laserjet_cm6040 | * |
| hp | laserjet_m9040 | * |
| hp | color_laserjet_3800 | * |
| hp | color_laserjet_cp3505 | * |
| hp | color_laserjet_cp3525 | * |
| hp | color_laserjet_cm6030 | * |
| hp | color_laserjet_4730 | mfp |
| hp | laserjet_p4515 | * |
| hp | color_laserjet_cm4730 | mfp |
| hp | laserjet_9040 | * |
| hp | laserjet_enterprise_600 | m603 |
| hp | laserjet_p4014 | * |
| hp | laserjet_enterprise_500_color | m551 |
| hp | laserjet_m5035 | * |
| hp | color_laserjet_4700 | * |
| hp | color_laserjet_cp6015 | * |
| hp | laserjet_4345_mfp | * |
| hp | laserjet_5200 | * |
| hp | color_laserjet_cp4005 | * |
| hp | laserjet_4250 | * |
| hp | laserjet_m3035 | * |
| hp | color_laserjet_cp5525 | * |
| hp | laserjet_p4015 | * |
| hp | laserjet_m9050 | * |
| hp | laserjet_p3005 | * |
| hp | color_laserjet_enterprise_cp4520 | * |
| hp | color_laserjet_cm4540 | mfp |
| hp | digital_sender_9200c | * |
| hp | color_mfp_cm8060 | - |
| hp | digital_sender_9250c | * |
| hp | laserjet_enterprise_m4555 | mfp |
| hp | color_laserjet_9500 | * |
| hp | laserjet_9050 | * |
| hp | color_laserjet_5550 | * |
| hp | color_laserjet_cm3530 | * |
| hp | laserjet_enterprise_600 | m602 |
| hp | color_laserjet_3000 | * |
| hp | laserjet_enterprise_p3015 | * |
The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless methods in HP Protect Tools Device Access Manager (PTDAM) before 6.1.0.1 allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a long SidString argument.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | protecttools_device_access_manager | 6.0.0.9 |
| hp | protecttools_device_access_manager | 6.0.0.10 |
| hp | protecttools_device_access_manager | * |
Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1213.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | database_archiving_software | 6.31 |
Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1214.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | database_archiving_software | 6.31 |
Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1263.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | database_archiving_software | 6.31 |
Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | managed_printing_administration | * |
Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing Administration before 2.6.4 allows remote attackers to execute arbitrary code via a long filename parameter in an uploadfile action to Default.asp.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | managed_printing_administration | * |
Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | managed_printing_administration | * |
Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | managed_printing_administration | * |
Directory traversal vulnerability in the HP-ChaiSOE/1.0 web server on the HP LaserJet P3015 printer with firmware before 07.080.3, LaserJet 4650 printer with firmware 07.006.0, and LaserJet 2430 printer with firmware 08.113.0_I35128 allows remote attackers to read arbitrary files via unspecified vectors, a different vulnerability than CVE-2008-4419.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-chaisoe | 1.0 |
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and CVE-2011-4787.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | easy_printer_care_software | * |
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and CVE-2011-4786.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | easy_printer_care_software | * |
Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storageworks_p2000_g3_msa_fibre_channel_dual_controller_lff_array_system | ap845a |
| hp | storageworks_p2000_g3_msa_fc/iscsi_dual_combo_controller_lff_array_system | aw567a |
| hp | storageworks_p2000_g3_msa_fibre_channel_dual_controller_sff_array_system | ap846a |
Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it was originally reported that the affected product is HP Diagnostics Server, but HP states that "the vulnerable product is actually HP LoadRunner."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | diagnostics | * |
Unspecified vulnerability in HP Network Automation 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 7.6 |
| hp | network_automation | 9.10 |
| hp | network_automation | 7.5 |
| hp | network_automation | 9.0 |
DBServer.exe in HP Data Protector Media Operations 6.11 and earlier allows remote attackers to execute arbitrary code via a crafted request containing a large value in a length field.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_media_operations | 5.5 |
| hp | data_protector_media_operations | 6.10 |
| hp | data_protector_media_operations | * |
| hp | data_protector_media_operations | 5.1 |
| hp | data_protector_media_operations | 5.0 |
The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | application_lifestyle_management | 11 |
Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1392.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_express | 6.0 |
| hp | data_protector_express | 5.0 |
Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1393.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_express | 6.0 |
| hp | data_protector_express | 5.0 |
Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1498.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_express | 6.0 |
| hp | data_protector_express | 5.0 |
Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector_express | 6.0 |
| hp | data_protector_express | 5.0 |
Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.31 allows local users to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0126.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.31 |
Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attackers to obtain access to diagnostic information via unknown vectors, a related issue to CVE-2012-0125.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11 |
| hp | hp-ux | 11.23 |
Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | performance_manager | 9.00 |
HP Onboard Administrator (OA) before 3.50 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | onboard_administrator | 3.21 |
| hp | onboard_administrator | * |
| hp | onboard_administrator | 1.11 |
| hp | onboard_administrator | 3.11 |
| hp | onboard_administrator | 1.01 |
| hp | onboard_administrator | 2.13 |
| hp | onboard_administrator | 2.52 |
| hp | onboard_administrator | 2.02 |
| hp | onboard_administrator | 1.12 |
| hp | onboard_administrator | 2.10 |
| hp | onboard_administrator | 2.50 |
| hp | onboard_administrator | 1.10 |
| hp | onboard_administrator | 3.20 |
| hp | onboard_administrator | 2.01 |
| hp | onboard_administrator | 2.20 |
| hp | onboard_administrator | 3.00 |
| hp | onboard_administrator | 3.10 |
| hp | onboard_administrator | 2.21 |
| hp | onboard_administrator | 1.30 |
| hp | onboard_administrator | 2.60 |
| hp | onboard_administrator | 2.31 |
| hp | onboard_administrator | 2.41 |
| hp | onboard_administrator | 2.04 |
| hp | onboard_administrator | 2.12 |
| hp | onboard_administrator | 2.25 |
| hp | onboard_administrator | 2.51 |
| hp | onboard_administrator | 1.20 |
| hp | onboard_administrator | 2.11 |
| hp | onboard_administrator | 3.31 |
| hp | onboard_administrator | 1.00 |
| hp | onboard_administrator | 3.30 |
| hp | onboard_administrator | 2.32 |
HP Onboard Administrator (OA) before 3.50 allows remote attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | onboard_administrator | 3.21 |
| hp | onboard_administrator | * |
| hp | onboard_administrator | 1.11 |
| hp | onboard_administrator | 3.11 |
| hp | onboard_administrator | 1.01 |
| hp | onboard_administrator | 2.13 |
| hp | onboard_administrator | 2.52 |
| hp | onboard_administrator | 2.02 |
| hp | onboard_administrator | 1.12 |
| hp | onboard_administrator | 2.10 |
| hp | onboard_administrator | 2.50 |
| hp | onboard_administrator | 1.10 |
| hp | onboard_administrator | 3.20 |
| hp | onboard_administrator | 2.01 |
| hp | onboard_administrator | 2.20 |
| hp | onboard_administrator | 3.00 |
| hp | onboard_administrator | 3.10 |
| hp | onboard_administrator | 2.21 |
| hp | onboard_administrator | 1.30 |
| hp | onboard_administrator | 2.60 |
| hp | onboard_administrator | 2.31 |
| hp | onboard_administrator | 2.41 |
| hp | onboard_administrator | 2.04 |
| hp | onboard_administrator | 2.12 |
| hp | onboard_administrator | 2.25 |
| hp | onboard_administrator | 2.51 |
| hp | onboard_administrator | 1.20 |
| hp | onboard_administrator | 2.11 |
| hp | onboard_administrator | 3.31 |
| hp | onboard_administrator | 1.00 |
| hp | onboard_administrator | 3.30 |
| hp | onboard_administrator | 2.32 |
HP Onboard Administrator (OA) before 3.50 allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | onboard_administrator | 3.21 |
| hp | onboard_administrator | * |
| hp | onboard_administrator | 1.11 |
| hp | onboard_administrator | 3.11 |
| hp | onboard_administrator | 1.01 |
| hp | onboard_administrator | 2.13 |
| hp | onboard_administrator | 2.52 |
| hp | onboard_administrator | 2.02 |
| hp | onboard_administrator | 1.12 |
| hp | onboard_administrator | 2.10 |
| hp | onboard_administrator | 2.50 |
| hp | onboard_administrator | 1.10 |
| hp | onboard_administrator | 3.20 |
| hp | onboard_administrator | 2.01 |
| hp | onboard_administrator | 2.20 |
| hp | onboard_administrator | 3.00 |
| hp | onboard_administrator | 3.10 |
| hp | onboard_administrator | 2.21 |
| hp | onboard_administrator | 1.30 |
| hp | onboard_administrator | 2.60 |
| hp | onboard_administrator | 2.31 |
| hp | onboard_administrator | 2.41 |
| hp | onboard_administrator | 2.04 |
| hp | onboard_administrator | 2.12 |
| hp | onboard_administrator | 2.25 |
| hp | onboard_administrator | 2.51 |
| hp | onboard_administrator | 1.20 |
| hp | onboard_administrator | 2.11 |
| hp | onboard_administrator | 3.31 |
| hp | onboard_administrator | 1.00 |
| hp | onboard_administrator | 3.30 |
| hp | onboard_administrator | 2.32 |
Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | distributed_computing_environment | 1.9 |
| hp | distributed_computing_environment | 1.8 |
| hp | hp-ux | b.11.11 |
| hp | hp-ux | b.11.23 |
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 9.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | business_availability_center | 9.01 |
HP ProCurve 5400 zl switches with certain serial numbers include a compact flash card that contains an unspecified virus, which might allow user-assisted remote attackers to execute arbitrary code on a PC by leveraging manual transfer of this card.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_switch_5400zl_management_module | id116as04p |
| hp | procurve_switch_5400zl_management_module | id117as00h |
| hp | procurve_switch_5406-48gzl | - |
| hp | procurve_switch_5406zl-44g-poe+/2xg_sfp+_v2 | - |
| hp | procurve_switch_5400zl_management_module | id126as0fb |
| hp | procurve_switch_chassis_e5412zl | - |
| hp | procurve_switch_5406zl-44g-poe+/4g_sfp+_v2 | - |
| hp | procurve_switch_chassis_e5406zl | - |
| hp | procurve_switch_5406-44g-poe+-4sfpzl | - |
| hp | procurve_switch_5412-92g-poe+-4sfpzl | - |
| hp | procurve_switch_5400zl_management_module | id116as0hr |
| hp | procurve_switch_e5412zl | - |
| hp | procurve_switch_5412zl-92gg-poe+/2xg_sfp+_v2 | - |
| hp | procurve_switch_e5406zl | - |
| hp | procurve_switch_5400zl | * |
| hp | procurve_switch_5412-96gzl | - |
| hp | procurve_switch_5412zl-92g-poe+/4g_sfp+_v2 | - |
Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64 platform allows local users to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openvms | 7.3-2 |
| hp | openvms | 8.3 |
| hp | openvms | 8.3-1h1 |
| hp | openvms | 8.4 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
HP StorageWorks P2000 G3 MSA array systems have a default account, which makes it easier for remote attackers to perform administrative tasks via unspecified vectors, a different vulnerability than CVE-2011-4788.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storageworks_p2000_g3_msa | * |
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 11.4 |
| suse | linux_enterprise_server | 11 |
| fedoraproject | fedora | 40 |
| suse | linux_enterprise_software_development_kit | 11 |
| php | php | 5.1.0 |
| redhat | enterprise_linux_server_aus | 5.3 |
| php | php | 5.3.0 |
| php | php | 5.2.16 |
| php | php | 5.4.0 |
| php | php | 5.0.1 |
| php | php | 5.0.2 |
| php | php | 5.1.2 |
| php | php | 5.3.8 |
| redhat | enterprise_linux_eus | 6.2 |
| php | php | 5.1.5 |
| php | php | * |
| hp | hp-ux | b.11.23 |
| redhat | enterprise_linux_server | 5.0 |
| php | php | 5.0.4 |
| opensuse | opensuse | 12.1 |
| php | php | 5.3.5 |
| php | php | 5.3.3 |
| apple | mac_os_x | * |
| php | php | 5.0.5 |
| php | php | 5.2.12 |
| php | php | 5.3.9 |
| php | php | 5.2.10 |
| php | php | 5.2.14 |
| php | php | 5.2.2 |
| php | php | 5.3.7 |
| php | php | 5.3.2 |
| php | php | 5.1.3 |
| php | php | 5.0.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | application_stack | 2.0 |
| php | php | 5.2.17 |
| php | php | 5.3.10 |
| redhat | enterprise_linux_eus | 5.6 |
| redhat | storage_for_public_cloud | 2.0 |
| php | php | 5.1.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_software_development_kit | 10 |
| redhat | enterprise_linux_eus | 6.1 |
| redhat | enterprise_linux_server | 6.0 |
| suse | linux_enterprise_server | 10 |
| php | php | 5.2.1 |
| php | php | 5.2.4 |
| php | php | 5.3.1 |
| php | php | 5.0.3 |
| php | php | 5.2.7 |
| php | php | 5.2.13 |
| debian | debian_linux | 6.0 |
| php | php | 5.4.1 |
| php | php | 5.2.6 |
| redhat | storage | 2.0 |
| hp | hp-ux | b.11.31 |
| php | php | 5.1.4 |
| php | php | 5.1.6 |
| php | php | 5.2.3 |
| php | php | 5.2.8 |
| php | php | 5.3.4 |
| php | php | 5.2.11 |
| redhat | enterprise_linux_server_aus | 5.6 |
| fedoraproject | fedora | 39 |
| php | php | 5.2.0 |
| php | php | 5.2.9 |
| php | php | 5.3.6 |
| redhat | gluster_storage_server_for_on-premise | 2.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| php | php | 5.2.5 |
| php | php | 5.2.15 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
Multiple unspecified vulnerabilities in HP System Health Application and Command Line Utilities before 9.0.0 allow remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_health_application_and_command_line_utilities | 8.3.0 |
| hp | system_health_application_and_command_line_utilities | 8.6.0 |
| hp | system_health_application_and_command_line_utilities | 8.4.0 |
| hp | system_health_application_and_command_line_utilities | 8.6.3 |
| hp | system_health_application_and_command_line_utilities | 8.2.6-5.rhel5 |
| hp | system_health_application_and_command_line_utilities | 8.1.1-14.rhel5 |
| hp | system_health_application_and_command_line_utilities | * |
| hp | system_health_application_and_command_line_utilities | 8.1.0-104.rhel5 |
| hp | system_health_application_and_command_line_utilities | 8.3.2 |
| hp | system_health_application_and_command_line_utilities | 8.2.2-19.rhel5 |
| hp | system_health_application_and_command_line_utilities | 8.3.1 |
| hp | system_health_application_and_command_line_utilities | 8.2.0-283.rhel5 |
| hp | system_health_application_and_command_line_utilities | 8.5.0 |
| hp | system_health_application_and_command_line_utilities | 8.2.5-50.rhel5 |
Cross-site scripting (XSS) vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | snmp_agents_for_linux | 8.2.6-5.sles10 |
| hp | snmp_agents_for_linux | 8.2.5-50.sles10 |
| hp | snmp_agents_for_linux | 8.4.0 |
| hp | snmp_agents_for_linux | 8.6.0 |
| hp | snmp_agents_for_linux | 8.2.0-284.sles10 |
| hp | snmp_agents_for_linux | 8.1.0-110.sles10 |
| hp | snmp_agents_for_linux | 8.1.1-22.sles10 |
| hp | snmp_agents_for_linux | * |
| hp | snmp_agents_for_linux | 8.5.0 |
| hp | snmp_agents_for_linux | 8.3.0 |
| hp | snmp_agents_for_linux | 8.2.2-20.sles10 |
Open redirect vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | snmp_agents_for_linux | 8.2.6-5.sles10 |
| hp | snmp_agents_for_linux | 8.2.5-50.sles10 |
| hp | snmp_agents_for_linux | 8.4.0 |
| hp | snmp_agents_for_linux | 8.6.0 |
| hp | snmp_agents_for_linux | 8.2.0-284.sles10 |
| hp | snmp_agents_for_linux | 8.1.0-110.sles10 |
| hp | snmp_agents_for_linux | 8.1.1-22.sles10 |
| hp | snmp_agents_for_linux | * |
| hp | snmp_agents_for_linux | 8.5.0 |
| hp | snmp_agents_for_linux | 8.3.0 |
| hp | snmp_agents_for_linux | 8.2.2-20.sles10 |
Cross-site request forgery (CSRF) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_management_agents | 7.0.0.0 |
| hp | insight_management_agents | 7.10.0.0 |
| hp | insight_management_agents | 8.0.0.0 |
| hp | insight_management_agents | 8.40.0.0 |
| hp | insight_management_agents | 8.10.0.0 |
| hp | insight_management_agents | 7.91.0.0 |
| hp | insight_management_agents | 8.30.0.0 |
| hp | insight_management_agents | 6.40.0.0 |
| hp | insight_management_agents | 7.41.0.0 |
| hp | insight_management_agents | 7.60.0.0 |
| hp | insight_management_agents | 8.11.0.0 |
| hp | insight_management_agents | 7.80.0.0 |
| hp | insight_management_agents | 7.50.0.0 |
| hp | insight_management_agents | 7.40.0.0 |
| hp | insight_management_agents | 8.60.0.0 |
| hp | insight_management_agents | 6.30.0.0 |
| hp | insight_management_agents | 7.20.0.0 |
| hp | insight_management_agents | 7.70.0.0 |
| hp | insight_management_agents | 8.70.0.0 |
| hp | insight_management_agents | 6.31.0.0 |
| hp | insight_management_agents | 7.51.0.0 |
| hp | insight_management_agents | 7.40.1.0 |
| hp | insight_management_agents | 7.95.0.0 |
| hp | insight_management_agents | 8.20.0.0 |
| hp | insight_management_agents | 8.50.0.0 |
| hp | insight_management_agents | * |
| hp | insight_management_agents | 7.30.0.0 |
| hp | insight_management_agents | 8.26.0.0 |
| hp | insight_management_agents | 8.1.0.0 |
| hp | insight_management_agents | 8.5 |
| hp | insight_management_agents | 8.15.0.0 |
| hp | insight_management_agents | 7.90.0.0 |
| hp | insight_management_agents | 8.22.0.0 |
Open redirect vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_management_agents | 7.0.0.0 |
| hp | insight_management_agents | 7.10.0.0 |
| hp | insight_management_agents | 8.0.0.0 |
| hp | insight_management_agents | 8.40.0.0 |
| hp | insight_management_agents | 8.10.0.0 |
| hp | insight_management_agents | 7.91.0.0 |
| hp | insight_management_agents | 8.30.0.0 |
| hp | insight_management_agents | 6.40.0.0 |
| hp | insight_management_agents | 7.41.0.0 |
| hp | insight_management_agents | 7.60.0.0 |
| hp | insight_management_agents | 8.11.0.0 |
| hp | insight_management_agents | 7.80.0.0 |
| hp | insight_management_agents | 7.50.0.0 |
| hp | insight_management_agents | 7.40.0.0 |
| hp | insight_management_agents | 8.60.0.0 |
| hp | insight_management_agents | 6.30.0.0 |
| hp | insight_management_agents | 7.20.0.0 |
| hp | insight_management_agents | 7.70.0.0 |
| hp | insight_management_agents | 8.70.0.0 |
| hp | insight_management_agents | 6.31.0.0 |
| hp | insight_management_agents | 7.51.0.0 |
| hp | insight_management_agents | 7.40.1.0 |
| hp | insight_management_agents | 7.95.0.0 |
| hp | insight_management_agents | 8.20.0.0 |
| hp | insight_management_agents | 8.50.0.0 |
| hp | insight_management_agents | * |
| hp | insight_management_agents | 7.30.0.0 |
| hp | insight_management_agents | 8.26.0.0 |
| hp | insight_management_agents | 8.1.0.0 |
| hp | insight_management_agents | 8.5 |
| hp | insight_management_agents | 8.15.0.0 |
| hp | insight_management_agents | 7.90.0.0 |
| hp | insight_management_agents | 8.22.0.0 |
Cross-site scripting (XSS) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_management_agents | 7.0.0.0 |
| hp | insight_management_agents | 7.10.0.0 |
| hp | insight_management_agents | 8.0.0.0 |
| hp | insight_management_agents | 8.40.0.0 |
| hp | insight_management_agents | 8.10.0.0 |
| hp | insight_management_agents | 7.91.0.0 |
| hp | insight_management_agents | 8.30.0.0 |
| hp | insight_management_agents | 6.40.0.0 |
| hp | insight_management_agents | 7.41.0.0 |
| hp | insight_management_agents | 7.60.0.0 |
| hp | insight_management_agents | 8.11.0.0 |
| hp | insight_management_agents | 7.80.0.0 |
| hp | insight_management_agents | 7.50.0.0 |
| hp | insight_management_agents | 7.40.0.0 |
| hp | insight_management_agents | 8.60.0.0 |
| hp | insight_management_agents | 6.30.0.0 |
| hp | insight_management_agents | 7.20.0.0 |
| hp | insight_management_agents | 7.70.0.0 |
| hp | insight_management_agents | 8.70.0.0 |
| hp | insight_management_agents | 6.31.0.0 |
| hp | insight_management_agents | 7.51.0.0 |
| hp | insight_management_agents | 7.40.1.0 |
| hp | insight_management_agents | 7.95.0.0 |
| hp | insight_management_agents | 8.20.0.0 |
| hp | insight_management_agents | 8.50.0.0 |
| hp | insight_management_agents | * |
| hp | insight_management_agents | 7.30.0.0 |
| hp | insight_management_agents | 8.26.0.0 |
| hp | insight_management_agents | 8.1.0.0 |
| hp | insight_management_agents | 8.5 |
| hp | insight_management_agents | 8.15.0.0 |
| hp | insight_management_agents | 7.90.0.0 |
| hp | insight_management_agents | 8.22.0.0 |
Unspecified vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to modify data or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_management_agents | 7.0.0.0 |
| hp | insight_management_agents | 7.10.0.0 |
| hp | insight_management_agents | 8.0.0.0 |
| hp | insight_management_agents | 8.40.0.0 |
| hp | insight_management_agents | 8.10.0.0 |
| hp | insight_management_agents | 7.91.0.0 |
| hp | insight_management_agents | 8.30.0.0 |
| hp | insight_management_agents | 6.40.0.0 |
| hp | insight_management_agents | 7.41.0.0 |
| hp | insight_management_agents | 7.60.0.0 |
| hp | insight_management_agents | 8.11.0.0 |
| hp | insight_management_agents | 7.80.0.0 |
| hp | insight_management_agents | 7.50.0.0 |
| hp | insight_management_agents | 7.40.0.0 |
| hp | insight_management_agents | 8.60.0.0 |
| hp | insight_management_agents | 6.30.0.0 |
| hp | insight_management_agents | 7.20.0.0 |
| hp | insight_management_agents | 7.70.0.0 |
| hp | insight_management_agents | 8.70.0.0 |
| hp | insight_management_agents | 6.31.0.0 |
| hp | insight_management_agents | 7.51.0.0 |
| hp | insight_management_agents | 7.40.1.0 |
| hp | insight_management_agents | 7.95.0.0 |
| hp | insight_management_agents | 8.20.0.0 |
| hp | insight_management_agents | 8.50.0.0 |
| hp | insight_management_agents | * |
| hp | insight_management_agents | 7.30.0.0 |
| hp | insight_management_agents | 8.26.0.0 |
| hp | insight_management_agents | 8.1.0.0 |
| hp | insight_management_agents | 8.5 |
| hp | insight_management_agents | 8.15.0.0 |
| hp | insight_management_agents | 7.90.0.0 |
| hp | insight_management_agents | 8.22.0.0 |
SQL injection vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | performance_insight | 5.41.001 |
| hp | performance_insight | 5.41.002 |
| hp | performance_insight | 5.41 |
| hp | performance_insight | 5.3 |
Cross-site scripting (XSS) vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | performance_insight | 5.41.001 |
| hp | performance_insight | 5.41.002 |
| hp | performance_insight | 5.41 |
| hp | performance_insight | 5.3 |
Unspecified vulnerability in HP Performance Insight for Networks 5.3.x, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | performance_insight | 5.41.001 |
| hp | performance_insight | 5.41.002 |
| hp | performance_insight | 5.41 |
| hp | performance_insight | 5.3 |
The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha platform, and 8.3, 8.3-1H1, and 8.4 on the Itanium platform, when the SYS$ACM system service is enabled, allows local users to gain privileges via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openvms | 8.3 |
| hp | openvms | 8.3-1h1 |
| hp | openvms | 8.4 |
Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin 8.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | web_jetadmin | 8.1 |
| hp | web_jetadmin | 8.0 |
HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 3.0.2 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 6.3.0 |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 6.3.1 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 6.2.2.7 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 6.2.0 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.15 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.14 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 3.0.1 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 3.0.2 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 6.3.0 |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 6.3.1 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 6.2.2.7 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 6.2.0 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.15 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.14 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 3.0.1 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 3.0.2 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 6.3.0 |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 6.3.1 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 6.2.2.7 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 6.2.0 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.15 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.14 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 3.0.1 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 3.0.2 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 6.3.0 |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 6.3.1 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 6.2.2.7 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 6.2.0 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.15 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.14 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 3.0.1 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 3.0.2 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 6.3.0 |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 6.3.1 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 6.2.2.7 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 6.2.0 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.15 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.14 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 3.0.1 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
Unspecified vulnerability on HP Photosmart Wireless e-All-in-One B110, e-All-in-One D110, Plus e-All-in-One B210, eStation All-in-One C510, Ink Advantage e-All-in-One K510, and Premium Fax e-All-in-One C410 printers allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | photosmart_wireless_e-all-in-one_printer_series | b110 |
| hp | photosmart_ink_advantage_e-all-in-one | k510 |
| hp | photosmart_plus_e-all-in-one_printer_series | b210 |
| hp | photosmart_e-all-in-one_printer_series | d110 |
| hp | photosmart_estation_all-in-one-printer_series | c510 |
| hp | photosmart_premium_fax_e-all-in-one_printer_series | c410 |
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 8.13.006 |
| hp | network_node_manager_i | 8.10 |
| hp | network_node_manager_i | 8.11.002 |
| hp | network_node_manager_i | 8.12.004 |
| hp | network_node_manager_i | 9.03 |
| hp | network_node_manager_i | 9.01 |
| hp | network_node_manager_i | 8.13.005 |
| hp | network_node_manager_i | 9.0 |
| hp | network_node_manager_i | 9.10 |
| hp | network_node_manager_i | 9.02 |
Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_agent | 8.52 |
| hp | operations_agent | 8.60.007 |
| hp | operations_agent | * |
| hp | operations_agent | 8.53 |
| hp | operations_agent | 8.60.005 |
| hp | operations_agent | 8.51.102 |
| hp | operations_agent | 8.60 |
| hp | operations_agent | 7.36 |
| hp | operations_agent | 8.60.7 |
| hp | operations_agent | 8.51 |
| hp | operations_agent | 8.60.008 |
| hp | operations_agent | 8.60.006 |
| hp | operations_agent | 8.60.501 |
Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_agent | 8.52 |
| hp | operations_agent | 8.60.007 |
| hp | operations_agent | * |
| hp | operations_agent | 8.53 |
| hp | operations_agent | 8.60.005 |
| hp | operations_agent | 8.51.102 |
| hp | operations_agent | 8.60 |
| hp | operations_agent | 7.36 |
| hp | operations_agent | 8.60.7 |
| hp | operations_agent | 8.51 |
| hp | operations_agent | 8.60.008 |
| hp | operations_agent | 8.60.006 |
| hp | operations_agent | 8.60.501 |
Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | assetmanager | 5.20 |
| hp | assetmanager | 5.21 |
| hp | assetmanager | 9.30 |
| hp | assetmanager | 5.22 |
HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server component via a crafted request to TCP port 1098, 1099, or 4444.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | business_service_management | 9.12 |
Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller, Firewall, Router, Switch, and Switch and Route Processing Unit products; and certain Huawei Firewall/Gateway, Router, Switch, and Wireless products do not properly implement access control as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0, which allows remote authenticated users to discover credentials in UserInfoEntry values via an SNMP request with the read-only community.
CVSS 2.0
Severity: LOW
Problem Type: CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3cr17254-91 | - |
| hp | jd658a | - |
| hp | 3cr17251-91 | - |
| hp | 0235a22p | - |
| hp | 0235a38r | - |
| hp | je061a | - |
| hp | je022a | - |
| hp | je204a | - |
| hp | jd008a | - |
| hp | je070a | - |
| hp | jf428a | - |
| hp | 0235a32x | - |
| hp | jd372a | - |
| hp | jf847a | - |
| hp | jd245a | - |
| hp | jf287a | - |
| hp | jd314a | - |
| hp | 0235a08h | - |
| hp | jf801a | - |
| hp | 0235a21x | - |
| hp | 0231a86p | - |
| hp | je545a | - |
| huawei | ne5000e | v800r003 |
| hp | je072a | - |
| hp | jd242a | - |
| hp | 0235a36q | - |
| hp | je093a | - |
| hp | 0235a29l | - |
| hp | je088a | - |
| hp | jd238b | - |
| hp | jf231a | - |
| hp | jd946a | - |
| hp | jg183a | - |
| hp | je106a | - |
| hp | 0150a12b | - |
| hp | jd662a | - |
| hp | jf242a | - |
| hp | jg210a | - |
| hp | 0235a10j | - |
| hp | 0235a0a7 | - |
| hp | 0235a10h | - |
| hp | jd336a | - |
| hp | 3c17302a | - |
| hp | je168a | - |
| hp | jr430b | - |
| hp | jd318a | - |
| hp | jd654a | - |
| hp | jd304a | - |
| hp | 0235a20j | - |
| hp | je069a | - |
| hp | 0235a19j | - |
| hp | 3cr17181taa-91 | - |
| hp | 0231a761 | - |
| hp | 3crs42g-24p-91 | - |
| hp | 0235a21p | - |
| hp | 3cr17343-91 | - |
| hp | 3cr17341-91 | - |
| hp | jd370a | - |
| hp | jf814a | - |
| hp | 0235a0ge | - |
| hp | jf803a | - |
| hp | 0150a12a | - |
| hp | je057a | - |
| hp | 3c17543 | - |
| hp | 3crs42g-48-91 | - |
| hp | jf239a | - |
| hp | 0235a22f | - |
| hp | 0235a22c | - |
| hp | jd922a | - |
| hp | je046a | - |
| hp | je164a | - |
| hp | 0235a25r | - |
| hp | je092a | - |
| hp | jg246a | - |
| hp | 3cr17253-91 | - |
| hp | je203a | - |
| hp | jd011a | - |
| hp | jd309a | - |
| hp | 0235a20s | - |
| hp | jd307a | - |
| hp | 0235a27r | - |
| hp | 0235a237 | - |
| huawei | atn | v200r001c01 |
| hp | 3cr17333-91 | - |
| hp | 3cr17771-91 | - |
| hp | jc148a | - |
| hp | jd311a | - |
| hp | 0235a38q | - |
| hp | jd010a | - |
| hp | je012a | - |
| hp | je104a | - |
| hp | 0235a398 | - |
| hp | jd450a | - |
| hp | jg184a | - |
| hp | jd009a | - |
| hp | je090a | - |
| hp | je109a | - |
| hp | je099a | - |
| hp | jg299a | - |
| hp | 0235a0bs | - |
| hp | 0235a38p | - |
| hp | 0235a22k | - |
| hp | 3cr17162taa-91 | - |
| hp | jd026a | - |
| hp | 3c13641 | - |
| hp | je027a | - |
| hp | 0235a10d | - |
| hp | 3crbvcxmsr03a | - |
| hp | 0235a25s | - |
| hp | jd241b | - |
| hp | 3cs7902e | - |
| hp | 0231a88l | - |
| hp | jf240a | - |
| hp | 0235a10b | - |
| hp | jd670a | - |
| hp | jf552a | - |
| hp | jf430a | - |
| hp | 0235a22d | - |
| hp | 0235a0c0 | - |
| huawei | ne5000e | v300r007 |
| hp | 0235a31x | - |
| huawei | me60 | v600r005c00spc600 |
| hp | 0235a15j | - |
| hp | jd449a | - |
| hp | 3cr17333a-91 | - |
| hp | jg221a | - |
| hp | jd320b | - |
| hp | 0235a0a8 | - |
| hp | 3c13751 | - |
| hp | 0235a0c2 | - |
| hp | jd345a | - |
| hp | je094a | - |
| hp | jd317a | - |
| huawei | -ma5200g | v300r003 |
| hp | 3crs48g-24s-91 | - |
| hp | 0235a395 | - |
| hp | je058a | - |
| hp | 3crbsg28hpwr93 | - |
| hp | 3c13640 | - |
| hp | jf813a | - |
| hp | 3cr17172taa-91 | - |
| hp | jd306a | - |
| hp | jd967a | - |
| hp | 3cr17332a-91 | - |
| hp | 0235a14w | - |
| hp | 0235a10k | - |
| hp | jg251a | - |
| hp | 3cr17561-91 | - |
| hp | jd673a | - |
| hp | 3cr17250taa-91 | - |
| huawei | ne40e&80e | v600r003 |
| hp | 3cr17250-91 | - |
| hp | je097a | - |
| hp | 0235a10c | - |
| hp | je060a | - |
| hp | 3c13636 | - |
| hp | jc165a | - |
| hp | jd923a | - |
| hp | 0235a396 | - |
| hp | jg252a | - |
| hp | 0235a22e | - |
| hp | jc150a | - |
| hp | jd357a | - |
| hp | je026a | - |
| hp | jg303a | - |
| hp | 0235a31n | - |
| hp | jg245a | - |
| hp | 0235a31d | - |
| hp | jd193a | - |
| hp | jg349a | - |
| hp | 0235a29a | - |
| hp | jd916a | - |
| hp | je030a | - |
| hp | je059a | - |
| hp | 0235a36n | - |
| hp | jd273a | - |
| hp | jd335a | - |
| hp | jd655a | - |
| hp | 0231a88a | - |
| hp | 0235a26g | - |
| hp | jc056a | - |
| hp | jc474a | - |
| hp | jd664a | - |
| hp | jd665a | - |
| hp | 0150a12c | - |
| hp | jc125a | - |
| hp | jd334a | - |
| hp | jg350a | - |
| hp | 0235a10g | - |
| hp | 3cruwx500275 | - |
| hp | jg256a | - |
| hp | jd242b | - |
| hp | 0235a300 | - |
| hp | 0235a322 | - |
| hp | jc158a | - |
| hp | jd318b | - |
| hp | jd378a | - |
| huawei | me60 | v600r002 |
| hp | jd448a | - |
| hp | je025a | - |
| hp | 3cr17334-91 | - |
| hp | jd671a | - |
| hp | jd371a | - |
| hp | jd657a | - |
| hp | 3c17541 | - |
| hp | 0235a37t | - |
| hp | je167a | - |
| hp | jg059a | - |
| hp | jd243a | - |
| hp | 3cr17660-91 | - |
| hp | je020a | - |
| hp | 0235a0ct | - |
| hp | jd325a | - |
| hp | jd347a | - |
| hp | jf230a | - |
| hp | je551a | - |
| hp | 3cr17572-91 | - |
| hp | jc566a | - |
| hp | jd669a | - |
| hp | je527a | - |
| hp | 0235a0g3 | - |
| hp | 0235a0e5 | - |
| hp | 3cr17762taa-91 | - |
| hp | jc099a | - |
| hp | 0235a325 | - |
| hp | jg182a | - |
| hp | je074a | - |
| hp | 0235a0gc | - |
| hp | jd302a | - |
| hp | je071a | - |
| hp | 0235a0gf | - |
| hp | 0235a17b | - |
| hp | 0235a22r | - |
| hp | 0235a38m | - |
| hp | jc178a | - |
| hp | 0235a0bx | - |
| hp | jf804a | - |
| hp | 0235a15f | - |
| hp | jd355a | - |
| hp | 0235a20l | - |
| hp | je105a | - |
| hp | 0235a0g0 | - |
| hp | rtvz33020as | - |
| hp | 0235a391 | - |
| hp | jg258a | - |
| hp | jd943a | - |
| hp | 0235a21q | - |
| hp | 0235a20r | - |
| hp | 3c13840 | - |
| hp | 3c13616 | - |
| hp | jg247a | - |
| hp | jf427a | - |
| hp | jd352a | - |
| hp | jd354a | - |
| hp | je095a | - |
| hp | jd921a | - |
| hp | 0235a19k | - |
| hp | 3cr17771taa-91 | - |
| huawei | cx600 | v200r002 |
| hp | je033a | - |
| hp | jf815a | - |
| hp | je100a | - |
| hp | jc054a | - |
| hp | jf237a | - |
| hp | jc652a | - |
| hp | 3c13701 | - |
| hp | jd315a | - |
| hp | lsq1srpd0 | - |
| hp | 3cr17172-91 | - |
| hp | jc101a | - |
| hp | je102a | - |
| hp | jf283a | - |
| hp | 0235a31c | - |
| hp | jd337a | - |
| hp | 3cr17251taa-91 | - |
| hp | jg255a | - |
| hp | je029a | - |
| hp | juc653a | - |
| hp | 0235a0gd | - |
| hp | jc085a | - |
| hp | jd172a | - |
| huawei | cx600 | v600r001 |
| hp | 3cr17171taa-91 | - |
| hp | jd935a | - |
| hp | jd338a | - |
| hp | 3crs45g-24-91 | - |
| huawei | me60 | v100r006 |
| hp | 0235a0c4 | - |
| hp | 0235a0e7 | - |
| hp | jf812a | - |
| hp | jd469a | - |
| hp | 0235a20k | - |
| huawei | cx600 | v600r003 |
| hp | 0235a22t | - |
| hp | je110a | - |
| hp | jd326a | - |
| hp | je107a | - |
| hp | 0235a268 | - |
| hp | jg223a | - |
| hp | jc697a | - |
| hp | jd350a | - |
| hp | jg253a | - |
| hp | jd275a | - |
| hp | 0235a14v | - |
| huawei | atb | v200r001c00 |
| hp | jf285a | - |
| hp | jg254a | - |
| hp | jd674a | - |
| hp | jg092a | - |
| hp | 0235a324 | - |
| hp | jc613a | - |
| hp | jf800a | - |
| hp | 0235a390 | - |
| hp | 0235a41d | - |
| hp | 3crbvcxmsr08a | - |
| hp | jg312a | - |
| hp | jd468a | - |
| hp | jg225a | - |
| hp | jd329a | - |
| hp | 0235a23h | - |
| huawei | me60 | v100r005 |
| hp | 0235a20p | - |
| hp | jd272a | - |
| hp | 0235a29y | - |
| hp | je021a | - |
| huawei | cx600 | v600r002 |
| hp | 0235a0bq | - |
| hp | jd675a | - |
| hp | jd328a | - |
| hp | 3cr17341taa-91 | - |
| hp | jc149a | - |
| hp | jd239b | - |
| hp | jc104a | - |
| hp | 0235a320 | - |
| hp | 3c17540taa | - |
| hp | jd661a | - |
| hp | jd375a | - |
| hp | je073a | - |
| hp | jg348a | - |
| hp | jd194a | - |
| hp | jf284a | - |
| hp | jg250a | - |
| hp | je008a | - |
| hp | je064a | - |
| hp | 0235a38v | - |
| hp | 3cr17161taa-91 | - |
| hp | jd305a | - |
| hp | jg222a | - |
| hp | lsq1fwbsc0 | - |
| hp | jd239a | - |
| hp | jd249a | - |
| hp | 3cr17253taa-91 | - |
| hp | 3crbvcxmsr01a | - |
| hp | 0235a393 | - |
| hp | 0235a0g4 | - |
| hp | 3cr17171-91 | - |
| hp | 0235a23p | - |
| hp | jd379a | - |
| hp | je067a | - |
| hp | jd310a | - |
| hp | 0235a394 | - |
| hp | jf640a | - |
| hp | jg305a | - |
| hp | lsr1fw2a1 | - |
| hp | 0235a19l | - |
| hp | 3cr17331a-91 | - |
| hp | jd348a | - |
| hp | 0235a37u | - |
| hp | 0235a31p | - |
| hp | 0235a15c | - |
| hp | je006a | - |
| hp | jf228a | - |
| hp | jg241a | - |
| hp | 0235a0g6 | - |
| hp | jg311a | - |
| hp | jd333a | - |
| hp | jd432a | - |
| hp | jd433a | - |
| hp | jc611a | - |
| hp | je068a | - |
| hp | 3cr17331taa-91 | - |
| hp | jd447b | - |
| hp | jc103a | - |
| hp | je091a | - |
| hp | 3crbsg5293 | - |
| hp | 0235a20v | - |
| hp | 3crbvcxmsr02a | - |
| hp | jd330a | - |
| huawei | me60 | v600r003 |
| hp | jc147b | - |
| hp | je005a | - |
| hp | jr431b | - |
| hp | 0235a38n | - |
| hp | jd308a | - |
| hp | jd356a | - |
| hp | 0235a31w | - |
| hp | 0235a397 | - |
| hp | je200a | - |
| hp | jc176a | - |
| hp | jd377a | - |
| hp | jf845a | - |
| hp | jf551a | - |
| hp | jd313b | - |
| hp | jd250a | - |
| hp | jc700a | - |
| hp | 0235a15h | - |
| hp | 3c13612 | - |
| hp | 0235a15d | - |
| hp | 3crbsg2893 | - |
| hp | je165a | - |
| hp | 3cr17571-91 | - |
| hp | je062a | - |
| hp | jg301a | - |
| hp | jc105a | - |
| hp | jg209a | - |
| hp | 0235a31b | - |
| hp | 0235a0g5 | - |
| hp | jd303a | - |
| hp | jf846a | - |
| hp | jg207a | - |
| hp | je063a | - |
| hp | 3crbvcxmsr05a | - |
| hp | 3cr17761-91 | - |
| hp | jd243b | - |
| hp | jd666a | - |
| hp | 0235a08m | - |
| hp | 0235a326 | - |
| hp | jg239a | - |
| hp | 0235a32e | - |
| hp | je103a | - |
| hp | jg214a | - |
| hp | 0235a0g2 | - |
| hp | 3cr17259-91 | - |
| hp | je528a | - |
| hp | 0235a238 | - |
| hp | jc150b | - |
| hp | jd376a | - |
| hp | jc612a | - |
| hp | jg237a | - |
| hp | 0235a0bu | - |
| hp | jc125b | - |
| hp | 3crs45g-48-91 | - |
| hp | jg242a | - |
| hp | 0150a129 | - |
| hp | jg307a | - |
| hp | jc177b | - |
| hp | je045a | - |
| hp | 0235a31r | - |
| hp | 0235a0g9 | - |
| hp | rpe-x1 | - |
| hp | jd447a | - |
| hp | 0235a08f | - |
| hp | jg315a | - |
| hp | 0235a327 | - |
| hp | jd025a | - |
| hp | 0235a16t | - |
| hp | jd676a | - |
| hp | 0235a0g7 | - |
| hp | 0235a35j | - |
| hp | je096a | - |
| hp | 3c17304a | - |
| hp | 3cr17151-91 | - |
| hp | je007a | - |
| hp | je108a | - |
| hp | 0235a08k | - |
| hp | jd029a | - |
| hp | jd331a | - |
| hp | 0235a0br | - |
| hp | jf553a | - |
| hp | jd351a | - |
| hp | jf232a | - |
| hp | jf430c | - |
| hp | jg236a | - |
| hp | 0235a269 | - |
| hp | jd024a | - |
| hp | je013a | - |
| hp | 3crbsg28pwr93 | - |
| hp | jd220a | - |
| hp | 3c13759 | - |
| hp | 0235a0bt | - |
| hp | jf806a | - |
| hp | jd346a | - |
| hp | 0235a32g | - |
| hp | jd028a | - |
| hp | jd268a | - |
| hp | jd369a | - |
| hp | jd917a | - |
| hp | jf241a | - |
| hp | 3cr17258-91 | - |
| hp | 0235aa2m | - |
| hp | jf238a | - |
| hp | 0235a09t | - |
| hp | je101a | - |
| hp | 0231a832 | - |
| hp | 0231a0av | - |
| hp | 0235a299 | - |
| hp | jf844a | - |
| hp | 0235a0g8 | - |
| huawei | ne5000e | v800r002 |
| hp | 0235a328 | - |
| huawei | ne40e&80e | v600r002 |
| hp | jd972a | - |
| huawei | ne40e&80e | v600r001 |
| hp | 0235a17a | - |
| hp | 3crs48g-24p-91 | - |
| hp | 3cs7903e | - |
| hp | jc100a | - |
| hp | jr024a | - |
| huawei | ne40&80 | v300r005 |
| hp | jf234a | - |
| hp | jd319b | - |
| hp | jd374a | - |
| hp | je031a | - |
| hp | jd353a | - |
| hp | 3cr17252taa-91 | - |
| hp | jd313a | - |
| hp | 0235a10f | - |
| hp | jd027a | - |
| hp | jd238a | - |
| hp | 3cr17331-91 | - |
| hp | 3cr17661-91 | - |
| hp | je023a | - |
| hp | 0235a32b | - |
| hp | jd660a | - |
| hp | jd918a | - |
| hp | jc694a | - |
| hp | jf816a | - |
| hp | jg240a | - |
| hp | 3cr17152-91 | - |
| hp | jc177a | - |
| hp | jc701a | - |
| hp | 3cr17342-91 | - |
| hp | 0235a19b | - |
| hp | jd274a | - |
| hp | 0235a19d | - |
| hp | 0235a298 | - |
| hp | 0235a392 | - |
| hp | 3cs7906ev | - |
| hp | 0235a27q | - |
| hp | jg249a | - |
| hp | jf233a | - |
| hp | jg238a | - |
| hp | jg257a | - |
| hp | je066a | - |
| hp | 0231a65t | - |
| hp | jd240b | - |
| hp | jd320a | - |
| hp | jd444a | - |
| hp | 0235a31v | - |
| hp | 0235a39h | - |
| hp | 3crs48g-48-91 | - |
| hp | 0235a23t | - |
| hp | 0235a0ga | - |
| hp | 3cr17258taa-91 | - |
| hp | jc748a | - |
| hp | jd663b | - |
| hp | 0235a248 | - |
| hp | je018a | - |
| hp | 3cr17662-91 | - |
| hp | jc149b | - |
| huawei | ne40e&80e | v300r003 |
| hp | jd312a | - |
| hp | jc147a | - |
| hp | jc691a | - |
| hp | 0235a19h | - |
| hp | je201a | - |
| hp | 3crbvcxmsr07a | - |
| hp | 3cr17343a-91 | - |
| hp | 3crs42g-24-91 | - |
| hp | jd319a | - |
| hp | 3cruwx500475 | - |
| hp | 0235a27d | - |
| hp | 0235a42b | - |
| hp | jf802a | - |
| hp | jd007a | - |
| hp | 0235a0g1 | - |
| hp | 0235a267 | - |
| hp | 0235a301 | - |
| hp | jf229a | - |
| hp | jg208a | - |
| hp | jd344a | - |
| hp | 0235a19c | - |
| huawei | ma5200g | v200r003 |
| hp | je166a | - |
| hp | 0235a10e | - |
| hp | 0235a0as | - |
| hp | 3crs48g-48p-91 | - |
| hp | jd251a | - |
| hp | 0235a0e3 | - |
| hp | je199a | - |
| hp | 3crs48g-24-91 | - |
| hp | jc055a | - |
| hp | jc474b | - |
| hp | jg213a | - |
| hp | jc635a | - |
| hp | 3cr17562-91 | - |
| hp | jg091a | - |
| hp | jd023a | - |
| hp | jg478a | - |
| hp | 0235a25n | - |
| hp | 0235a0e6 | - |
| hp | 3c17543taa | - |
| hp | jd431a | - |
| hp | jd448b | - |
| hp | 3cr17671-91 | - |
| hp | 3c17540 | - |
| hp | 0235a297 | - |
| hp | jc148b | - |
| hp | 0235a22h | - |
| hp | 3cr17341a-91 | - |
| hp | jc496a | - |
| hp | jd659a | - |
| hp | je009a | - |
| hp | 0235a37x | - |
| hp | je526a | - |
| hp | jc699a | - |
| hp | jg215a | - |
| hp | 0235a42d | - |
| huawei | ne20e-x6 | v600r003 |
| hp | 3cr17772taa-91 | - |
| hp | 0235a15g | - |
| hp | 0235a34b | - |
| hp | jd667a | - |
| hp | je015a | - |
| hp | jf236a | - |
| hp | je028a | - |
| huawei | ne20 | v200r005 |
| hp | 3c13613 | - |
| hp | jd241a | - |
| hp | jf286a | - |
| hp | jf808a | - |
| hp | jc666a | - |
| hp | 0235a20n | - |
| hp | 3cr17332-91 | - |
| hp | je089a | - |
| hp | 3crbvcxmsr06a | - |
| hp | 0235a15b | - |
| hp | jd193b | - |
| hp | jf247a | - |
| hp | jd316a | - |
| hp | jd327a | - |
| hp | 3cr17161-91 | - |
| hp | 3cr17772-91 | - |
| hp | jf809a | - |
| hp | jc653a | - |
| hp | jg248a | - |
| hp | 0235a31q | - |
| hp | 3cs7906e | - |
| hp | je016a | - |
| hp | 3c17541taa | - |
| hp | jd668a | - |
| hp | jd672a | - |
| hp | jf235a | - |
| hp | 3crbsg2093 | - |
| hp | je048a | - |
| hp | 3cs7903es | - |
| hp | 0235a31e | - |
| hp | jf817a | - |
| hp | jf807a | - |
| hp | 3cr17181-91 | - |
| hp | 3cr17162-91 | - |
| hp | jd663a | - |
| hp | jd240a | - |
| hp | 0235a20q | - |
| hp | 0235a33r | - |
| hp | 0235a321 | - |
| hp | jc178b | - |
| hp | jf431c | - |
| hp | jc086a | - |
| hp | jc124b | - |
| hp | jd656a | - |
| hp | 3cr17762-91 | - |
| hp | jg300a | - |
| hp | je032a | - |
| hp | 0235a27s | - |
| hp | jc698a | - |
| hp | jg302a | - |
| hp | 0235a323 | - |
| hp | jd349a | - |
| hp | je198a | - |
| hp | 0235a296 | - |
| hp | 3cr17761taa-91 | - |
| hp | jg304a | - |
| hp | jd373a | - |
| hp | 0235a10l | - |
| hp | jd332a | - |
| hp | jf431a | - |
HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writable permissions for /var/log/hp and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operations.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linux_imaging_and_printing_project | 3.12.11 |
| hp | linux_imaging_and_printing_project | 3.9.10 |
| hp | linux_imaging_and_printing_project | 3.12.10 |
| hp | linux_imaging_and_printing_project | 1.0 |
| hp | linux_imaging_and_printing_project | * |
| hp | linux_imaging_and_printing_project | 3.12.2 |
| hp | linux_imaging_and_printing_project | 3.10.5 |
| hp | linux_imaging_and_printing_project | 3.12.9 |
| hp | linux_imaging_and_printing_project | 3.9.12 |
| hp | linux_imaging_and_printing_project | 3.11.1 |
| hp | linux_imaging_and_printing_project | 3.10.9 |
| hp | linux_imaging_and_printing_project | 3.12.6 |
| hp | linux_imaging_and_printing_project | 3.11.3 |
| hp | linux_imaging_and_printing_project | 3.10.2 |
| hp | linux_imaging_and_printing_project | 3.10.6 |
| hp | linux_imaging_and_printing_project | 2.0 |
| hp | linux_imaging_and_printing_project | 3.11.5 |
| hp | linux_imaging_and_printing_project | 3.11.7 |
| hp | linux_imaging_and_printing_project | 3.11.10 |
| hp | linux_imaging_and_printing_project | 3.9.2 |
| hp | linux_imaging_and_printing_project | 3.9.6 |
| hp | linux_imaging_and_printing_project | 2.7.10 |
| hp | linux_imaging_and_printing_project | 3.9.8 |
| hp | linux_imaging_and_printing_project | 3.9.4b |
| hp | linux_imaging_and_printing_project | 3.9.4 |
| hp | linux_imaging_and_printing_project | 3.11.3a |
| hp | linux_imaging_and_printing_project | 3.12.4 |
Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code."
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | mail_security | * |
| symantec | data_loss_prevention_endpoint | * |
| ibm | notes | * |
| symantec | mail_security | 6.5.7 |
| ibm | domino | * |
| symantec | messaging_gateway | * |
| hp | autonomy_keyview_idol | * |
| symantec | data_loss_prevention_enforce/detection_servers | * |
The KillProcess method in the HP PKI ActiveX control (HPPKI.ocx) before 1.2.0.1 allows remote attackers to cause a denial of service (kill process) via the partial or full name of a process.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pki_activex_control | * |
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vulnerability than CVE-2011-2722.
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linux_imaging_and_printing_project | 3.11.3 |
| hp | linux_imaging_and_printing_project | 3.9.10 |
| hp | linux_imaging_and_printing_project | 1.0 |
| hp | linux_imaging_and_printing_project | * |
| redhat | enterprise_linux | 6.0 |
| hp | linux_imaging_and_printing_project | 3.10.2 |
| hp | linux_imaging_and_printing_project | 3.10.5 |
| hp | linux_imaging_and_printing_project | 3.10.6 |
| hp | linux_imaging_and_printing_project | 2.0 |
| hp | linux_imaging_and_printing_project | 3.11.5 |
| hp | linux_imaging_and_printing_project | 3.11.7 |
| hp | linux_imaging_and_printing_project | 3.11.10 |
| hp | linux_imaging_and_printing_project | 3.9.2 |
| hp | linux_imaging_and_printing_project | 3.9.12 |
| hp | linux_imaging_and_printing_project | 3.9.6 |
| hp | linux_imaging_and_printing_project | 3.11.1 |
| hp | linux_imaging_and_printing_project | 2.7.10 |
| hp | linux_imaging_and_printing_project | 3.9.8 |
| hp | linux_imaging_and_printing_project | 3.9.4b |
| hp | linux_imaging_and_printing_project | 3.10.9 |
| hp | linux_imaging_and_printing_project | 3.9.4 |
| hp | linux_imaging_and_printing_project | 3.11.3a |
Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager_web_tier | 9.31 |
HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_sql/mx | 2.0 |
| hp | nonstop_sql/mx | 3.1 |
| hp | nonstop_sql/mx | * |
| hp | nonstop_sql/mx | 2.3 |
| hp | nonstop_sql/mx | 2.2 |
| hp | nonstop_sql/mx | 3.0 |
| hp | nonstop_sql/mx | 21 |
| hp | nonstop_sql/mx | 1.8 |
HP SQL/MX 3.0 through 3.2 on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to bypass intended access restrictions and modify data via unspecified vectors, aka the "SQL/MP tables" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_sql/mx | 3.1 |
| hp | nonstop_sql/mx | 3.0 |
| hp | nonstop_sql/mx | 3.2 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1629.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1633.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1634.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1635.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1636.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1637.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1638.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1652.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1654.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1680.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1681.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 7.11 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
| hp | service_center | 6.2.8 |
Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 7.11 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
| hp | service_center | 6.2.8 |
Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | integrated_lights-out_3_firmware | 1.50 |
| hp | integrated_lights-out_4_firmware | 1.13 |
| hp | integrated_lights-out_3_firmware | 1.28 |
| hp | integrated_lights-out_3_firmware | 1.05 |
| hp | integrated_lights-out_3_firmware | 1.20 |
| hp | integrated_lights-out_3_firmware | * |
| hp | integrated_lights-out_3_firmware | 1.26 |
| hp | integrated_lights-out_4_firmware | 1.11 |
| hp | integrated_lights-out_3_firmware | 1.00 |
HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | smart_zero_core | 4.3 |
| hp | smart_zero_core | 4.3.1 |
Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | h3c_switch | s3100-8c-si_ls-s3100-8c-si-ac-ovs |
| hp | h3c_processor_module | msr_50 |
| hp | h3c_switch | s5100-16p-si_ls-5100-16p-si-ovs-h3 |
| hp | procurve_switch | je008a |
| hp | procurve_switch | jd313b |
| hp | 3com_baseline_plus_switch | 2900g-28pwr |
| hp | h3c_router | rt-msr2012-ac-ovs-h3 |
| hp | procurve_switch | je101a |
| hp | procurve_switch | jg257a |
| hp | 3com_switch | ss4_5500g-ei-pwr |
| hp | h3c_router | msr_3016_poe |
| hp | procurve_switch | jd306a |
| hp | h3c_router | sr8802 |
| hp | procurve_switch | jg304a |
| hp | h3c_router | rt-msr5060-ac-ovs-h3 |
| hp | procurve_switch | jg299a |
| hp | procurve_switch | je028a |
| hp | procurve_switch | je107a |
| hp | h3c_router | rt-msr2015-ac-ovs-a-h3 |
| hp | procurve_switch | jg303a |
| hp | h3c_router | rt-msr2012-ac-ovs-w-h3 |
| hp | procurve_switch | je069a |
| hp | procurve_switch | je165a |
| hp | h3c_switch | s12508 |
| hp | procurve_switch | jd241a |
| hp | procurve_switch | jd335a |
| hp | h3c_switch | s5100-50c-ei_ls-5100-50c-ei-ovs |
| hp | procurve_switch | jf430a |
| hp | h3c_switch | s9505e |
| hp | procurve_switch | jg316a |
| hp | procurve_switch | jd317a |
| hp | 3com_switch | 4210 |
| hp | h3c_router | msr_20-10 |
| hp | procurve_router | jf229a |
| hp | procurve_switch | jd337a |
| hp | h3c_router | msr_20-15 |
| hp | procurve_router | jf233a |
| hp | procurve_router | jd656a |
| hp | procurve_switch | jg251a |
| hp | procurve_router | jd432a |
| hp | procurve_switch | jc100a |
| hp | procurve_router | jd967a |
| hp | vpn_firewall_appliance | jg214a |
| hp | procurve_switch | jd305a |
| hp | 3com_switch_taa_compliant | 5500g-ei-sfp |
| hp | procurve_router | jd918a |
| hp | procurve_switch | je166a |
| hp | procurve_switch | jd334a |
| hp | h3c_router | msr_920 |
| hp | 3com_baseline_plus_switch | 2900 |
| hp | procurve_switch | jc652a |
| hp | procurve_switch | jc085a |
| hp | 3com_switch | ss4_5500-si |
| hp | 3com_switch_taa_compliant | 5500g-ei-pwr |
| hp | procurve_router | jf800a |
| hp | procurve_switch | jc099a |
| hp | 3com_switch | ss4_5500-ei |
| hp | procurve_router | jf236a |
| hp | procurve_switch | jg092a |
| hp | h3c_router | rt-msr2012-t-ac-ovs-h3 |
| hp | procurve_router | jd653a |
| hp | 3com_router | 5231 |
| hp | procurve_switch | jd374a |
| hp | procurve_router | jf812a |
| hp | procurve_router | jf804a |
| hp | procurve_switch | je071a |
| hp | procurve_switch | jc102a |
| hp | procurve_router | jc147b |
| hp | procurve_switch | jd338a |
| hp | procurve_switch | jd344a |
| hp | h3c_switch | s7506e-v |
| hp | procurve_switch | jg256a |
| hp | procurve_router | jd662a |
| hp | procurve_switch | jg225a |
| hp | procurve_switch | je094a |
| hp | procurve_switch | jd243b |
| hp | procurve_switch | je074a |
| hp | h3c_routing_switch | s9505e |
| hp | procurve_switch | jd011a |
| hp | procurve_switch | jg302a |
| hp | procurve_switch | jd240a |
| hp | h3c_router | msr_30-20_rtvz33020as |
| hp | procurve_switch | jc474a |
| hp | h3c_router | msr_30-40_poe |
| hp | procurve_switch | jd327a |
| hp | h3c_switch | s3100-26c-si_ls-s3100-26c-si-dc-ovs |
| hp | procurve_switch | jd307a |
| hp | procurve_switch | jd392a |
| hp | procurve_switch | je046a |
| hp | procurve_switch | jg242a |
| hp | 3com_router | ss4_5500g-ei |
| hp | procurve_switch | je167a |
| hp | procurve_switch | je024a |
| hp | h3c_switch | s3610-28tp_ls-3610-28tp-ovs |
| hp | 3com_switch | 4200g-ntg |
| hp | h3c_router | msr_20-13_w |
| hp | h3c_router | msr_20-13 |
| hp | procurve_switch | jd304a |
| hp | h3c_switch | s3100-26c-si_ls-s3100-26c-si-ac-ovs |
| hp | procurve_switch | jc654a |
| hp | procurve_switch | jg300a |
| hp | procurve_switch | jd243a |
| hp | procurve_switch | jd394a |
| hp | procurve_router | jd972a |
| hp | h3c_switch | s3100-8c-si_ls-s3100-8c-si-dc-ovs |
| hp | procurve_router | jf640a |
| hp | procurve_switch | jc106a |
| hp | procurve_switch | jf552a |
| hp | procurve_switch | je106a |
| hp | h3c_switch | s5120-52c-ei |
| hp | procurve_switch | je099a |
| hp | procurve_switch | jd350a |
| hp | h3c_router | rt-msr3016-ac-ovs-h3 |
| hp | procurve_router | jf813a |
| hp | 3com_switch | 4200g |
| hp | procurve_switch | jf430b |
| hp | 3com_switch | 4210-48g |
| hp | procurve_switch | jc611a |
| hp | h3c_ethernet_switch | s5500-28c-ei-dc |
| hp | h3c_switch | s5120-52p-si |
| hp | procurve_switch | jd331a |
| hp | procurve_switch | jg246a |
| hp | procurve_switch | je109a |
| hp | h3c_router | msr_30-40 |
| hp | h3c_switch | s3100-16c-si_ls-s3100-16c-si-dc-ovs |
| hp | procurve_switch | jd239a |
| hp | 3com_router | 3018 |
| hp | procurve_switch | jg349a |
| hp | procurve_switch | jd319b |
| hp | procurve_router | jf228a |
| hp | procurve_router | jd663b |
| hp | 3com_baseline_plus_switch | 2900g |
| hp | 3com_router | 5009 |
| hp | h3c_switch | s5120-48p-ei |
| hp | h3c_switch | s7503e-s |
| hp | procurve_router | jf287a |
| hp | 3com_switch | 4210_pwr |
| hp | h3c_switch | s3100-16t-si_ls-s3100-16t-si-ac-ovs |
| hp | procurve_switch | jd370a |
| hp | h3c_router | rt-msr3040-ac-poe-ovs-h3 |
| hp | 3com_switch | 4200g_pwr |
| hp | procurve_router | jd922a |
| hp | h3c_switch | s3600-28f-ei_ls-3600-28f-ei-ovs |
| hp | procurve_router | jf283a |
| hp | procurve_router | jd943a |
| hp | procurve_switch | jc655a |
| hp | h3c_switch | s5100-8p-si_ls-5100-8p-si-ovs-h3 |
| hp | procurve_switch | jg252a |
| hp | h3c_ethernet_switch | s5600-50c |
| hp | procurve_router | jd917a |
| hp | h3c_switch | s5120-28p-hpwr-si |
| hp | vpn_firewall_appliance | jd271a |
| hp | procurve_router | jf807a |
| hp | procurve_switch | jg250a |
| hp | h3c_router | msr_20-21 |
| hp | h3c_routing_switch | s12508 |
| hp | h3c_router | rt-msr2015-ac-ovs-i-h3 |
| hp | procurve_switch | je033a |
| hp | procurve_switch | jg305a |
| hp | procurve_switch | jd336a |
| hp | h3c_router | rt-msr3060-dc-ovs-h3 |
| hp | h3c_router | rt-msr3020-dc-ovs-h3 |
| hp | procurve_switch | jg350a |
| hp | h3c_ethernet_switch | s5600-50c-pwr |
| hp | procurve_switch | jg253a |
| hp | h3c_ethernet_switch | s5500-28c-pwr-si |
| hp | h3c_router | msr_30-20_poe |
| hp | procurve_switch | je023a |
| hp | procurve_router | jd663a |
| hp | procurve_router | jd944a |
| hp | procurve_router | jf285a |
| hp | procurve_router | jc150a |
| hp | h3c_ethernet_switch | s5600-26c |
| hp | h3c_router | rt-msr3016-ac-poe-ovs-h3 |
| hp | h3c_switch | s7502e |
| hp | procurve_switch | jd238b |
| hp | h3c_router | rt-msr3060-ac-ovs-h3 |
| hp | procurve_router | jf809a |
| hp | procurve_switch | jg240a |
| hp | h3c_switch | s3600-52p-pwr-ei_ls-3600-52p-pwr-ei-ovs |
| hp | procurve_switch | je090a |
| hp | 3com_switch | 4510g |
| hp | procurve_switch | jd308a |
| hp | h3c_switch | s3100-26t-si_ls-s3100-26t-si-ac-ovs |
| hp | 3com_switch | 4210_pwr_9p_taa |
| hp | h3c_router | msr_30-20 |
| hp | h3c_router | rt-msr3020-ac-poe-ovs-h3 |
| hp | h3c_switch | s3610-28f_ls-3610-28f-ovs |
| hp | 3com_switch | 4510g_pwr |
| hp | procurve_router | jc150b |
| hp | h3c_switch | s5100-16p-ei_ls-5100-16p-ei-ovs-h3 |
| hp | h3c_switch | s7503e |
| hp | procurve_switch | jg241a |
| hp | h3c_switch | s3100-16c-si_ls-s3100-16c-si-ac-ovs |
| hp | h3c_switch | s3600-52p-ei_ls-3600-52p-ei-ovs |
| hp | h3c_switch | s3610-52p_ls-3610-52p-ovs |
| hp | procurve_switch | jd354a |
| hp | procurve_switch | je005a |
| hp | procurve_switch | je068a |
| hp | procurve_switch | je026a |
| hp | procurve_router | jf231a |
| hp | h3c_router | msr_50-40 |
| hp | procurve_switch | je018a |
| hp | procurve_switch | jd373a |
| hp | procurve_router | jd921a |
| hp | procurve_switch | jg247a |
| hp | procurve_switch | je022a |
| hp | procurve_switch | jc086a |
| hp | procurve_switch | jd376a |
| hp | procurve_switch | jd242a |
| hp | procurve_switch | jd302a |
| hp | procurve_switch | jd377a |
| hp | h3c_router | rt-msr2020-ac-ovs-h3c |
| hp | procurve_router | jc149b |
| hp | procurve_router | jd935a |
| hp | procurve_switch | jd355a |
| hp | h3c_router | rt-msr3060-ac-poe-ovs-h3 |
| hp | procurve_switch | jc104a |
| hp | procurve_switch | jg239a |
| hp | procurve_switch | je097a |
| hp | procurve_switch | jc474b |
| hp | h3c_switch | s3600-28p-si_ls-3600-28p-si-ovs |
| hp | procurve_router | jf234a |
| hp | h3c_ethernet_switch | s5600-26c-pwr |
| hp | h3c_ethernet_switch | s7503e |
| hp | h3c_router | sr8812 |
| hp | procurve_switch | je067a |
| hp | 3com_switch | 4800g |
| hp | procurve_switch | jg254a |
| hp | procurve_switch | jd345a |
| hp | procurve_switch | jg236a |
| hp | 3com_router | 5232 |
| hp | 3com_router | 5642_taa |
| hp | h3c_switch | s5100-26c-pwr-ei_ls-5100-26c-pwr-ei-ovs |
| hp | procurve_switch | jg222a |
| hp | h3c_switch | s7506e |
| hp | procurve_router | jd923a |
| hp | h3c_router | sr8808 |
| hp | procurve_switch | jd009a |
| hp | 3com_router | 6040 |
| hp | procurve_switch | jd393a |
| hp | h3c_router | rt-msr2040-ac-ovs-h3 |
| hp | h3c_switch | s5820x-28s |
| hp | procurve_switch | jg237a |
| hp | h3c_routing_switch | s12518 |
| hp | procurve_switch | jc103a |
| hp | procurve_router | jd431a |
| hp | h3c_ethernet_switch | s7502e |
| hp | procurve_switch | jg307a |
| hp | procurve_switch | jg311a |
| hp | procurve_switch | jd347a |
| hp | procurve_switch | jd320b |
| hp | procurve_switch | jd391a |
| hp | procurve_switch | jd330a |
| hp | h3c_switch | s5100-16p-pwr-ei_ls-5100-16p-pwr-ei-ovs |
| hp | 3com_switch | ss4_switch_5500g-ei |
| hp | h3c_router | rt-msr2012-ac-ovs-s-h3 |
| hp | h3c_ethernet_switch | s5500-52c-pwr-ei |
| hp | h3c_router | msr5040-dc-ovs-h3c |
| hp | procurve_switch | je006a |
| hp | procurve_router | jf817a |
| hp | h3c_processing_module | msr_50_g2 |
| hp | h3c_switch | s5100-50c-pwr-ei_ls-5100-50c-pwr-ei-ovs |
| hp | procurve_router | jd946a |
| hp | procurve_switch | jc694a |
| hp | procurve_switch | jc105a |
| hp | h3c_ethernet_switch | s5500-52c-si |
| hp | procurve_router | jf284a |
| hp | procurve_switch | jg348a |
| hp | procurve_router | jf183a |
| hp | 3com_router | 5012 |
| hp | procurve_switch | je045a |
| hp | procurve_switch | jc612a |
| hp | procurve_switch | jf846a |
| hp | procurve_switch | jg243a |
| hp | h3c_router | msr_20-15_a |
| hp | procurve_switch | je048a |
| hp | procurve_switch | jg301a |
| hp | 3com_router | 5640 |
| hp | procurve_switch | jd352a |
| hp | procurve_switch | jg255a |
| hp | procurve_switch | jd349a |
| hp | h3c_switch | s3600-52p-pwr-si_ls-3600-52p-pwr-si-ovs |
| hp | procurve_switch | jg091a |
| hp | h3c_switch | s5120-52c-pwr-ei |
| hp | procurve_switch | jd353a |
| hp | procurve_switch | jd310a |
| hp | procurve_switch | jf427a |
| hp | h3c_switch | s3600-28p-pwr-si_ls-3600-28p-pwr-si-ovs |
| hp | procurve_router | jf815a |
| hp | h3c_router | msr_30-60 |
| hp | h3c_switch | s3600-28p-ei_ls-3600-28p-ei-ovs |
| hp | h3c_ethernet_switch | s7506e-v |
| hp | procurve_router | jf230a |
| hp | procurve_switch | jg258a |
| hp | 3com_taa_switch | 5500-ei |
| hp | procurve_switch | je096a |
| hp | h3c_switch | s5100-26c-ei_ls-5100-26c-ei-ovs |
| hp | h3c_switch | s5120-20p-si |
| hp | h3c_switch | s3600-28p-pwr-ei_ls-3600-28p-pwr-ei-ovs |
| hp | procurve_switch | je089a |
| hp | procurve_switch | jc691a |
| hp | vpn_firewall_appliance | jg213a |
| hp | h3c_ethernet_switch | s5500-28f-ei |
| hp | procurve_switch | jg312a |
| hp | procurve_switch | jg259a |
| hp | procurve_switch | je110a |
| hp | 3com_router | 6080 |
| hp | h3c_router | msr_30-10 |
| hp | procurve_switch | jf431a |
| hp | 3com_switch | 4500_pwr |
| hp | 3com_switch_taa_compliant | 5500g-ei |
| hp | procurve_switch | jg219a |
| hp | h3c_router | sr_20-12_w |
| hp | procurve_switch | je020a |
| hp | procurve_switch | jd238a |
| hp | h3c_ethernet_switch | s7510e |
| hp | procurve_switch | jg238a |
| hp | procurve_router | jf235a |
| hp | procurve_switch | jd007a |
| hp | procurve_switch | je164a |
| hp | procurve_switch | jf553a |
| hp | h3c_switch | s5800-32c-pwr |
| hp | 3com_router | 3041 |
| hp | h3c_switch | s5800-56c-pwr |
| hp | vpn_firewall_appliance | jd270a |
| hp | procurve_router | jd945a |
| hp | h3c_switch | s5800-60c-pwr |
| hp | procurve_switch | je016a |
| hp | procurve_switch | je019a |
| hp | procurve_switch | je169a |
| hp | h3c_router | msr_50-60 |
| hp | h3c_router | rt-msr2015-ac-ovs-iw-h3 |
| hp | h3c_router | rt-msr2015-ac-ovs-aw-h3 |
| hp | procurve_router | jc149a |
| hp | procurve_router | jc148a |
| hp | procurve_switch | jd357a |
| hp | procurve_switch | je015a |
| hp | h3c_router | msr_20-15_iw |
| hp | procurve_switch | jf430c |
| hp | procurve_switch | jd242b |
| hp | procurve_router | jc147a |
| hp | procurve_switch | jd241b |
| hp | procurve_switch | jc124a |
| hp | 3com_switch | e4210-24g-poe |
| hp | 3com_switch | ss4_5500-ei-pwr |
| hp | procurve_switch | jg315a |
| hp | h3c_ethernet_switch | s5500-28c-ei |
| hp | procurve_router | jf816a |
| hp | h3c_router | rt-msr3011-ac-ovs-h3 |
| hp | procurve_switch | jd309a |
| hp | h3c_switch | s3600-28tp-si_ls-3600-28tp-si-ovs |
| hp | procurve_switch | je105a |
| hp | procurve_switch | je027a |
| hp | procurve_switch | je095a |
| hp | h3c_router | rt-msr3040-ac-ovs-as-h3 |
| hp | procurve_switch | jc653a |
| hp | procurve_switch | jd318b |
| hp | procurve_router | jc148b |
| hp | procurve_switch | jd328a |
| hp | h3c_switch | s5120-28c-pwr-ei |
| hp | procurve_switch | jd369a |
| hp | h3c_switch | s5120-28c-ei |
| hp | procurve_switch | je072a |
| hp | procurve_switch | jd378a |
| hp | h3c_switch | s3100-52p_ls-3100-52p-ovs-h3 |
| hp | procurve_switch | je017a |
| hp | h3c_router | msr_20-12 |
| hp | h3c_ethernet_switch | s5600-26f |
| hp | procurve_switch | jd239b |
| hp | procurve_switch | jg306a |
| hp | h3c_router | msr_3016 |
| hp | 3com_baseline_plus_switch | 2900g-28hpwr |
| hp | h3c_switch | s3610-28p_ls-3610-28p-ovs |
| hp | h3c_switch | s5820x-28c |
| hp | 3com_router | 3016 |
| hp | h3c_ethernet_switch | s7506e |
| hp | procurve_switch | jc125a |
| hp | h3c_ethernet_switch | s7503e-s |
| hp | 3com_switch | 4500 |
| hp | procurve_switch | jd333a |
| hp | procurve_router | jf808a |
| hp | procurve_switch | jd303a |
| hp | procurve_switch | je070a |
| hp | procurve_switch | jf844a |
| hp | procurve_router | jd433a |
| hp | procurve_switch | je025a |
| hp | procurve_switch | je066a |
| hp | procurve_switch | jc125b |
| hp | h3c_switch | s5100-48p-si_ls-5100-48p-si-ovs-h3 |
| hp | procurve_router | jf802a |
| hp | procurve_switch | je088a |
| hp | procurve_router | jf801a |
| hp | procurve_switch | 658247-b21 |
| hp | 3com_switch | ss4_5500g-ei |
| hp | procurve_switch | jd346a |
| hp | procurve_switch | jd240b |
| hp | procurve_switch | jg374a |
| hp | 3com_switch | 4210-24g |
| hp | procurve_switch | je093a |
| hp | h3c_ethernet_switch | s5500-28c-pwr-ei |
| hp | procurve_switch | je031a |
| hp | h3c_router | msr_20-20 |
| hp | procurve_router | jd916a |
| hp | h3c_switch | s5120-28p-pwr-si |
| hp | procurve_switch | je102a |
| hp | h3c_router | rt-msr2013-ac-ovs-h3 |
| hp | procurve_switch | jd356a |
| hp | procurve_switch | jc613a |
| hp | procurve_router | jf240a |
| hp | 3com_router | 5682 |
| hp | 3com_router | 3040 |
| hp | procurve_switch | jf428a |
| hp | h3c_switch | s3100-8t-si_ls-s3100-8t-si-ac-ovs |
| hp | h3c_switch | s5120-28p-si |
| hp | procurve_switch | 658250-b21 |
| hp | procurve_switch | je104a |
| hp | 3com_router | 3036 |
| hp | h3c_ethernet_switch | s5500-52c-pwr-si |
| hp | 3com_router | 3012 |
| hp | 3com_router | 3013 |
| hp | procurve_switch | jf847a |
| hp | procurve_switch | je030a |
| hp | procurve_switch | jg221a |
| hp | procurve_switch | je073a |
| hp | h3c_switch | s5100-48p-ei_ls-5100-48p-ei-ovs |
| hp | procurve_switch | jf431c |
| hp | procurve_router | jf239a |
| hp | procurve_switch | jd008a |
| hp | procurve_switch | jg248a |
| hp | procurve_router | jd655a |
| hp | h3c_routing_switch | s9508e-v |
| hp | procurve_switch | jd325a |
| hp | procurve_router | jd664a |
| hp | procurve_switch | jc101a |
| hp | procurve_switch | jf551a |
| hp | procurve_switch | je009a |
| hp | procurve_router | jf241a |
| hp | procurve_switch | jf845a |
| hp | procurve_switch | jc124b |
| hp | h3c_switch | s5100-24p-ei_ls-5100-24p-ei-ovs |
| hp | procurve_switch | je100a |
| hp | h3c_router | rt-msr2011-ac-ovs-h3 |
| hp | h3c_routing_switch | s9512e |
| hp | procurve_switch | je108a |
| hp | h3c_high_performance_main_processing_unit | msr_50_3ge |
| hp | procurve_router | jd429b |
| hp | h3c_router | msr_20-12_t1 |
| hp | procurve_switch | jd372a |
| hp | procurve_switch | jg249a |
| hp | 3com_switch | e4510-24g |
| hp | procurve_router | jf182a |
| hp | h3c_router | msr_20-40 |
| hp | 3com_router | 5642 |
| hp | h3c_ethernet_switch | s5500-52c-ei |
| hp | h3c_switch | s5800-32f |
| hp | 3com_switch | 5500g-ei_sfp |
| hp | h3c_router | rt-msr2040-ac-ovs-h3c |
| hp | h3c_switch | s5800-56c |
| hp | procurve_switch | je021a |
| hp | procurve_switch | jg245a |
| hp | h3c_switch | s9508e-v |
| hp | procurve_switch | jd395a |
| hp | procurve_router | jf184a |
| hp | procurve_switch | je091a |
| hp | procurve_switch | jc748a |
| hp | h3c_switch | s3600-52p-si_ls-3600-52p-si-ovs |
| hp | h3c_router | msr_20-15_a_w |
| hp | procurve_switch | jd375a |
| hp | procurve_switch | je029a |
| hp | h3c_ethernet_switch | s5500-28c-si |
| hp | h3c_switch | s5100-8p-pwr-ei_ls-5100-8p-pwr-ei-ovs |
| hp | procurve_switch | jf431b |
| hp | h3c_router | sr8805 |
| hp | h3c_router | rt-msr3040-ac-ovs-h |
| hp | h3c_switch | s5120-24p-ei |
| hp | procurve_switch | jd332a |
| hp | procurve_router | jf238a |
| hp | procurve_switch | je092a |
| hp | h3c_router | msr_3010 |
| hp | procurve_router | jf806a |
| hp | 3com_router | jg005a |
| hp | procurve_switch | je047a |
| hp | procurve_router | jf814a |
| hp | procurve_switch | jg223a |
| hp | h3c_router | msr_900 |
| hp | procurve_switch | jd010a |
| hp | h3c_router | msr_30-60_poe |
| hp | h3c_router | msr_20-11 |
| hp | h3c_switch | s5800-32c |
| hp | h3c_switch | s12518 |
| hp | procurve_switch | jd329a |
| hp | procurve_router | jf237a |
| hp | procurve_switch | je007a |
| hp | h3c_router | rt-msr2013-ac-ovs-w-h3 |
| hp | procurve_switch | jd371a |
| hp | procurve_switch | jd379a |
| hp | procurve_router | jf803a |
| hp | procurve_switch | jd326a |
| hp | h3c_switch | s5100-24p-si_ls-5100-24p-si-ovs-h3 |
| hp | procurve_switch | je032a |
| hp | 3com_router | 5680 |
| hp | h3c_switch | s5100-8p-ei_ls-5100-8p-ei-ovs-h3 |
| hp | procurve_switch | jd351a |
| hp | procurve_switch | jd348a |
| hp | procurve_switch | je168a |
Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote authenticated users to execute arbitrary code or obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | h3c_switch | s3100-8c-si_ls-s3100-8c-si-ac-ovs |
| hp | h3c_processor_module | msr_50 |
| hp | h3c_switch | s5100-16p-si_ls-5100-16p-si-ovs-h3 |
| hp | procurve_switch | je008a |
| hp | procurve_switch | jd313b |
| hp | 3com_baseline_plus_switch | 2900g-28pwr |
| hp | h3c_router | rt-msr2012-ac-ovs-h3 |
| hp | procurve_switch | je101a |
| hp | procurve_switch | jg257a |
| hp | 3com_switch | ss4_5500g-ei-pwr |
| hp | h3c_router | msr_3016_poe |
| hp | procurve_switch | jd306a |
| hp | h3c_router | sr8802 |
| hp | procurve_switch | jg304a |
| hp | h3c_router | rt-msr5060-ac-ovs-h3 |
| hp | procurve_switch | jg299a |
| hp | procurve_switch | je028a |
| hp | procurve_switch | je107a |
| hp | h3c_router | rt-msr2015-ac-ovs-a-h3 |
| hp | procurve_switch | jg303a |
| hp | h3c_router | rt-msr2012-ac-ovs-w-h3 |
| hp | procurve_switch | je069a |
| hp | procurve_switch | je165a |
| hp | h3c_switch | s12508 |
| hp | procurve_switch | jd241a |
| hp | procurve_switch | jd335a |
| hp | h3c_switch | s5100-50c-ei_ls-5100-50c-ei-ovs |
| hp | procurve_switch | jf430a |
| hp | h3c_switch | s9505e |
| hp | procurve_switch | jg316a |
| hp | procurve_switch | jd317a |
| hp | 3com_switch | 4210 |
| hp | h3c_router | msr_20-10 |
| hp | procurve_router | jf229a |
| hp | procurve_switch | jd337a |
| hp | h3c_router | msr_20-15 |
| hp | procurve_router | jf233a |
| hp | procurve_router | jd656a |
| hp | procurve_switch | jg251a |
| hp | procurve_router | jd432a |
| hp | procurve_switch | jc100a |
| hp | procurve_router | jd967a |
| hp | vpn_firewall_appliance | jg214a |
| hp | procurve_switch | jd305a |
| hp | 3com_switch_taa_compliant | 5500g-ei-sfp |
| hp | procurve_router | jd918a |
| hp | procurve_switch | je166a |
| hp | procurve_switch | jd334a |
| hp | h3c_router | msr_920 |
| hp | 3com_baseline_plus_switch | 2900 |
| hp | procurve_switch | jc652a |
| hp | procurve_switch | jc085a |
| hp | 3com_switch | ss4_5500-si |
| hp | 3com_switch_taa_compliant | 5500g-ei-pwr |
| hp | procurve_router | jf800a |
| hp | procurve_switch | jc099a |
| hp | 3com_switch | ss4_5500-ei |
| hp | procurve_router | jf236a |
| hp | procurve_switch | jg092a |
| hp | h3c_router | rt-msr2012-t-ac-ovs-h3 |
| hp | procurve_router | jd653a |
| hp | 3com_router | 5231 |
| hp | procurve_switch | jd374a |
| hp | procurve_router | jf812a |
| hp | procurve_router | jf804a |
| hp | procurve_switch | je071a |
| hp | procurve_switch | jc102a |
| hp | procurve_router | jc147b |
| hp | procurve_switch | jd338a |
| hp | procurve_switch | jd344a |
| hp | h3c_switch | s7506e-v |
| hp | procurve_switch | jg256a |
| hp | procurve_router | jd662a |
| hp | procurve_switch | jg225a |
| hp | procurve_switch | je094a |
| hp | procurve_switch | jd243b |
| hp | procurve_switch | je074a |
| hp | h3c_routing_switch | s9505e |
| hp | procurve_switch | jd011a |
| hp | procurve_switch | jg302a |
| hp | procurve_switch | jd240a |
| hp | h3c_router | msr_30-20_rtvz33020as |
| hp | procurve_switch | jc474a |
| hp | h3c_router | msr_30-40_poe |
| hp | procurve_switch | jd327a |
| hp | h3c_switch | s3100-26c-si_ls-s3100-26c-si-dc-ovs |
| hp | procurve_switch | jd307a |
| hp | procurve_switch | jd392a |
| hp | procurve_switch | je046a |
| hp | procurve_switch | jg242a |
| hp | 3com_router | ss4_5500g-ei |
| hp | procurve_switch | je167a |
| hp | procurve_switch | je024a |
| hp | h3c_switch | s3610-28tp_ls-3610-28tp-ovs |
| hp | 3com_switch | 4200g-ntg |
| hp | h3c_router | msr_20-13_w |
| hp | h3c_router | msr_20-13 |
| hp | procurve_switch | jd304a |
| hp | h3c_switch | s3100-26c-si_ls-s3100-26c-si-ac-ovs |
| hp | procurve_switch | jc654a |
| hp | procurve_switch | jg300a |
| hp | procurve_switch | jd243a |
| hp | procurve_switch | jd394a |
| hp | procurve_router | jd972a |
| hp | h3c_switch | s3100-8c-si_ls-s3100-8c-si-dc-ovs |
| hp | procurve_router | jf640a |
| hp | procurve_switch | jc106a |
| hp | procurve_switch | jf552a |
| hp | procurve_switch | je106a |
| hp | h3c_switch | s5120-52c-ei |
| hp | procurve_switch | je099a |
| hp | procurve_switch | jd350a |
| hp | h3c_router | rt-msr3016-ac-ovs-h3 |
| hp | procurve_router | jf813a |
| hp | 3com_switch | 4200g |
| hp | procurve_switch | jf430b |
| hp | 3com_switch | 4210-48g |
| hp | procurve_switch | jc611a |
| hp | h3c_ethernet_switch | s5500-28c-ei-dc |
| hp | h3c_switch | s5120-52p-si |
| hp | procurve_switch | jd331a |
| hp | procurve_switch | jg246a |
| hp | procurve_switch | je109a |
| hp | h3c_router | msr_30-40 |
| hp | h3c_switch | s3100-16c-si_ls-s3100-16c-si-dc-ovs |
| hp | procurve_switch | jd239a |
| hp | 3com_router | 3018 |
| hp | procurve_switch | jg349a |
| hp | procurve_switch | jd319b |
| hp | procurve_router | jf228a |
| hp | procurve_router | jd663b |
| hp | 3com_baseline_plus_switch | 2900g |
| hp | 3com_router | 5009 |
| hp | h3c_switch | s5120-48p-ei |
| hp | h3c_switch | s7503e-s |
| hp | procurve_router | jf287a |
| hp | 3com_switch | 4210_pwr |
| hp | h3c_switch | s3100-16t-si_ls-s3100-16t-si-ac-ovs |
| hp | procurve_switch | jd370a |
| hp | h3c_router | rt-msr3040-ac-poe-ovs-h3 |
| hp | 3com_switch | 4200g_pwr |
| hp | procurve_router | jd922a |
| hp | h3c_switch | s3600-28f-ei_ls-3600-28f-ei-ovs |
| hp | procurve_router | jf283a |
| hp | procurve_router | jd943a |
| hp | procurve_switch | jc655a |
| hp | h3c_switch | s5100-8p-si_ls-5100-8p-si-ovs-h3 |
| hp | procurve_switch | jg252a |
| hp | h3c_ethernet_switch | s5600-50c |
| hp | procurve_router | jd917a |
| hp | h3c_switch | s5120-28p-hpwr-si |
| hp | vpn_firewall_appliance | jd271a |
| hp | procurve_router | jf807a |
| hp | procurve_switch | jg250a |
| hp | h3c_router | msr_20-21 |
| hp | h3c_routing_switch | s12508 |
| hp | h3c_router | rt-msr2015-ac-ovs-i-h3 |
| hp | procurve_switch | je033a |
| hp | procurve_switch | jg305a |
| hp | procurve_switch | jd336a |
| hp | h3c_router | rt-msr3060-dc-ovs-h3 |
| hp | h3c_router | rt-msr3020-dc-ovs-h3 |
| hp | procurve_switch | jg350a |
| hp | h3c_ethernet_switch | s5600-50c-pwr |
| hp | procurve_switch | jg253a |
| hp | h3c_ethernet_switch | s5500-28c-pwr-si |
| hp | h3c_router | msr_30-20_poe |
| hp | procurve_switch | je023a |
| hp | procurve_router | jd663a |
| hp | procurve_router | jd944a |
| hp | procurve_router | jf285a |
| hp | procurve_router | jc150a |
| hp | h3c_ethernet_switch | s5600-26c |
| hp | h3c_router | rt-msr3016-ac-poe-ovs-h3 |
| hp | h3c_switch | s7502e |
| hp | procurve_switch | jd238b |
| hp | h3c_router | rt-msr3060-ac-ovs-h3 |
| hp | procurve_router | jf809a |
| hp | procurve_switch | jg240a |
| hp | h3c_switch | s3600-52p-pwr-ei_ls-3600-52p-pwr-ei-ovs |
| hp | procurve_switch | je090a |
| hp | 3com_switch | 4510g |
| hp | procurve_switch | jd308a |
| hp | h3c_switch | s3100-26t-si_ls-s3100-26t-si-ac-ovs |
| hp | 3com_switch | 4210_pwr_9p_taa |
| hp | h3c_router | msr_30-20 |
| hp | h3c_router | rt-msr3020-ac-poe-ovs-h3 |
| hp | h3c_switch | s3610-28f_ls-3610-28f-ovs |
| hp | 3com_switch | 4510g_pwr |
| hp | procurve_router | jc150b |
| hp | h3c_switch | s5100-16p-ei_ls-5100-16p-ei-ovs-h3 |
| hp | h3c_switch | s7503e |
| hp | procurve_switch | jg241a |
| hp | h3c_switch | s3100-16c-si_ls-s3100-16c-si-ac-ovs |
| hp | h3c_switch | s3600-52p-ei_ls-3600-52p-ei-ovs |
| hp | h3c_switch | s3610-52p_ls-3610-52p-ovs |
| hp | procurve_switch | jd354a |
| hp | procurve_switch | je005a |
| hp | procurve_switch | je068a |
| hp | procurve_switch | je026a |
| hp | procurve_router | jf231a |
| hp | h3c_router | msr_50-40 |
| hp | procurve_switch | je018a |
| hp | procurve_switch | jd373a |
| hp | procurve_router | jd921a |
| hp | procurve_switch | jg247a |
| hp | procurve_switch | je022a |
| hp | procurve_switch | jc086a |
| hp | procurve_switch | jd376a |
| hp | procurve_switch | jd242a |
| hp | procurve_switch | jd302a |
| hp | procurve_switch | jd377a |
| hp | h3c_router | rt-msr2020-ac-ovs-h3c |
| hp | procurve_router | jc149b |
| hp | procurve_router | jd935a |
| hp | procurve_switch | jd355a |
| hp | h3c_router | rt-msr3060-ac-poe-ovs-h3 |
| hp | procurve_switch | jc104a |
| hp | procurve_switch | jg239a |
| hp | procurve_switch | je097a |
| hp | procurve_switch | jc474b |
| hp | h3c_switch | s3600-28p-si_ls-3600-28p-si-ovs |
| hp | procurve_router | jf234a |
| hp | h3c_ethernet_switch | s5600-26c-pwr |
| hp | h3c_ethernet_switch | s7503e |
| hp | h3c_router | sr8812 |
| hp | procurve_switch | je067a |
| hp | 3com_switch | 4800g |
| hp | procurve_switch | jg254a |
| hp | procurve_switch | jd345a |
| hp | procurve_switch | jg236a |
| hp | 3com_router | 5232 |
| hp | 3com_router | 5642_taa |
| hp | h3c_switch | s5100-26c-pwr-ei_ls-5100-26c-pwr-ei-ovs |
| hp | procurve_switch | jg222a |
| hp | h3c_switch | s7506e |
| hp | procurve_router | jd923a |
| hp | h3c_router | sr8808 |
| hp | procurve_switch | jd009a |
| hp | 3com_router | 6040 |
| hp | procurve_switch | jd393a |
| hp | h3c_router | rt-msr2040-ac-ovs-h3 |
| hp | h3c_switch | s5820x-28s |
| hp | procurve_switch | jg237a |
| hp | h3c_routing_switch | s12518 |
| hp | procurve_switch | jc103a |
| hp | procurve_router | jd431a |
| hp | h3c_ethernet_switch | s7502e |
| hp | procurve_switch | jg307a |
| hp | procurve_switch | jg311a |
| hp | procurve_switch | jd347a |
| hp | procurve_switch | jd320b |
| hp | procurve_switch | jd391a |
| hp | procurve_switch | jd330a |
| hp | h3c_switch | s5100-16p-pwr-ei_ls-5100-16p-pwr-ei-ovs |
| hp | 3com_switch | ss4_switch_5500g-ei |
| hp | h3c_router | rt-msr2012-ac-ovs-s-h3 |
| hp | h3c_ethernet_switch | s5500-52c-pwr-ei |
| hp | h3c_router | msr5040-dc-ovs-h3c |
| hp | procurve_switch | je006a |
| hp | procurve_router | jf817a |
| hp | h3c_processing_module | msr_50_g2 |
| hp | h3c_switch | s5100-50c-pwr-ei_ls-5100-50c-pwr-ei-ovs |
| hp | procurve_router | jd946a |
| hp | procurve_switch | jc694a |
| hp | procurve_switch | jc105a |
| hp | h3c_ethernet_switch | s5500-52c-si |
| hp | procurve_router | jf284a |
| hp | procurve_switch | jg348a |
| hp | procurve_router | jf183a |
| hp | 3com_router | 5012 |
| hp | procurve_switch | je045a |
| hp | procurve_switch | jc612a |
| hp | procurve_switch | jf846a |
| hp | procurve_switch | jg243a |
| hp | h3c_router | msr_20-15_a |
| hp | procurve_switch | je048a |
| hp | procurve_switch | jg301a |
| hp | 3com_router | 5640 |
| hp | procurve_switch | jd352a |
| hp | procurve_switch | jg255a |
| hp | procurve_switch | jd349a |
| hp | h3c_switch | s3600-52p-pwr-si_ls-3600-52p-pwr-si-ovs |
| hp | procurve_switch | jg091a |
| hp | h3c_switch | s5120-52c-pwr-ei |
| hp | procurve_switch | jd353a |
| hp | procurve_switch | jd310a |
| hp | procurve_switch | jf427a |
| hp | h3c_switch | s3600-28p-pwr-si_ls-3600-28p-pwr-si-ovs |
| hp | procurve_router | jf815a |
| hp | h3c_router | msr_30-60 |
| hp | h3c_switch | s3600-28p-ei_ls-3600-28p-ei-ovs |
| hp | h3c_ethernet_switch | s7506e-v |
| hp | procurve_router | jf230a |
| hp | procurve_switch | jg258a |
| hp | 3com_taa_switch | 5500-ei |
| hp | procurve_switch | je096a |
| hp | h3c_switch | s5100-26c-ei_ls-5100-26c-ei-ovs |
| hp | h3c_switch | s5120-20p-si |
| hp | h3c_switch | s3600-28p-pwr-ei_ls-3600-28p-pwr-ei-ovs |
| hp | procurve_switch | je089a |
| hp | procurve_switch | jc691a |
| hp | vpn_firewall_appliance | jg213a |
| hp | h3c_ethernet_switch | s5500-28f-ei |
| hp | procurve_switch | jg312a |
| hp | procurve_switch | jg259a |
| hp | procurve_switch | je110a |
| hp | 3com_router | 6080 |
| hp | h3c_router | msr_30-10 |
| hp | procurve_switch | jf431a |
| hp | 3com_switch | 4500_pwr |
| hp | 3com_switch_taa_compliant | 5500g-ei |
| hp | procurve_switch | jg219a |
| hp | h3c_router | sr_20-12_w |
| hp | procurve_switch | je020a |
| hp | procurve_switch | jd238a |
| hp | h3c_ethernet_switch | s7510e |
| hp | procurve_switch | jg238a |
| hp | procurve_router | jf235a |
| hp | procurve_switch | jd007a |
| hp | procurve_switch | je164a |
| hp | procurve_switch | jf553a |
| hp | h3c_switch | s5800-32c-pwr |
| hp | 3com_router | 3041 |
| hp | h3c_switch | s5800-56c-pwr |
| hp | vpn_firewall_appliance | jd270a |
| hp | procurve_router | jd945a |
| hp | h3c_switch | s5800-60c-pwr |
| hp | procurve_switch | je016a |
| hp | procurve_switch | je019a |
| hp | procurve_switch | je169a |
| hp | h3c_router | msr_50-60 |
| hp | h3c_router | rt-msr2015-ac-ovs-iw-h3 |
| hp | h3c_router | rt-msr2015-ac-ovs-aw-h3 |
| hp | procurve_router | jc149a |
| hp | procurve_router | jc148a |
| hp | procurve_switch | jd357a |
| hp | procurve_switch | je015a |
| hp | h3c_router | msr_20-15_iw |
| hp | procurve_switch | jf430c |
| hp | procurve_switch | jd242b |
| hp | procurve_router | jc147a |
| hp | procurve_switch | jd241b |
| hp | procurve_switch | jc124a |
| hp | 3com_switch | e4210-24g-poe |
| hp | 3com_switch | ss4_5500-ei-pwr |
| hp | procurve_switch | jg315a |
| hp | h3c_ethernet_switch | s5500-28c-ei |
| hp | procurve_router | jf816a |
| hp | h3c_router | rt-msr3011-ac-ovs-h3 |
| hp | procurve_switch | jd309a |
| hp | h3c_switch | s3600-28tp-si_ls-3600-28tp-si-ovs |
| hp | procurve_switch | je105a |
| hp | procurve_switch | je027a |
| hp | procurve_switch | je095a |
| hp | h3c_router | rt-msr3040-ac-ovs-as-h3 |
| hp | procurve_switch | jc653a |
| hp | procurve_switch | jd318b |
| hp | procurve_router | jc148b |
| hp | procurve_switch | jd328a |
| hp | h3c_switch | s5120-28c-pwr-ei |
| hp | procurve_switch | jd369a |
| hp | h3c_switch | s5120-28c-ei |
| hp | procurve_switch | je072a |
| hp | procurve_switch | jd378a |
| hp | h3c_switch | s3100-52p_ls-3100-52p-ovs-h3 |
| hp | procurve_switch | je017a |
| hp | h3c_router | msr_20-12 |
| hp | h3c_ethernet_switch | s5600-26f |
| hp | procurve_switch | jd239b |
| hp | procurve_switch | jg306a |
| hp | h3c_router | msr_3016 |
| hp | 3com_baseline_plus_switch | 2900g-28hpwr |
| hp | h3c_switch | s3610-28p_ls-3610-28p-ovs |
| hp | h3c_switch | s5820x-28c |
| hp | 3com_router | 3016 |
| hp | h3c_ethernet_switch | s7506e |
| hp | procurve_switch | jc125a |
| hp | h3c_ethernet_switch | s7503e-s |
| hp | 3com_switch | 4500 |
| hp | procurve_switch | jd333a |
| hp | procurve_router | jf808a |
| hp | procurve_switch | jd303a |
| hp | procurve_switch | je070a |
| hp | procurve_switch | jf844a |
| hp | procurve_router | jd433a |
| hp | procurve_switch | je025a |
| hp | procurve_switch | je066a |
| hp | procurve_switch | jc125b |
| hp | h3c_switch | s5100-48p-si_ls-5100-48p-si-ovs-h3 |
| hp | procurve_router | jf802a |
| hp | procurve_switch | je088a |
| hp | procurve_router | jf801a |
| hp | procurve_switch | 658247-b21 |
| hp | 3com_switch | ss4_5500g-ei |
| hp | procurve_switch | jd346a |
| hp | procurve_switch | jd240b |
| hp | procurve_switch | jg374a |
| hp | 3com_switch | 4210-24g |
| hp | procurve_switch | je093a |
| hp | h3c_ethernet_switch | s5500-28c-pwr-ei |
| hp | procurve_switch | je031a |
| hp | h3c_router | msr_20-20 |
| hp | procurve_router | jd916a |
| hp | h3c_switch | s5120-28p-pwr-si |
| hp | procurve_switch | je102a |
| hp | h3c_router | rt-msr2013-ac-ovs-h3 |
| hp | procurve_switch | jd356a |
| hp | procurve_switch | jc613a |
| hp | procurve_router | jf240a |
| hp | 3com_router | 5682 |
| hp | 3com_router | 3040 |
| hp | procurve_switch | jf428a |
| hp | h3c_switch | s3100-8t-si_ls-s3100-8t-si-ac-ovs |
| hp | h3c_switch | s5120-28p-si |
| hp | procurve_switch | 658250-b21 |
| hp | procurve_switch | je104a |
| hp | 3com_router | 3036 |
| hp | h3c_ethernet_switch | s5500-52c-pwr-si |
| hp | 3com_router | 3012 |
| hp | 3com_router | 3013 |
| hp | procurve_switch | jf847a |
| hp | procurve_switch | je030a |
| hp | procurve_switch | jg221a |
| hp | procurve_switch | je073a |
| hp | h3c_switch | s5100-48p-ei_ls-5100-48p-ei-ovs |
| hp | procurve_switch | jf431c |
| hp | procurve_router | jf239a |
| hp | procurve_switch | jd008a |
| hp | procurve_switch | jg248a |
| hp | procurve_router | jd655a |
| hp | h3c_routing_switch | s9508e-v |
| hp | procurve_switch | jd325a |
| hp | procurve_router | jd664a |
| hp | procurve_switch | jc101a |
| hp | procurve_switch | jf551a |
| hp | procurve_switch | je009a |
| hp | procurve_router | jf241a |
| hp | procurve_switch | jf845a |
| hp | procurve_switch | jc124b |
| hp | h3c_switch | s5100-24p-ei_ls-5100-24p-ei-ovs |
| hp | procurve_switch | je100a |
| hp | h3c_router | rt-msr2011-ac-ovs-h3 |
| hp | h3c_routing_switch | s9512e |
| hp | procurve_switch | je108a |
| hp | h3c_high_performance_main_processing_unit | msr_50_3ge |
| hp | procurve_router | jd429b |
| hp | h3c_router | msr_20-12_t1 |
| hp | procurve_switch | jd372a |
| hp | procurve_switch | jg249a |
| hp | 3com_switch | e4510-24g |
| hp | procurve_router | jf182a |
| hp | h3c_router | msr_20-40 |
| hp | 3com_router | 5642 |
| hp | h3c_ethernet_switch | s5500-52c-ei |
| hp | h3c_switch | s5800-32f |
| hp | 3com_switch | 5500g-ei_sfp |
| hp | h3c_router | rt-msr2040-ac-ovs-h3c |
| hp | h3c_switch | s5800-56c |
| hp | procurve_switch | je021a |
| hp | procurve_switch | jg245a |
| hp | h3c_switch | s9508e-v |
| hp | procurve_switch | jd395a |
| hp | procurve_router | jf184a |
| hp | procurve_switch | je091a |
| hp | procurve_switch | jc748a |
| hp | h3c_switch | s3600-52p-si_ls-3600-52p-si-ovs |
| hp | h3c_router | msr_20-15_a_w |
| hp | procurve_switch | jd375a |
| hp | procurve_switch | je029a |
| hp | h3c_ethernet_switch | s5500-28c-si |
| hp | h3c_switch | s5100-8p-pwr-ei_ls-5100-8p-pwr-ei-ovs |
| hp | procurve_switch | jf431b |
| hp | h3c_router | sr8805 |
| hp | h3c_router | rt-msr3040-ac-ovs-h |
| hp | h3c_switch | s5120-24p-ei |
| hp | procurve_switch | jd332a |
| hp | procurve_router | jf238a |
| hp | procurve_switch | je092a |
| hp | h3c_router | msr_3010 |
| hp | procurve_router | jf806a |
| hp | 3com_router | jg005a |
| hp | procurve_switch | je047a |
| hp | procurve_router | jf814a |
| hp | procurve_switch | jg223a |
| hp | h3c_router | msr_900 |
| hp | procurve_switch | jd010a |
| hp | h3c_router | msr_30-60_poe |
| hp | h3c_router | msr_20-11 |
| hp | h3c_switch | s5800-32c |
| hp | h3c_switch | s12518 |
| hp | procurve_switch | jd329a |
| hp | procurve_router | jf237a |
| hp | procurve_switch | je007a |
| hp | h3c_router | rt-msr2013-ac-ovs-w-h3 |
| hp | procurve_switch | jd371a |
| hp | procurve_switch | jd379a |
| hp | procurve_router | jf803a |
| hp | procurve_switch | jd326a |
| hp | h3c_switch | s5100-24p-si_ls-5100-24p-si-ovs-h3 |
| hp | procurve_switch | je032a |
| hp | 3com_router | 5680 |
| hp | h3c_switch | s5100-8p-ei_ls-5100-8p-ei-ovs-h3 |
| hp | procurve_switch | jd351a |
| hp | procurve_switch | jd348a |
| hp | procurve_switch | je168a |
The HP StoreOnce D2D backup system with software before 3.0.0 has a default password of badg3r5 for the HPSupport account, which allows remote attackers to obtain administrative access and delete data via an SSH session.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storeonce_d2d | * |
| hp | storeonce_d2d | 2.1.01 |
| hp | storeonce_d2d | 2.2.10 |
| hp | storeonce_d2d | 2.2.13 |
| hp | storeonce_d2d | 2.2.16 |
| hp | storeonce_d2d | 2.2.14 |
| hp | storeonce_d2d | 2.2.00 |
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1510.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | lefthand_virtual_san_appliance_hydra_software | * |
| hp | lefthand_p4000_virtual_san_appliance | - |
| hp | lefthand_virtual_san_appliance_hydra | - |
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1866.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1869.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1870.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1892.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1896.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1897.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.20 |
| hp | network_node_manager_i | 9.0 |
| hp | network_node_manager_i | 9.10 |
LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of an unused one-time password.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | san/iq | 10.0 |
| hp | san/iq | 9.5 |
| hp | san/iq | * |
| hp | san/iq | 8.5 |
| hp | san/iq | 9.0 |
| hp | san/iq | 8.0 |
| hp | san/iq | 8.1 |
Unspecified vulnerability in HP StoreOnce D2D Backup System 1.x before 1.2.19 and 2.x before 2.3.0 allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storeonce_d2d | * |
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
HP Database and Middleware Automation (DMA) 10.x before 10.10, when SSL is used, allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | database_and_middleware_automation | 10.01 |
| hp | database_and_middleware_automation | 10.0 |
Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.20 |
| hp | sitescope | 11.21 |
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to cause a denial of service via unknown vectors, aka ZDI-CAN-1669.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 9.0.0 |
| hp | loadrunner | 9.52 |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 9.51 |
| hp | loadrunner | 9.50.0 |
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1670.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 9.0.0 |
| hp | loadrunner | 9.52 |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 9.51 |
| hp | loadrunner | 9.50.0 |
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1671.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 9.0.0 |
| hp | loadrunner | 9.52 |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 9.51 |
| hp | loadrunner | 9.50.0 |
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_diagnostics | 9.4.0.4710 |
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_diagnostics | 9.4.0.4710 |
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_diagnostics | 9.4.0.4710 |
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linux_imaging_and_printing_project | 3.12.11 |
| hp | linux_imaging_and_printing_project | 3.9.10 |
| hp | linux_imaging_and_printing_project | 3.12.10 |
| hp | linux_imaging_and_printing_project | 3.13.2 |
| hp | linux_imaging_and_printing_project | 1.0 |
| hp | linux_imaging_and_printing_project | 3.12.2 |
| hp | linux_imaging_and_printing_project | 3.13.7 |
| hp | linux_imaging_and_printing_project | 3.10.5 |
| hp | linux_imaging_and_printing_project | 3.12.9 |
| hp | linux_imaging_and_printing_project | 3.9.12 |
| hp | linux_imaging_and_printing_project | 3.13.6 |
| hp | linux_imaging_and_printing_project | 3.11.1 |
| hp | linux_imaging_and_printing_project | 3.13.4 |
| hp | linux_imaging_and_printing_project | 3.13.9 |
| hp | linux_imaging_and_printing_project | 3.10.9 |
| hp | linux_imaging_and_printing_project | 3.12.6 |
| hp | linux_imaging_and_printing_project | 3.11.3 |
| hp | linux_imaging_and_printing_project | 3.10.2 |
| hp | linux_imaging_and_printing_project | 3.10.6 |
| hp | linux_imaging_and_printing_project | 2.0 |
| hp | linux_imaging_and_printing_project | 3.11.5 |
| hp | linux_imaging_and_printing_project | 3.11.7 |
| hp | linux_imaging_and_printing_project | 3.11.10 |
| hp | linux_imaging_and_printing_project | 3.9.2 |
| hp | linux_imaging_and_printing_project | 3.9.6 |
| hp | linux_imaging_and_printing_project | 3.13.3 |
| hp | linux_imaging_and_printing_project | 3.13.5 |
| hp | linux_imaging_and_printing_project | 2.7.10 |
| hp | linux_imaging_and_printing_project | 3.9.8 |
| hp | linux_imaging_and_printing_project | 3.9.4b |
| hp | linux_imaging_and_printing_project | 3.13.8 |
| hp | linux_imaging_and_printing_project | 3.9.4 |
| hp | linux_imaging_and_printing_project | 3.11.3a |
| hp | linux_imaging_and_printing_project | 3.12.4 |
The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_bmc | * |
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 9.0.0 |
| hp | loadrunner | 9.52 |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 9.51 |
| hp | loadrunner | 9.50.0 |
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 9.0.0 |
| hp | loadrunner | 9.52 |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 9.51 |
| hp | loadrunner | 9.50.0 |
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1734.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 9.0.0 |
| hp | loadrunner | 9.52 |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 9.51 |
| hp | loadrunner | 9.50.0 |
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 9.0.0 |
| hp | loadrunner | 9.52 |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 9.51 |
| hp | loadrunner | 9.50.0 |
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1736.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 9.0.0 |
| hp | loadrunner | 9.52 |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 9.51 |
| hp | loadrunner | 9.50.0 |
Cross-site scripting (XSS) vulnerability in HP Application Lifecycle Management (ALM) Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ZDI-CAN-1565.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | application_lifecycle_management | * |
| hp | application_lifecycle_management | 11.00 |
Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_firmware | 1.50a |
| hp | integrated_lights-out_firmware | 1.15 |
| hp | integrated_lights-out_firmware | 1.40a |
| hp | integrated_lights-out_firmware | 1.15a |
| hp | integrated_lights-out_firmware | 1.41a |
| hp | integrated_lights-out_firmware | 1.10 |
| hp | integrated_lights-out_firmware | 1.26a |
| hp | integrated_lights-out_firmware | 1.16a |
| hp | integrated_lights-out_firmware | 1.27a |
| hp | integrated_lights-out_firmware | 1.20a |
| hp | integrated_lights-out_firmware | 1.42a |
| hp | integrated_lights-out_firmware | * |
| hp | integrated_lights-out_firmware | 1.50 |
The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 5500-48g-poe_ei_switch | jd376a |
| hp | 3com_router | 3018 |
| hp | h3c_ethernet_switch | s5600-26c-pwr |
| hp | 5500-24g-sfp_dc_ei_switch | jd379a |
| hp | 3com_router | 5642 |
| hp | h3c_ethernet_switch | s5600-50c-pwr |
| hp | 5500-24g_si_switch | jd369a |
| hp | 5500-48g_si_switch | jd370a |
| hp | 3com_router | 5232 |
| hp | 3com_router | 5642_taa |
| hp | 5500-24g-4sfp_hi_switch_with_2_interface_slots | jg311a |
| hp | 5500-24g_ei_switch | jd377a |
| hp | 3com_router | 5012 |
| hp | h3c_ethernet_switch | s5600-26c |
| hp | 5500-48g-poe_si_switch | jd372a |
| hp | 5500-24g_dc_ei_switch | jd373a |
| hp | 5500-48g_ei_switch | jd375a |
| hp | h3c_ethernet_switch | s5600-26f |
| hp | 3com_router | 5682 |
| hp | 5500-24g-sfp_ei_switch | jd374a |
| hp | 5500g-24_ei_sfp_no_power_supply_unit_switch | jf553a |
| hp | 5500-24g-poe_ei_switch | jd378a |
| hp | h3c_ethernet_switch | s5600-50c |
| hp | 5500g-48_ei_10/100/1000_no_power_supply_unit_switch | jf552a |
| hp | 5500-24g-poe_si_switch | jd371a |
| hp | 5500g-24_ei_10/100/1000_no_power_supply_unit_switch | jf551a |
| hp | 3com_router | 3012 |
Unspecified vulnerability on the HP LaserJet Pro P1102w, P1606dn, M1212nf MFP, M1213nf MFP, M1214nfh MFP, M1216nfh MFP, M1217nfw MFP, M1218nfs MFP, and CP1025nw with firmware before 2013-07-26 20130703 allows remote attackers to modify data via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_m1216nfh_multifunction_printer_firmware | 20130703 |
| hp | laserjet_pro_m1213nf_mfp_firmware | 20130703 |
| hp | hotspot_laserjet_pro_m1218nfs_mfp_firmware | 20130703 |
| hp | laserjet_pro_m1214nfh_mfp_firmware | 20130703 |
| hp | laserjet_pro_cp1025nw_firmware | 20130703 |
| hp | laserjet_pro_p1606dn_firmware | 20130212 |
| hp | laserjet_pro_m1217nfw_multifunction_printer_firmware | 20130703 |
| hp | laserjet_pro_p1102w_firmware | 20130703 |
| hp | laserjet_pro_m1212nf_mfp_firmware | 20130703 |
Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31 and Service Center 6.2.8 allows remote attackers to obtain privileged access via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 7.11 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
| hp | service_center | 6.2.8 |
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_manager | 4.0 |
| hp | identity_driven_manager | 4.0 |
| hp | procurve_manager | 3.20 |
HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, aka ZDI-CAN-1760. NOTE: this is probably a duplicate of CVE-2007-1036, CVE-2010-0738, and/or CVE-2012-0874.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_manager | 4.0 |
| hp | application_lifecycle_management | - |
| hp | identity_driven_manager | 4.0 |
| hp | procurve_manager | 3.20 |
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_manager | 4.0 |
| hp | identity_driven_manager | 4.0 |
| hp | procurve_manager | 3.20 |
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_manager | 4.0 |
| hp | identity_driven_manager | 4.0 |
| hp | procurve_manager | 3.20 |
The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | procurve_manager | 4.0 |
| hp | identity_driven_manager | 4.0 |
| hp | procurve_manager | 3.20 |
Cross-site scripting (XSS) vulnerability in HP XP P9000 Command View Advanced Edition Suite Software 7.x before 7.5.0-02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp_9000_command_view | 7.4.0 |
| hp | xp_9000_command_view | 7.1.1 |
| hp | xp_9000_command_view | 7.4.1 |
| hp | xp_9000_command_view | 7.3.0 |
| hp | xp_9000_command_view | 7.0.0 |
| hp | xp_9000_command_view | 7.3.1 |
| hp | xp_9000_command_view | 7.5.0 |
| hp | xp_9000_command_view | 7.2.0 |
| hp | xp_9000_command_view | 7.1.0 |
Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 10.0 allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_sso_agent_option | 10.0 |
| hp | icewall_sso_agent_option | 8.0 |
Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall SSO Agent Option 8.0 through 10.0, IceWall SSO Smart Device Option 10.0, and IceWall File Manager 3.0 through SP4 allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_smart_device_option | 10.0 |
| hp | icewall_sso_agent | 8.0.1 |
| hp | icewall_sso_agent | 10.0 |
| hp | icewall_file_manager | 3.0 |
| hp | icewall_sso_agent | 8.0 |
| hp | icewall_sso_agent_option | 10.0 |
| hp | icewall_sso_agent_option | 8.0 |
Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 10.0 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_sso_agent_option | 10.0 |
| hp | icewall_sso_agent_option | 8.0 |
Unspecified vulnerability in HP IceWall SSO 8.0 through 10.0, IceWall SSO Agent Option 8.0 through 10.0, IceWall SSO Smart Device Option 10.0, IceWall SSO SAML2 Agent Option 8.0, IceWall SSO JAVA Agent Library 8.0 through 10.0, IceWall Federation Agent 3.0, and IceWall File Manager 3.0 through SP4 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_smart_device_option | 10.0 |
| hp | icewall_sso_agent | 8.0.1 |
| hp | icewall_federation_agent | 8.0 |
| hp | icewall_sso_agent | 10.0 |
| hp | icewall_file_manager | 3.0 |
| hp | icewall_java_agent_library | 8.0 |
| hp | icewall_java_agent_library | 10.0 |
| hp | icewall_sso_saml2_option | 8.0 |
| hp | icewall_sso_agent | 8.0 |
| hp | icewall_sso_agent_option | 10.0 |
| hp | icewall_sso_agent_option | 8.0 |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 3.0.2 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 7.1 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 6.3.0 |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 6.3.1 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 6.2.2.7 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 6.2.0 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.15 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.14 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 3.0.1 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1606.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 5.1 |
| hp | intelligent_management_center | 5.2 |
| hp | imc_branch_intelligent_management_system_software_module | 5.2 |
| hp | imc_branch_intelligent_management_system_software_module | 5.1 |
| hp | intelligent_management_center | 5.0 |
| hp | intelligent_management_center | * |
| hp | imc_branch_intelligent_management_system_software_module | 5.0 |
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1607.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 5.1 |
| hp | intelligent_management_center | 5.2 |
| hp | imc_branch_intelligent_management_system_software_module | 5.2 |
| hp | imc_branch_intelligent_management_system_software_module | 5.1 |
| hp | intelligent_management_center | 5.0 |
| hp | intelligent_management_center | * |
| hp | imc_branch_intelligent_management_system_software_module | 5.0 |
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-1644.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | imc_service_operation_management_software_module | - |
| hp | intelligent_management_center | * |
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to bypass intended access restrictions via unknown vectors, aka ZDI-CAN-1645.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | imc_service_operation_management_software_module | - |
| hp | intelligent_management_center | * |
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | imc_service_operation_management_software_module | - |
| hp | intelligent_management_center | * |
SQL injection vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZDI-CAN-1664.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | imc_service_operation_management_software_module | - |
| hp | intelligent_management_center | * |
HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices do not properly encrypt PDF documents, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_m4555f | - |
| hp | laserjet_m725f | - |
| hp | color_laserjet_cm4540fskm | - |
| hp | color_laserjet_m575f | - |
| hp | color_laserjet_m775z | - |
| hp | laserjet_m4555h | - |
| hp | laserjet_m525f | - |
| hp | color_laserjet_m575dn | - |
| hp | color_laserjet_m775z+ | - |
| hp | laserjet_m725z+ | - |
| hp | color_laserjet_cm4540f | - |
| hp | color_laserjet_m775dn | - |
| hp | laserjet_m525dn | - |
| hp | laserjet_m725z | - |
| hp | laserjet_m4555 | - |
| hp | color_laserjet_cm4540 | - |
| hp | laserjet_enterprise_color_flow_m575c | - |
| hp | laserjet_m4555fskm | - |
| hp | laserjet_m725dn | - |
| hp | scanjet_enterprise_8500fn1 | - |
| hp | color_laserjet_m775f | - |
| hp | laserjet_flow_m525c | - |
HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices allow local users to read images of arbitrary scanned documents via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_m4555f | - |
| hp | laserjet_m725f | - |
| hp | color_laserjet_cm4540fskm | - |
| hp | color_laserjet_m575f | - |
| hp | color_laserjet_m775z | - |
| hp | laserjet_m4555h | - |
| hp | laserjet_m525f | - |
| hp | color_laserjet_m575dn | - |
| hp | color_laserjet_m775z+ | - |
| hp | laserjet_m725z+ | - |
| hp | color_laserjet_cm4540f | - |
| hp | color_laserjet_m775dn | - |
| hp | laserjet_m525dn | - |
| hp | laserjet_m725z | - |
| hp | laserjet_m4555 | - |
| hp | color_laserjet_cm4540 | - |
| hp | laserjet_enterprise_color_flow_m575c | - |
| hp | laserjet_m4555fskm | - |
| hp | laserjet_m725dn | - |
| hp | scanjet_enterprise_8500fn1 | - |
| hp | color_laserjet_m775f | - |
| hp | laserjet_flow_m525c | - |
HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.32 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.32 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.32 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.32 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
Unspecified vulnerability in the client component in HP Application LifeCycle Management (ALM) before 11 p11 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1327.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | application_lifecycle_management | * |
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.10 |
| hp | sitescope | 10.11 |
| hp | sitescope | 11.01 |
| hp | sitescope | 11.12 |
| hp | sitescope | 11.11 |
| hp | sitescope | 11.20 |
| hp | sitescope | 10.13 |
| hp | sitescope | 11.1 |
| hp | sitescope | 11.21 |
Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | alm_synchronizer | * |
| hp | alm_synchronizer | 1.30 |
| hp | alm_synchronizer | 1.20 |
| hp | alm_synchronizer | 1.10 |
| hp | alm_synchronizer | 1.40 |
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 9.0.0 |
| hp | loadrunner | 9.52 |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 9.51 |
| hp | loadrunner | 9.50.0 |
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 9.0.0 |
| hp | loadrunner | 9.52 |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 9.51 |
| hp | loadrunner | 9.50.0 |
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 9.0.0 |
| hp | loadrunner | 9.52 |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 9.51 |
| hp | loadrunner | 9.50.0 |
Unspecified vulnerability in HP and H3C VPN Firewall Module products SECPATH1000FE before 5.20.R3177 and SECBLADEFW before 5.20.R3177 allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | secpath1000fe | 5.20 |
| hp | 5820_vpn_firewall_module | jd255a |
| hp | 9500_vpn_firewall_module | jd245a |
| hp | s1000-e_vpn_firewall_appliance | jd272a |
| h3c | sr88_firewall_processing_module | 0231a88l |
| h3c | s5820_secblade_vpn_firewall_module | 0231a94j |
| hp | 12500_vpn_firewall_module | jc635a |
| h3c | secpath1000fe | 5.20 |
| hp | secbladefw | 5.20 |
| h3c | f1000-e_vpn_firewall | 0235a26g |
| h3c | sr66_gigabit_firewall_module | 0231a88a |
| hp | 6600_firewall_processing_rtr_module | jd250a |
| h3c | s7500e_secblade_vpn_firewall_module | 0231a832 |
| h3c | s9500e_secblade_vpn_firewall_module | 0231a0av |
| hp | 8800_firewall_processing_module | jd251a |
| h3c | secbladefw | 5.20 |
| hp | 10500/7500_advanced_vpn_firewall_module | jd249a |
Unspecified vulnerability in dbd_manager in LeftHand OS before 11.0 in HP StoreVirtual 4000 and StoreVirtual VSA Software (formerly LeftHand Virtual SAN Appliance) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1509.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storevirtual_virtual_storage_appliance | - |
| hp | lefthand | 8.1 |
| hp | storevirtual_4000 | - |
| hp | lefthand | 8.5 |
| hp | lefthand | 9.0 |
| hp | lefthand | 9.5 |
| hp | lefthand | 10 |
| hp | lefthand | * |
Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_firmware | 1.16a |
| hp | integrated_lights-out_4 | - |
| hp | integrated_lights-out_firmware | 1.15 |
| hp | integrated_lights-out_firmware | 1.20a |
| hp | integrated_lights-out_firmware | 1.15a |
| hp | integrated_lights-out_firmware | * |
| hp | integrated_lights-out_firmware | 1.10 |
| hp | integrated_lights-out_firmware | 1.26a |
Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_firmware | 1.16a |
| hp | integrated_lights-out_4 | - |
| hp | integrated_lights-out_firmware | 1.15 |
| hp | integrated_lights-out_firmware | 1.20a |
| hp | integrated_lights-out_firmware | 1.15a |
| hp | integrated_lights-out_firmware | * |
| hp | integrated_lights-out_firmware | 1.10 |
| hp | integrated_lights-out_firmware | 1.26a |
Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 9.32 |
| hp | service_manager | 7.11 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
| hp | service_center | 6.2.8 |
Cross-site scripting (XSS) vulnerability on HP Officejet Pro 8500 (aka A909) All-in-One printers allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | officejet_pro_8500 | cb025a |
| hp | officejet_pro_8500 | cb862a |
| hp | officejet_pro_8500 | cb793a |
| hp | officejet_pro_8500 | cb794a |
| hp | officejet_pro_8500_firmware | - |
| hp | officejet_pro_8500 | cb023a |
| hp | officejet_pro_8500 | cb874a |
| hp | officejet_pro_8500 | cn539a |
| hp | officejet_pro_8500 | cb022a |
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 2.0.2 |
| hp | system_management_homepage | 2.1.6 |
| hp | system_management_homepage | 2.1.8-177 |
| hp | system_management_homepage | 3.0.1.73 |
| hp | system_management_homepage | 2.1.10-186 |
| hp | system_management_homepage | 3.0.2-77 |
| hp | system_management_homepage | 3.0.2 |
| hp | system_management_homepage | 2.1.3.132 |
| hp | system_management_homepage | 7.1 |
| hp | system_management_homepage | 2.1.15-210 |
| hp | system_management_homepage | 2.1.8.179 |
| hp | system_management_homepage | 2.1.11-197 |
| hp | system_management_homepage | 2.1.4 |
| hp | system_management_homepage | 2.1.10 |
| hp | system_management_homepage | 3.0.0.64 |
| hp | system_management_homepage | 2.1 |
| hp | system_management_homepage | 2.1.0-118 |
| hp | system_management_homepage | 2.0.1.104 |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 2.0.0 |
| hp | system_management_homepage | 3.0.1-73 |
| hp | system_management_homepage | 2.1.0-103(a) |
| hp | system_management_homepage | 6.3.0 |
| hp | system_management_homepage | 7.2.1 |
| hp | system_management_homepage | 2.1.5-146 |
| hp | system_management_homepage | 2.1.5.146 |
| hp | system_management_homepage | 2.1.11.197 |
| hp | system_management_homepage | 6.3.1 |
| hp | system_management_homepage | 2.0.2.106 |
| hp | system_management_homepage | 6.1.0.102 |
| hp | system_management_homepage | 2.1.9 |
| hp | system_management_homepage | 2.1.6-156 |
| hp | system_management_homepage | 2.1.6.156 |
| hp | system_management_homepage | 2.1.0-109 |
| hp | system_management_homepage | 3.0.2.77 |
| hp | system_management_homepage | 2.1.12-118 |
| hp | system_management_homepage | * |
| hp | system_management_homepage | 2.1.2-127 |
| hp | system_management_homepage | 2.1.11 |
| hp | system_management_homepage | 6.2.2.7 |
| hp | system_management_homepage | 2.1.7-168 |
| hp | system_management_homepage | 2.1.7.168 |
| hp | system_management_homepage | 6.2.0 |
| hp | system_management_homepage | 2.1.5 |
| hp | system_management_homepage | 2.1.0-103 |
| hp | system_management_homepage | 2.1.12-200 |
| hp | system_management_homepage | 6.0.0-95 |
| hp | system_management_homepage | 6.1 |
| hp | system_management_homepage | 2.0.1 |
| hp | system_management_homepage | 2.1.7 |
| hp | system_management_homepage | 2.1.15 |
| hp | system_management_homepage | 2.1.14.20 |
| hp | system_management_homepage | 2.1.0.121 |
| hp | system_management_homepage | 2.1.9-178 |
| hp | system_management_homepage | 2.1.10.186 |
| hp | system_management_homepage | 2.2.6 |
| hp | system_management_homepage | 6.0.0.96 |
| hp | system_management_homepage | 6.1.0-103 |
| hp | system_management_homepage | 2.1.4-143 |
| hp | system_management_homepage | 2.1.14 |
| hp | system_management_homepage | 2.1.2 |
| hp | system_management_homepage | 2.1.8 |
| hp | system_management_homepage | 2.1.12.201 |
| hp | system_management_homepage | 2.1.2.127 |
| hp | system_management_homepage | 3.0.1 |
| hp | system_management_homepage | 2.1.1 |
| hp | system_management_homepage | 2.1.4.143 |
| hp | system_management_homepage | 2.1.15.210 |
| hp | system_management_homepage | 3.0.0 |
| hp | system_management_homepage | 3.0.0-68 |
| hp | system_management_homepage | 2.1.3 |
| hp | system_management_homepage | 2.2.8 |
| hp | system_management_homepage | 6.0 |
| hp | system_management_homepage | 7.2 |
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| isc | bind | 9.9.1 |
| opensuse | opensuse | 11.4 |
| isc | bind | 9.7.1 |
| isc | dnsco_bind | 9.9.4 |
| freebsd | freebsd | 8.3 |
| isc | bind | 9.7.3 |
| isc | bind | 9.9.0 |
| isc | bind | 9.9.2 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| isc | bind | 9.8.1 |
| slackware | slackware_linux | 12.2 |
| redhat | enterprise_linux | 6.0 |
| mandriva | enterprise_server | 5.0 |
| slackware | slackware_linux | 13.0 |
| freebsd | freebsd | 8.1 |
| isc | bind | 9.8.4 |
| redhat | enterprise_linux | 5 |
| isc | bind | 9.8.2 |
| isc | bind | 9.7.5 |
| isc | bind | 9.7.2 |
| isc | bind | 9.9.3 |
| freebsd | freebsd | 8.0 |
| slackware | slackware_linux | 13.1 |
| isc | bind | 9.7.0 |
| isc | bind | 9.7.6 |
| isc | bind | 9.8.5 |
| isc | bind | 9.8.3 |
| freebsd | freebsd | 9.1 |
| hp | hp-ux | b.11.31 |
| freebsd | freebsd | 9.2 |
| slackware | slackware_linux | 12.1 |
| isc | bind | 9.7.4 |
| isc | bind | 9.8.6 |
| slackware | slackware_linux | 13.37 |
| isc | bind | 9.7.7 |
| fedoraproject | fedora | 18 |
| mandriva | business_server | 1.0 |
| novell | suse_linux | 11 |
| freebsd | freebsd | 9.0 |
| isc | bind | 9.8.0 |
| freebsd | freebsd | 8.4 |
| freebsd | freebsd | 8.2 |
| fedoraproject | fedora | 19 |
| isc | dnsco_bind | 9.9.3 |
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_supplementary | 6.0 |
| hp | jre | * |
| redhat | enterprise_linux_hpc_node_supplementary | 6.0 |
| redhat | enterprise_linux_server_supplementary_aus | 6.5 |
| redhat | enterprise_linux_desktop_supplementary | 6.0 |
| hp | jdk | * |
| redhat | enterprise_linux_server_supplementary_eus | 6.5.z |
| redhat | enterprise_linux_server_supplementary | 5.0 |
| redhat | enterprise_linux_workstation_supplementary | 6.0 |
| oracle | javafx | 2.2.45 |
| redhat | enterprise_linux_desktop_supplementary | 5.0 |
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_supplementary | 6.0 |
| hp | jre | * |
| redhat | enterprise_linux_hpc_node_supplementary | 6.0 |
| redhat | enterprise_linux_server_supplementary_aus | 6.5 |
| redhat | enterprise_linux_desktop_supplementary | 6.0 |
| hp | jdk | * |
| redhat | enterprise_linux_server_supplementary_eus | 6.5.z |
| redhat | enterprise_linux_server_supplementary | 5.0 |
| redhat | enterprise_linux_workstation_supplementary | 6.0 |
| oracle | javafx | 2.2.45 |
| redhat | enterprise_linux_desktop_supplementary | 5.0 |
Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_supplementary | 6.0 |
| hp | jdk | * |
| redhat | enterprise_linux_server_supplementary_eus | 6.5.z |
| hp | jre | * |
| redhat | enterprise_linux_server_supplementary | 5.0 |
| redhat | enterprise_linux_hpc_node_supplementary | 6.0 |
| redhat | enterprise_linux_server_supplementary_aus | 6.5 |
| redhat | enterprise_linux_workstation_supplementary | 6.0 |
| redhat | enterprise_linux_desktop_supplementary | 5.0 |
| redhat | enterprise_linux_desktop_supplementary | 6.0 |
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_supplementary | 6.0 |
| hp | jre | * |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.5.0 |
| redhat | enterprise_linux_hpc_node_supplementary | 6.0 |
| redhat | enterprise_linux_server_supplementary_aus | 6.5 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_desktop_supplementary | 6.0 |
| hp | jdk | * |
| redhat | enterprise_linux_server_supplementary_eus | 6.5.z |
| oracle | jre | 1.5.0 |
| redhat | enterprise_linux_server_supplementary | 5.0 |
| redhat | enterprise_linux_workstation_supplementary | 6.0 |
| redhat | enterprise_linux_desktop_supplementary | 5.0 |
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | 7.2.2 |
| hp | system_management_homepage | 7.1 |
| hp | system_management_homepage | 7.2.1 |
| hp | system_management_homepage | 7.2 |
Unspecified vulnerability in the Archive Query Server in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, and 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1666.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | application_information_optimizer | 6.3 |
| hp | application_information_optimizer | 6.4 |
| hp | application_information_optimizer | 7.0 |
| hp | application_information_optimizer | 6.2 |
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_orchestration | * |
| hp | operations_orchestration | 7.2 |
| hp | operations_orchestration | 7.1 |
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_orchestration | * |
| hp | operations_orchestration | 7.2 |
| hp | operations_orchestration | 7.1 |
Unspecified vulnerability on HP LaserJet M1522n and M2727; LaserJet Pro 100, 300, 400, CM1415fnw, CP1*, M121*, M1536dnf, and P1*; Color LaserJet CM* and CP*; and TopShot LaserJet Pro M275 printers allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_cp1525nw_color_printer | ce875a |
| hp | laserjet_pro_m1217nfw_mfp | ce844a |
| hp | laserjet_pro_400_color_printer_m451 | ce957a |
| hp | color_laserjet_cm2320n_multifunction_printer | cc434a |
| hp | color_laserjet_cp5225 | ce711a |
| hp | color_laserjet_cp1515 | cc377a |
| hp | color_laserjet_cp5225 | ce712a |
| hp | laserjet_pro_300_color_printer_m351 | ce955a |
| hp | laserjet_pro_p1102 | ce658a |
| hp | laserjet_pro_400_color_mfp_m475 | ce863a |
| hp | laserjet_pro_cp1025nw | ce918a |
| hp | laserjet_pro_cm1415fnw_color_multifunction_printer | ce862a |
| hp | laserjet_pro_300_color_mfp_printer_m375 | ce903a |
| hp | laserjet_m1522n_multifunction_printer | cc372a |
| hp | laserjet_m2727_multifunction_printer | cb532a |
| hp | laserjet_pro_m1536dnf_multifunction_printer | ce538a |
| hp | color_laserjet_cp1518 | cc378a |
| hp | laserjet_pro_m1213nf_mfp | ce845a |
| hp | hp_laserjet_pro_m1214nfh_mfp | ce842a |
| hp | laserjet_pro_p1606dn | ce749a |
| hp | laserjet_pro_p1102 | ce657a |
| hp | laserjet_pro_400_color_mfp_m475 | ce864a |
| hp | topshot_laserjet_pro_m275_mfp | cf040a |
| hp | color_laserjet_cp2025_printer | cb494a |
| hp | laserjet_pro_400_color_printer_m451 | ce956a |
| hp | laserjet_pro_m1216nfh_mfp | ce843a |
| hp | color_laserjet_cm1312nfi_multifunction_printer | cc431a |
| hp | laserjet_pro_cp1025nw | ce914a |
| hp | laserjet_pro_100_color_mfp_m175 | ce866a |
| hp | laserjet_pro_m1212nf_mfp | ce841a |
| hp | laserjet_m2727_multifunction_printer | cb533a |
| hp | color_laserjet_cp5225 | ce710a |
| hp | laserjet_pro_400_color_printer_m451 | ce958a |
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1905.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-2008.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 6.20 |
| hp | storage_data_protector | 6.21 |
Cross-site scripting (XSS) vulnerability in HP Autonomy Ultraseek 5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | autonomy_ultraseek | 5.0 |
Unspecified vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote authenticated users to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 9.20 |
| hp | service_manager_web_tier | 9.20 |
| hp | service_manager_web_client | 9.21 |
| hp | service_manager_web_tier | 9.21 |
| hp | service_manager_web_client | 9.20 |
Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 9.20 |
| hp | service_manager_web_tier | 9.20 |
| hp | service_manager_web_client | 9.21 |
| hp | service_manager_web_tier | 9.21 |
| hp | service_manager_web_client | 9.20 |
Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | b.11.23 |
| hp | hp-ux | b.11.31 |
Unspecified vulnerability in HP Security Management System 3.3.0, 3.5.0 before patch 1, and 3.6.0 before patch 2 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | security_management_system | 3.5.0 |
| hp | security_management_system | 3.6.0.1 |
| hp | security_management_system | 3.3.0 |
| hp | security_management_system | 3.6.0 |
Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.32 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
| hp | service_manager | 9.33 |
The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-1656.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | application_information_optimizer | 6.3 |
| hp | application_information_optimizer | 6.4 |
| hp | application_information_optimizer | 7.0 |
| hp | application_information_optimizer | 6.2 |
| hp | application_information_optimizer | 7.1 |
The Web Console in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, 7.0, and 7.1 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, aka ZDI-CAN-2004.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | application_information_optimizer | 6.3 |
| hp | application_information_optimizer | 6.4 |
| hp | application_information_optimizer | 7.0 |
| hp | application_information_optimizer | 6.2 |
| hp | application_information_optimizer | 7.1 |
Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insight Control Server Deployment allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_server_deployment | - |
| hp | rapid_deployment_pack | - |
Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insight Control Server Deployment allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_server_deployment | - |
| hp | rapid_deployment_pack | - |
Unspecified vulnerability in the loadFileContents function in the SOAP implementation in HP SiteScope 10.1x, 11.1x, and 11.21 allows remote attackers to read arbitrary files or cause a denial of service via unknown vectors, aka ZDI-CAN-2084.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.10 |
| hp | sitescope | 10.11 |
| hp | sitescope | 10.12 |
| hp | sitescope | 11.12 |
| hp | sitescope | 11.11 |
| hp | sitescope | 10.13 |
| hp | sitescope | 10.10 |
| hp | sitescope | 11.21 |
Unspecified vulnerability in HP Smart Update Manager 5.3.5 before build 70 on Linux allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | smart_update_manager | 5.3.5 |
Unspecified vulnerability in rpc.lockd in the NFS subsystem in HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | b.11.11 |
| hp | hp-ux | b.11.23 |
Unspecified vulnerability in HP Unified Functional Testing before 12.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1932.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | unified_functional_testing | 11.0 |
| hp | unified_functional_testing | * |
Unspecified vulnerability in HP StoreOnce Virtual Storage Appliance (VSA) before 3.7.2, StoreOnce 26xx and 4210 iSCSI Backup System before 3.9.0, StoreOnce 4210 FC Backup System before 3.9.0, and StoreOnce 4xxx Backup System before 3.9.0 allows remote attackers to obtain sensitive information or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storeonce_4210_iscsi_backup_system | * |
| hp | storeonce_4420_backup_system | * |
| hp | storeonce_4430_backup_system | * |
| hp | storeonce_virtual_storage_appliance | * |
| hp | storeonce_2610_iscsi_backup_system | * |
| hp | storeonce_2620_iscsi_backup_system | * |
| hp | storeonce_4210_fc_backup_system | * |
| hp | storeonce_4220_backup_system | * |
Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | database_and_middleware_automation | 10.10 |
| hp | database_and_middleware_automation | 10.01 |
| hp | database_and_middleware_automation | 10.0 |
| hp | database_and_middleware_automation | 10.20 |
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.0.0.0 |
| hp | loadrunner | * |
| hp | loadrunner | 11.50 |
| hp | loadrunner | 11.51 |
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via unknown vectors, aka ZDI-CAN-2042.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_configuration_management_database | 9.05 |
| hp | universal_configuration_management_database | 10.10 |
| hp | universal_configuration_management_database | 10.01 |
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1977.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_configuration_management_database | 10.10 |
| hp | universal_configuration_management_database | 10.01 |
Unspecified vulnerability in HP Array Configuration Utility, Array Diagnostics Utility, ProLiant Array Diagnostics, and SmartSSD Wear Gauge Utility 9.40 and earlier allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | array_diagnostics_utility | * |
| hp | smartssd_wear_gauge_utility | * |
| hp | proliant_array_diagnostics | * |
| hp | array_configuration_utility | * |
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.20 |
| hp | network_node_manager_i | 9.03 |
| hp | network_node_manager_i | 9.01 |
| hp | network_node_manager_i | 9.0 |
| hp | network_node_manager_i | 9.10 |
| hp | network_node_manager_i | 9.02 |
Unspecified vulnerability in HP HP-UX Whitelisting (aka WLI) before A.01.02.02 on HP-UX B.11.31 allows local users to bypass intended access restrictions via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux_whitelisting | * |
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0, 9.10, and 9.20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.20 |
| hp | network_node_manager_i | 9.0 |
| hp | network_node_manager_i | 9.10 |
Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_virtualization | 3.0 |
Cross-site scripting (XSS) vulnerability in the Mobility Web Client and Service Request Catalog (SRC) components in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 9.32 |
| hp | service_manager | 7.21 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
| hp | service_manager | 9.33 |
base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file.
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linux_imaging_and_printing_project | 3.12.11 |
| hp | linux_imaging_and_printing_project | 3.9.10 |
| hp | linux_imaging_and_printing_project | 3.12.10 |
| hp | linux_imaging_and_printing_project | 3.13.2 |
| hp | linux_imaging_and_printing_project | * |
| hp | linux_imaging_and_printing_project | 3.13.10 |
| hp | linux_imaging_and_printing_project | 3.12.2 |
| hp | linux_imaging_and_printing_project | 3.13.7 |
| hp | linux_imaging_and_printing_project | 3.10.5 |
| hp | linux_imaging_and_printing_project | 3.11.12 |
| hp | linux_imaging_and_printing_project | 3.12.9 |
| hp | linux_imaging_and_printing_project | 3.9.12 |
| hp | linux_imaging_and_printing_project | 3.13.6 |
| hp | linux_imaging_and_printing_project | 3.11.1 |
| hp | linux_imaging_and_printing_project | 3.13.4 |
| hp | linux_imaging_and_printing_project | 3.13.9 |
| hp | linux_imaging_and_printing_project | 3.10.9 |
| hp | linux_imaging_and_printing_project | 3.12.6 |
| hp | linux_imaging_and_printing_project | 3.11.3 |
| hp | linux_imaging_and_printing_project | 3.10.2 |
| hp | linux_imaging_and_printing_project | 3.10.6 |
| hp | linux_imaging_and_printing_project | 3.11.5 |
| hp | linux_imaging_and_printing_project | 3.11.7 |
| hp | linux_imaging_and_printing_project | 3.11.10 |
| hp | linux_imaging_and_printing_project | 3.9.2 |
| hp | linux_imaging_and_printing_project | 3.9.6 |
| hp | linux_imaging_and_printing_project | 3.13.3 |
| hp | linux_imaging_and_printing_project | 3.13.5 |
| hp | linux_imaging_and_printing_project | 3.9.8 |
| hp | linux_imaging_and_printing_project | 3.9.4b |
| hp | linux_imaging_and_printing_project | 3.13.8 |
| hp | linux_imaging_and_printing_project | 3.9.4 |
| hp | linux_imaging_and_printing_project | 3.11.3a |
| hp | linux_imaging_and_printing_project | 3.12.4 |
upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linux_imaging_and_printing_project | 3.12.11 |
| hp | linux_imaging_and_printing_project | 3.9.10 |
| hp | linux_imaging_and_printing_project | 3.12.10 |
| hp | linux_imaging_and_printing_project | 3.13.2 |
| hp | linux_imaging_and_printing_project | 3.13.10 |
| hp | linux_imaging_and_printing_project | 3.12.2 |
| hp | linux_imaging_and_printing_project | 3.13.7 |
| hp | linux_imaging_and_printing_project | 3.10.5 |
| hp | linux_imaging_and_printing_project | 3.11.12 |
| hp | linux_imaging_and_printing_project | 3.12.9 |
| hp | linux_imaging_and_printing_project | 3.9.12 |
| hp | linux_imaging_and_printing_project | 3.13.6 |
| hp | linux_imaging_and_printing_project | 3.11.1 |
| hp | linux_imaging_and_printing_project | 3.13.4 |
| hp | linux_imaging_and_printing_project | 3.13.9 |
| hp | linux_imaging_and_printing_project | 3.10.9 |
| hp | linux_imaging_and_printing_project | 3.12.6 |
| hp | linux_imaging_and_printing_project | 3.11.3 |
| hp | linux_imaging_and_printing_project | 3.10.2 |
| hp | linux_imaging_and_printing_project | 3.10.6 |
| hp | linux_imaging_and_printing_project | 3.11.5 |
| hp | linux_imaging_and_printing_project | 3.11.7 |
| hp | linux_imaging_and_printing_project | 3.11.10 |
| hp | linux_imaging_and_printing_project | 3.9.2 |
| hp | linux_imaging_and_printing_project | 3.9.6 |
| hp | linux_imaging_and_printing_project | 3.13.3 |
| hp | linux_imaging_and_printing_project | 3.13.5 |
| hp | linux_imaging_and_printing_project | 3.9.8 |
| hp | linux_imaging_and_printing_project | 3.9.4b |
| hp | linux_imaging_and_printing_project | 3.13.8 |
| hp | linux_imaging_and_printing_project | 3.9.4 |
| hp | linux_imaging_and_printing_project | 3.11.3a |
| hp | linux_imaging_and_printing_project | 3.12.4 |
Cross-site request forgery (CSRF) vulnerability in html/json.html on HP 2620 switches allows remote attackers to hijack the authentication of administrators for requests that change an administrative password via the setPassword method.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 2620-24-poe+_switch | - |
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect availability via unknown vectors related to JavaFX.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_supplementary | 6.0 |
| hp | jre | * |
| redhat | enterprise_linux_hpc_node_supplementary | 6.0 |
| redhat | enterprise_linux_server_supplementary_aus | 6.5 |
| redhat | enterprise_linux_desktop_supplementary | 6.0 |
| hp | jdk | * |
| redhat | enterprise_linux_server_supplementary_eus | 6.5.z |
| redhat | enterprise_linux_server_supplementary | 5.0 |
| redhat | enterprise_linux_workstation_supplementary | 6.0 |
| oracle | javafx | 2.2.45 |
| redhat | enterprise_linux_desktop_supplementary | 5.0 |
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0424.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_supplementary | 6.0 |
| hp | jre | * |
| oracle | jdk | 1.6.0 |
| redhat | enterprise_linux_hpc_node_supplementary | 6.0 |
| redhat | enterprise_linux_server_supplementary_aus | 6.5 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_desktop_supplementary | 6.0 |
| hp | jdk | * |
| redhat | enterprise_linux_server_supplementary_eus | 6.5.z |
| redhat | enterprise_linux_server_supplementary | 5.0 |
| redhat | enterprise_linux_workstation_supplementary | 6.0 |
| redhat | enterprise_linux_desktop_supplementary | 5.0 |
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| debian | debian_linux | 7.0 |
| oracle | jdk | 1.8.0 |
| hp | hp-ux | b.11.23 |
| hp | hp-ux | b.11.31 |
| oracle | jdk | 1.7.0 |
| oracle | jre | 1.8.0 |
Unspecified vulnerability in HP IceWall Identity Manager 4.0 through SP1 and 5.0 and IceWall SSO 10.0 Password Reset Option, when Apache Commons FileUpload is used, allows remote authenticated users to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_sso_password_reset_option | 10.0 |
| hp | icewall_identity_manager | 4.0 |
| hp | icewall_identity_manager | 5.0 |
The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_2_firmware | 1.30 |
| hp | integrated_lights-out_2_firmware | 1.00 |
| hp | integrated_lights-out_2_firmware | 1.10 |
| hp | integrated_lights-out_2_firmware | 1.20 |
| hp | integrated_lights-out_2_firmware | 2.12 |
| hp | integrated_lights-out_2_firmware | 1.75 |
| hp | integrated_lights-out_2_firmware | 2.15 |
| hp | integrated_lights-out_2_firmware | 1.70 |
| hp | integrated_lights-out_2_firmware | * |
| hp | integrated_lights-out_2_firmware | 2.22 |
| hp | integrated_lights-out_2_firmware | 2.20 |
Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | 1.0 |
| hp | oneview | 1.01 |
Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and 8Gb Simple SAN Connection Kit with firmware before 8.0.14.08.00 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sn6000_stackable_8gb_12-port_single_power_fibre_channel_switch | bk780a |
| hp | sn6000_stackable_8gb_24-port_single_power_fibre_channel_switch | aw575b |
| hp | 8gb_simple_san_connection_kit | ak241b |
| hp | sn6000_stackable_8gb_24-port_dual_power_fibre_channel_switch | aw576b |
| hp | sn6000_stackable_8gb_12-port_single_power_fibre_channel_switch | bk780b |
| hp | sn6000_stackable_8gb_24-port_dual_power_fibre_channel_switch | aw576a |
| hp | hp_h-series_fibre_channel_switch_firmware | * |
| hp | sn6000_stackable_8gb_24-port_single_power_fibre_channel_switch | aw575a |
| hp | 8/20q_fibre_channel_switch_16_port | ak242b |
| hp | 8/20q_fibre_channel_switch_8_port | aq233b |
| hp | 8/20q_fibre_channel_switch_16_port | ak242a |
| hp | 8/20q_fibre_channel_switch_8_port | aq233a |
| hp | 8gb_simple_san_connection_kit | ak241a |
Unspecified vulnerability in HP IceWall SSO 10.0 Dfw and IceWall MCRP 2.1 and 3.0 allows remote attackers to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_sso | 10.0 |
| hp | icewall_mcrp | 3.0 |
| hp | icewall_mcrp | 2.1 |
Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVirtual VSA 9.5 through 11.0 allows remote attackers to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_management_software | 9.5 |
| hp | storevirtual_4330fc | - |
| hp | storage_management_software | 11.0 |
| hp | storevirtual_4130 | - |
| hp | storage_management_software | 10.5 |
| hp | storevirtual_4630 | - |
| hp | storevirtual_4330 | - |
| hp | storevirtual_4730 | - |
| hp | storevirtual_4730fc | - |
| hp | storage_management_software | 10.0 |
| hp | storevirtual_4530 | - |
| hp | storevirtual_vsa | - |
| hp | storevirtual_4335 | - |
Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVirtual VSA 9.5 through 11.0 allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_management_software | 9.5 |
| hp | storevirtual_4330fc | - |
| hp | storage_management_software | 11.0 |
| hp | storevirtual_4130 | - |
| hp | storage_management_software | 10.5 |
| hp | storevirtual_4630 | - |
| hp | storevirtual_4330 | - |
| hp | storevirtual_4730 | - |
| hp | storevirtual_4730fc | - |
| hp | storage_management_software | 10.0 |
| hp | storevirtual_4530 | - |
| hp | storevirtual_vsa | - |
| hp | storevirtual_4335 | - |
Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_manager_i | 9.1 |
| hp | operations_manager_i | 9.24 |
| hp | operations_manager_i | 9.23 |
| hp | operations_manager_i | 9.13 |
| hp | operations_manager_i | 9.12 |
| hp | operations_manager_i | 9.2 |
The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | executive_scorecard | 9.41 |
| hp | executive_scorecard | 9.40 |
Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | executive_scorecard | 9.41 |
| hp | executive_scorecard | 9.40 |
Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | executive_scorecard | 9.41 |
| hp | executive_scorecard | 9.40 |
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | release_control | 9.21 |
| hp | release_control | 9.20 |
| hp | release_control | 9.11 |
| hp | release_control | 9.12 |
| hp | release_control | 9.13 |
| hp | release_control | 9.1 |
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | release_control | 9.21 |
| hp | release_control | 9.20 |
| hp | release_control | 9.11 |
| hp | release_control | 9.12 |
| hp | release_control | 9.13 |
| hp | release_control | 9.1 |
Unspecified vulnerability in HP SiteScope 11.1x through 11.13 and 11.2x through 11.24 allows remote attackers to bypass authentication via unknown vectors, aka ZDI-CAN-2140.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.10 |
| hp | sitescope | 11.22 |
| hp | sitescope | 11.24 |
| hp | sitescope | 11.12 |
| hp | sitescope | 11.23 |
| hp | sitescope | 11.11 |
| hp | sitescope | 11.20 |
| hp | sitescope | 11.21 |
| hp | sitescope | 11.13 |
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2083.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_configuration_management_database | 10.10 |
| hp | universal_configuration_management_database | 10.01 |
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2091.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_configuration_management_database | 10.10 |
| hp | universal_configuration_management_database | 10.01 |
Unspecified vulnerability in HP Universal CMDB 10.01 and 10.10 allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors, aka ZDI-CAN-2104.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_configuration_management_database | 10.10 |
| hp | universal_configuration_management_database | 10.01 |
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2080.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | imc_branch_intelligent_management_system_software_module | 7.0 |
| hp | intelligent_management_center | 7.0 |
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2088.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | imc_branch_intelligent_management_system_software_module | 7.0 |
| hp | intelligent_management_center | 7.0 |
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2089.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | imc_branch_intelligent_management_system_software_module | 7.0 |
| hp | intelligent_management_center | 7.0 |
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-2090.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | imc_branch_intelligent_management_system_software_module | 7.0 |
| hp | intelligent_management_center | 7.0 |
Unspecified vulnerability in HP Intelligent Management Center (iMC) before 7.0 E02020P03 and Branch Intelligent Management System (BIMS) before 7.0 E0201P02 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors, aka ZDI-CAN-2312.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | imc_branch_intelligent_management_system_software_module | 7.0 |
| hp | intelligent_management_center | 7.0 |
Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 8.10 |
| hp | storage_data_protector | 8.0 |
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2264.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.20 |
| hp | network_node_manager_i | 9.0 |
| hp | network_node_manager_i | 9.10 |
Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to read arbitrary files via crafted input, aka ZDI-CAN-2023.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_virtualization | 8.6 |
Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_virtualization | 8.6 |
Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32.01, H06 through H06.28, and J06 through J06.17.01 allows remote authenticated users to gain privileges for NetBatch job execution via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_netbatch | h06.28 |
| hp | nonstop_netbatch | h06.05 |
| hp | nonstop_netbatch | h06.05.02 |
| hp | nonstop_netbatch | h06.27 |
| hp | nonstop_netbatch | j06.15 |
| hp | nonstop_netbatch | j06.17.01 |
| hp | nonstop_netbatch | h06.26.01 |
| hp | nonstop_netbatch | j06.14.03 |
| hp | nonstop_netbatch | h06.25.01 |
| hp | nonstop_netbatch | h06.03 |
| hp | nonstop_netbatch | h06.04 |
| hp | nonstop_netbatch | h06.24.01 |
| hp | nonstop_netbatch | g06.14 |
| hp | nonstop_netbatch | g06.32.01 |
| hp | nonstop_netbatch | j06.16 |
| hp | nonstop_netbatch | j06.17 |
| hp | nonstop_netbatch | j06.16.02 |
| hp | nonstop_netbatch | h06.05.01 |
| hp | nonstop_netbatch | j06.14 |
| hp | nonstop_netbatch | h06.27.01 |
| hp | nonstop_netbatch | j06.13.01 |
| hp | nonstop_netbatch | j06.03 |
| hp | nonstop_netbatch | h06.26 |
| hp | nonstop_netbatch | j06.15.02 |
| hp | nonstop_netbatch | h06.25 |
Unspecified vulnerability in HP Enterprise Maps 1 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | enterprise_maps | 1.00 |
HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_safeguard_security | * |
Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_agent | 11.0 |
Unspecified vulnerability in HP Application Lifecycle Management (aka Quality Center) 11.5x and 12.0x allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2138.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | application_lifecycle_management | 11.50 |
| hp | application_lifecycle_management | 12.00 |
Unspecified vulnerability in the WebTier component in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 9.32 |
| hp | service_manager | 7.21 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
| hp | service_manager | 9.33 |
Cross-site request forgery (CSRF) vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 9.32 |
| hp | service_manager | 7.21 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
| hp | service_manager | 9.33 |
Unspecified vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to bypass intended access restrictions, and modify data or cause a denial of service, via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.21 |
| hp | service_manager | 9.32 |
| hp | service_manager | 7.21 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.30 |
| hp | service_manager | 9.33 |
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2343.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sprinter | 12.01 |
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2336.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sprinter | 12.01 |
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2342.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sprinter | 12.01 |
Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2344.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sprinter | 12.01 |
Unspecified vulnerability in HP MPIO Device Specific Module Manager before 4.02.00 allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mpio_device_specific_module_manager | * |
| hp | mpio_device_specific_module_manager | 4.01.00 |
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
| hp | system_management_homepage | 7.2.1 |
| hp | system_management_homepage | 7.2 |
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
| hp | system_management_homepage | 7.2.1 |
| hp | system_management_homepage | 7.2 |
HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | system_management_homepage | 7.0 |
| hp | system_management_homepage | 7.1 |
| hp | system_management_homepage | 7.2.1 |
| hp | system_management_homepage | 7.2 |
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 7.1 |
| hp | systems_insight_manager | 7.2 |
| hp | systems_insight_manager | 7.0 |
| hp | systems_insight_manager | * |
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 7.1 |
| hp | systems_insight_manager | 7.2 |
| hp | systems_insight_manager | 7.0 |
| hp | systems_insight_manager | * |
HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to conduct clickjacking attacks via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 7.1 |
| hp | systems_insight_manager | 7.2 |
| hp | systems_insight_manager | 7.0 |
| hp | systems_insight_manager | * |
Unspecified vulnerability in HP Network Automation 9.10 and 9.20 allows local users to bypass intended access restrictions via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 9.10 |
| hp | network_automation | 9.20 |
Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP Operations Manager (formerly OpenView Communications Broker) before 11.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_agent | * |
Unspecified vulnerability in HP Operations Manager 9.10 and 9.11 on UNIX allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_manager | 9.11 |
| hp | operations_manager | 9.10 |
Unspecified vulnerability in HP Operations Manager 9.20 on UNIX allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linux | kernel | - |
| hp | operations_manager | 9.20 |
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 20 |
| sendmail | sendmail | 8.7.10 |
| sendmail | sendmail | 8.13.3 |
| hp | hpux | * |
| sendmail | sendmail | 8.13.7 |
| sendmail | sendmail | 8.13.8 |
| sendmail | sendmail | 8.6.7 |
| sendmail | sendmail | 8.12.3 |
| sendmail | sendmail | 8.13.0 |
| sendmail | sendmail | 8.14.6 |
| sendmail | sendmail | 8.13.6 |
| sendmail | sendmail | 8.11.5 |
| sendmail | sendmail | 8.13.2 |
| sendmail | sendmail | 8.13.5 |
| sendmail | sendmail | 8.14.1 |
| sendmail | sendmail | 8.9.1 |
| sendmail | sendmail | 8.11.3 |
| sendmail | sendmail | 8.14.3 |
| sendmail | sendmail | 8.11.0 |
| sendmail | sendmail | 8.14.0 |
| sendmail | sendmail | 8.11.1 |
| sendmail | sendmail | 8.9.0 |
| freebsd | freebsd | * |
| sendmail | sendmail | 8.12.8 |
| sendmail | sendmail | 8.11.2 |
| sendmail | sendmail | 8.14.2 |
| sendmail | sendmail | 8.12.2 |
| sendmail | sendmail | 8.7.8 |
| sendmail | sendmail | 8.7.6 |
| sendmail | sendmail | 8.14.5 |
| sendmail | sendmail | 8.8.8 |
| sendmail | sendmail | 8.10.1 |
| sendmail | sendmail | 8.12.7 |
| sendmail | sendmail | 8.14.4 |
| sendmail | sendmail | 8.10.0 |
| sendmail | sendmail | 8.12.6 |
| sendmail | sendmail | 8.12.4 |
| sendmail | sendmail | 8.14.7 |
| sendmail | sendmail | 8.9.3 |
| sendmail | sendmail | 8.10.2 |
| sendmail | sendmail | 8.10 |
| sendmail | sendmail | 8.12.5 |
| sendmail | sendmail | 8.11.4 |
| sendmail | sendmail | 8.12.10 |
| sendmail | sendmail | 8.12.0 |
| sendmail | sendmail | 8.12.9 |
| sendmail | sendmail | 8.7.9 |
| sendmail | sendmail | 8.11.6 |
| sendmail | sendmail | * |
| sendmail | sendmail | 8.13.4 |
| sendmail | sendmail | 8.9.2 |
| sendmail | sendmail | 8.12.1 |
| sendmail | sendmail | 8.7.7 |
| sendmail | sendmail | 8.12.11 |
| sendmail | sendmail | 8.13.1 |
| sendmail | sendmail | 8.11.7 |
Cross-site scripting (XSS) vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | records_manager | * |
| hp | records_manager | 8.1 |
HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | enterprise_maps | 1.00 |
Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavior is "by design.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | 6.11 |
| hp | data_protector | 6.10 |
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading /etc/odapw.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L | 1.8 | 4.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sgi_tempo | - |
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to change the permissions of arbitrary files by executing /opt/sgi/sgimc/bin/vx.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sgi_tempo | - |
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading etc/dbdump.db.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sgi_tempo | - |
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
| hp | hp-ux | b.11.23 |
| hp | hp-ux | b.11.31 |
Unspecified vulnerability on the HP LaserJet CM3530 Multifunction Printer CC519A and CC520A with firmware before 53.236.2 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_cm3530_multifunction_printer_firmware | * |
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | integrated_lights-out_chassis_management_firmware | * |
| hp | integrated_lights-out_2_firmware | * |
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | b.11.31 |
The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | helion_cloud_development_platform | 1.0 |
HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | b.11.11 |
| hp | hp-ux | b.11.23 |
| hp | hp-ux | b.11.31 |
Multiple unspecified vulnerabilities in the POP implementation in HP OpenVMS TCP/IP 5.7 before ECO5 allow remote attackers to cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tcp_ip_services_openvms | * |
Cross-site scripting (XSS) vulnerability in the server in HP Insight Control allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_server_deployment | - |
Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows remote authenticated users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.10 |
| hp | sitescope | 11.22 |
| hp | sitescope | 11.24 |
| hp | sitescope | 11.12 |
| hp | sitescope | 11.23 |
| hp | sitescope | 11.11 |
| hp | sitescope | 11.20 |
| hp | sitescope | 11.21 |
| hp | sitescope | 11.13 |
HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_configuration_management_database | 9.05 |
| hp | universal_configuration_management_database | 10.11 |
| hp | universal_configuration_management_database | 10.01 |
Multiple unspecified vulnerabilities in HP ArcSight Logger before 6.0P1 have unknown impact and remote authenticated attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | 6.0 |
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMICR.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2512.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ole_point_of_sale_driver | * |
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSLineDisplay.ocx for Retail RP7 VFD Customer Display monitors, Retail Integrated 2x20 Display monitors, Retail Integrated 2x20 Complex monitors, POS Pole Display monitors, Graphical POS Pole Display monitors, and LCD Pole Display monitors, aka ZDI-CAN-2511.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ole_point_of_sale_driver | * |
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSToneIndicator.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2510.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ole_point_of_sale_driver | * |
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSPOSKeyboard.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2509.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ole_point_of_sale_driver | * |
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMSR.ocx for Mini MSR magnetic stripe readers, Retail Integrated Dual-Head MSR magnetic stripe readers, Integrated Single Head MSR w/o SRED magnetic stripe readers, Integrated Single Head w/o MSR SRED magnetic stripe readers, RP7 Single Head MSR w/o SRED magnetic stripe readers, POS keyboards, and POS keyboards with MSR, aka ZDI-CAN-2508.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ole_point_of_sale_driver | * |
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCheckScanner.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2507.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ole_point_of_sale_driver | * |
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSPOSPrinter.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2506.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ole_point_of_sale_driver | * |
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCashDrawer.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, Value Serial/USB Receipt printers, and USB Standard Duty cash drawers, aka ZDI-CAN-2505.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ole_point_of_sale_driver | * |
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before 7.6.1-06, and HP XP7 Global Link Manager Software (aka HGLM) 6.x through 8.x before 8.1.2-00, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp_p9000_tiered_storage_manager | * |
| hp | xp_p9000_replication_manager | * |
| hp | xp_p9000_device_manager | * |
| hp | xp7_global_link_manager_software | * |
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSScanner.ocx for Imaging Barcode scanners, Linear Barcode scanners, Presentation Barcode scanners, Retail Integrated Barcode scanners, Wireless Barcode scanners, and 2D Value Wireless scanners.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ole_point_of_sale_driver | * |
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ole_point_of_sale_driver | * |
The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-320,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linux_imaging_and_printing | * |
The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Boot protection mechanism and gain privileges by leveraging write access to physical memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | elitebook_850_g1_firmware | 01.09 |
| dell | latitude_e6430_firmware | a09 |
Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | airwave | * |
Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | airwave | * |
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | integrated_lights-out_3_firmware | * |
| hp | integrated_lights-out_2_firmware | * |
HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_manager_i_management_pack | 1.0 |
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_orchestration | 10.0 |
| hp | operations_orchestration | 9.0 |
Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_orchestration | 10.0 |
Buffer overflow in HP LoadRunner 11.52 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.52 |
Unspecified vulnerability in HP Intelligent Provisioning 1.40 through 1.60 on Windows Server 2008 R2 and 2012 allows local users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_provisioning | 1.40 |
| hp | intelligent_provisioning | 1.50 |
| hp | intelligent_provisioning | 1.60 |
Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote authenticated users to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | easy_tools | * |
Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | easy_tools | * |
HP Support Solution Framework before 11.51.0049 allows remote attackers to download an arbitrary program onto a client machine and execute this program via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_solution_framework | * |
Unspecified vulnerability in HP Capture and Route Software (HPCR) 1.3 before Patch 7, 1.3 FP1 before Patch 1, and 1.4 before Patch 1 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | capture_and_route_software | 1.4 |
| hp | capture_and_route_software | 1.3 |
Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_data_protector | 7.03 |
| hp | storage_data_protector | 7.02 |
| hp | storage_data_protector | 7.01 |
| hp | storage_data_protector | 7.00 |
HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS) before 4.1 patch 3 and 4.2 before patch 1 do not require authentication for JBoss RMI requests, which allows remote attackers to execute arbitrary code by (1) uploading this code within an archive or (2) instantiating a class.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tippingpoint_security_management_system | * |
| hp | tippingpoint_virtual_security_management_system | * |
Unspecified vulnerability in the Secure Pull Print and Security Pull Print components in HP Access Control (AC) Software 12.x through 14.x before 14.1.2 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | access_control | 14.1 |
| hp | access_control | 12.0 |
| hp | access_control | 12.2 |
| hp | access_control | 12.3 |
| hp | access_control | 13.0 |
| hp | access_control | 12.1 |
| hp | access_control | 14.0 |
Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24.391, and 11.3x before 11.30.521 allows remote authenticated users to gain privileges via unknown vectors, aka ZDI-CAN-2567.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.30.521 |
| hp | sitescope | 11.13 |
| hp | sitescope | 11.24.391 |
HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_virtualization | 8.61 |
| hp | network_virtualization | 11.52 |
The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows remote attackers to cause a denial of service via network traffic to the REST port.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sdn_van_controller | * |
Unspecified vulnerability in HP NonStop Safeguard Security Software H06.x, L15.02, and J06.x before J06.19 allows remote authenticated users to gain privileges by leveraging Expand access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_safeguard_security | * |
Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | smart_zero_core | 4.3 |
| hp | smart_zero_core | 4.4 |
| hp | thinpro_linux | 5.0 |
| hp | thinpro_linux | 4.2 |
| hp | thinpro_linux | 4.1 |
| hp | thinpro_linux | 5.1 |
| hp | thinpro_linux | 4.4 |
| hp | thinpro_linux | 4.3 |
Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-611,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | webinspect | * |
Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 11.11iv3 |
| hp | hp-ux | 11.11iv2 |
Unspecified vulnerability in the execve system-call implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_manager_i | 9.24 |
| hp | operations_manager_i | 9.23 |
| hp | operations_manager_i | 10.00 |
| hp | operations_manager_i | 9.25 |
| hp | operations_manager_i | 10.01 |
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
Unspecified vulnerability in HP Intelligent Provisioning 1.00 through 1.62(a), 2.00, and 2.10 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_provisioning | 2.10 |
| hp | intelligent_provisioning | * |
| hp | intelligent_provisioning | 2.00 |
HP ArcSight Logger before 6.0 P2 allows remote authenticated users to bypass the intended authorization policy via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
Unspecified vulnerability in HP Operations Manager i (OMi) 9.22, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_manager_i | 9.22 |
| hp | operations_manager_i | 9.24 |
| hp | operations_manager_i | 9.23 |
| hp | operations_manager_i | 10.00 |
| hp | operations_manager_i | 9.25 |
| hp | operations_manager_i | 10.01 |
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5403.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | * |
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | * |
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| arubanetworks | airwave | * |
| hp | airwave | * |
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| arubanetworks | airwave | * |
| hp | airwave | * |
An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | asset_manager_cloudsystem_chargeback | 9.40 |
| hp | asset_manager | 9.40 |
| hp | asset_manager | 9.41 |
| hp | asset_manager | 9.50 |
| hp | sitescope | * |
| hp | asset_manager | 9.31 |
| hp | sitescope | 11.30 |
| hp | asset_manager | 9.30 |
| hp | asset_manager | 9.32 |
HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_smartconnectors | * |
The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of this password.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_smartconnectors | * |
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,CWE-122,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_desktop | 12 |
| suse | linux_enterprise_workstation_extension | 12 |
| opensuse | opensuse | 13.1 |
| hp | version_control_repository_manager | 7.6 |
| hp | system_management_homepage | * |
| redhat | enterprise_linux_desktop | 6.0 |
| opensuse | opensuse | 13.2 |
| redhat | enterprise_linux_eus | 6.6 |
| hp | systems_insight_manager | * |
| redhat | enterprise_linux_workstation | 6.0 |
| adobe | flash_player | * |
| hp | virtual_connect_enterprise_manager | * |
| redhat | enterprise_linux_server | 6.0 |
| hp | insight_orchestration | * |
| opensuse | evergreen | 11.4 |
| hp | version_control_repository_manager | * |
| hp | version_control_agent | * |
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| haxx | libcurl | 7.13.2 |
| haxx | libcurl | 7.15.0 |
| haxx | libcurl | 7.23.1 |
| haxx | curl | 7.12.3 |
| haxx | curl | 7.13.0 |
| haxx | curl | 7.15.4 |
| haxx | libcurl | 7.15.1 |
| haxx | curl | 7.16.4 |
| haxx | curl | 7.19.2 |
| apple | mac_os_x | 10.10.4 |
| haxx | libcurl | 7.15.2 |
| haxx | curl | 7.21.2 |
| haxx | curl | 7.18.1 |
| apple | mac_os_x | 10.10.3 |
| haxx | libcurl | 7.11.1 |
| haxx | libcurl | 7.12.0 |
| haxx | libcurl | 7.24.0 |
| haxx | libcurl | 7.17.1 |
| haxx | curl | 7.16.3 |
| haxx | curl | 7.19.4 |
| haxx | libcurl | 7.10.6 |
| haxx | libcurl | 7.40.0 |
| haxx | curl | 7.12.2 |
| haxx | libcurl | 7.20.1 |
| haxx | libcurl | 7.13.1 |
| haxx | libcurl | 7.30.0 |
| haxx | libcurl | 7.37.0 |
| haxx | curl | 7.20.1 |
| canonical | ubuntu_linux | 14.10 |
| haxx | libcurl | 7.21.4 |
| haxx | curl | 7.31.0 |
| haxx | libcurl | 7.22.0 |
| haxx | curl | 7.15.3 |
| canonical | ubuntu_linux | 15.04 |
| haxx | libcurl | 7.12.2 |
| haxx | curl | 7.40.0 |
| haxx | libcurl | 7.27.0 |
| haxx | libcurl | 7.31.0 |
| haxx | curl | 7.35.0 |
| haxx | libcurl | 7.28.1 |
| haxx | curl | 7.19.0 |
| haxx | libcurl | 7.21.2 |
| haxx | libcurl | 7.10.8 |
| haxx | libcurl | 7.15.4 |
| haxx | libcurl | 7.19.5 |
| haxx | libcurl | 7.34.0 |
| hp | system_management_homepage | * |
| haxx | curl | 7.12.0 |
| haxx | libcurl | 7.35.0 |
| haxx | libcurl | 7.19.4 |
| haxx | curl | 7.21.6 |
| haxx | libcurl | 7.15.5 |
| haxx | libcurl | 7.10.7 |
| haxx | curl | 7.21.5 |
| haxx | curl | 7.16.1 |
| haxx | curl | 7.33.0 |
| haxx | curl | 7.30.0 |
| haxx | libcurl | 7.16.1 |
| haxx | libcurl | 7.29.0 |
| haxx | curl | 7.27.0 |
| haxx | libcurl | 7.18.0 |
| haxx | libcurl | 7.16.4 |
| haxx | curl | 7.11.0 |
| haxx | curl | 7.19.1 |
| haxx | libcurl | 7.19.0 |
| haxx | libcurl | 7.19.6 |
| haxx | libcurl | 7.14.0 |
| haxx | libcurl | 7.25.0 |
| haxx | libcurl | 7.36.0 |
| haxx | curl | 7.18.0 |
| haxx | libcurl | 7.20.0 |
| haxx | libcurl | 7.39 |
| haxx | curl | 7.11.2 |
| haxx | libcurl | 7.19.3 |
| haxx | curl | 7.16.0 |
| haxx | libcurl | 7.18.1 |
| haxx | libcurl | 7.21.5 |
| haxx | libcurl | 7.23.0 |
| canonical | ubuntu_linux | 14.04 |
| apple | mac_os_x | 10.10.2 |
| haxx | libcurl | 7.16.3 |
| haxx | curl | 7.15.0 |
| haxx | curl | 7.41.0 |
| haxx | curl | 7.29.0 |
| haxx | curl | 7.10.6 |
| haxx | curl | 7.15.2 |
| haxx | curl | 7.25.0 |
| haxx | libcurl | 7.13.0 |
| haxx | curl | 7.10.8 |
| haxx | curl | 7.21.3 |
| haxx | libcurl | 7.18.2 |
| haxx | curl | 7.18.2 |
| canonical | ubuntu_linux | 12.04 |
| haxx | curl | 7.24.0 |
| haxx | curl | 7.10.7 |
| haxx | curl | 7.17.1 |
| haxx | curl | 7.23.1 |
| haxx | curl | 7.15.1 |
| haxx | curl | 7.28.1 |
| haxx | libcurl | 7.16.2 |
| haxx | curl | 7.36.0 |
| haxx | libcurl | 7.17.0 |
| haxx | libcurl | 7.21.7 |
| haxx | curl | 7.39.0 |
| apple | mac_os_x | * |
| haxx | libcurl | 7.21.3 |
| haxx | libcurl | 7.11.2 |
| haxx | curl | 7.21.7 |
| haxx | libcurl | 7.21.0 |
| haxx | curl | 7.14.0 |
| haxx | curl | 7.19.6 |
| haxx | libcurl | 7.15.3 |
| haxx | curl | 7.34.0 |
| haxx | curl | 7.38.0 |
| apple | mac_os_x | 10.10.1 |
| haxx | curl | 7.11.1 |
| haxx | curl | 7.19.5 |
| haxx | curl | 7.22.0 |
| haxx | libcurl | 7.14.1 |
| haxx | libcurl | 7.38.0 |
| haxx | curl | 7.12.1 |
| haxx | curl | 7.26.0 |
| haxx | libcurl | 7.19.1 |
| haxx | curl | 7.13.2 |
| haxx | curl | 7.21.1 |
| haxx | libcurl | 7.12.1 |
| haxx | curl | 7.17.0 |
| haxx | libcurl | 7.19.2 |
| haxx | libcurl | 7.33.0 |
| haxx | curl | 7.15.5 |
| haxx | curl | 7.21.0 |
| haxx | curl | 7.28.0 |
| haxx | libcurl | 7.16.0 |
| haxx | libcurl | 7.41.0 |
| haxx | curl | 7.19.3 |
| apple | mac_os_x | 10.10.0 |
| haxx | curl | 7.13.1 |
| haxx | curl | 7.14.1 |
| haxx | libcurl | 7.32.0 |
| haxx | curl | 7.16.2 |
| haxx | libcurl | 7.21.1 |
| debian | debian_linux | 7.0 |
| haxx | libcurl | 7.37.1 |
| haxx | curl | 7.32.0 |
| haxx | libcurl | 7.21.6 |
| haxx | curl | 7.21.4 |
| haxx | libcurl | 7.26.0 |
| haxx | libcurl | 7.28.0 |
| haxx | curl | 7.20.0 |
| haxx | libcurl | 7.11.0 |
| haxx | libcurl | 7.12.3 |
| haxx | curl | 7.23.0 |
| haxx | curl | 7.37.1 |
| haxx | curl | 7.19.7 |
| haxx | libcurl | 7.19.7 |
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 13.1 |
| haxx | libcurl | 7.38.0 |
| canonical | ubuntu_linux | 14.04 |
| apple | mac_os_x | 10.10.2 |
| haxx | libcurl | 7.34.0 |
| hp | system_management_homepage | * |
| haxx | curl | 7.41.0 |
| haxx | libcurl | 7.35.0 |
| apple | mac_os_x | 10.10.4 |
| haxx | libcurl | 7.33.0 |
| apple | mac_os_x | 10.10.3 |
| canonical | ubuntu_linux | 12.04 |
| haxx | curl | 7.33.0 |
| haxx | libcurl | 7.41.0 |
| haxx | libcurl | 7.40.0 |
| apple | mac_os_x | 10.10.0 |
| haxx | curl | 7.36.0 |
| haxx | libcurl | 7.32.0 |
| haxx | curl | 7.37.0 |
| haxx | curl | 7.39.0 |
| haxx | libcurl | 7.30.0 |
| haxx | libcurl | 7.37.0 |
| debian | debian_linux | 7.0 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.10 |
| haxx | libcurl | 7.37.1 |
| haxx | curl | 7.32.0 |
| haxx | curl | 7.31.0 |
| fedoraproject | fedora | 21 |
| haxx | libcurl | 7.36.0 |
| oracle | solaris | 11.3 |
| haxx | libcurl | 7.39 |
| canonical | ubuntu_linux | 15.04 |
| haxx | curl | 7.40.0 |
| fedoraproject | fedora | 22 |
| haxx | curl | 7.34.0 |
| haxx | curl | 7.38.0 |
| apple | mac_os_x | 10.10.1 |
| haxx | libcurl | 7.31.0 |
| haxx | curl | 7.35.0 |
| haxx | curl | 7.37.1 |
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| haxx | libcurl | 7.13.2 |
| haxx | libcurl | 7.15.0 |
| haxx | libcurl | 7.23.1 |
| haxx | curl | 7.12.3 |
| haxx | curl | 7.13.0 |
| haxx | curl | 7.15.4 |
| haxx | libcurl | 7.15.1 |
| haxx | curl | 7.16.4 |
| haxx | curl | 7.19.2 |
| apple | mac_os_x | 10.10.4 |
| haxx | libcurl | 7.15.2 |
| haxx | curl | 7.21.2 |
| haxx | curl | 7.18.1 |
| apple | mac_os_x | 10.10.3 |
| haxx | libcurl | 7.11.1 |
| haxx | libcurl | 7.12.0 |
| haxx | libcurl | 7.24.0 |
| haxx | libcurl | 7.17.1 |
| haxx | curl | 7.16.3 |
| haxx | curl | 7.19.4 |
| haxx | libcurl | 7.10.6 |
| haxx | libcurl | 7.40.0 |
| haxx | curl | 7.12.2 |
| haxx | libcurl | 7.20.1 |
| haxx | libcurl | 7.13.1 |
| haxx | libcurl | 7.30.0 |
| haxx | libcurl | 7.37.0 |
| haxx | curl | 7.20.1 |
| canonical | ubuntu_linux | 14.10 |
| haxx | libcurl | 7.21.4 |
| haxx | curl | 7.31.0 |
| haxx | libcurl | 7.22.0 |
| haxx | curl | 7.15.3 |
| canonical | ubuntu_linux | 15.04 |
| haxx | libcurl | 7.12.2 |
| haxx | curl | 7.40.0 |
| haxx | libcurl | 7.27.0 |
| haxx | libcurl | 7.31.0 |
| haxx | curl | 7.35.0 |
| haxx | libcurl | 7.28.1 |
| haxx | curl | 7.19.0 |
| haxx | libcurl | 7.21.2 |
| haxx | libcurl | 7.10.8 |
| haxx | libcurl | 7.15.4 |
| haxx | libcurl | 7.19.5 |
| haxx | libcurl | 7.34.0 |
| hp | system_management_homepage | * |
| haxx | curl | 7.12.0 |
| haxx | libcurl | 7.35.0 |
| haxx | libcurl | 7.19.4 |
| haxx | curl | 7.21.6 |
| haxx | libcurl | 7.15.5 |
| haxx | libcurl | 7.10.7 |
| haxx | curl | 7.21.5 |
| haxx | curl | 7.16.1 |
| haxx | curl | 7.33.0 |
| haxx | curl | 7.30.0 |
| haxx | libcurl | 7.16.1 |
| haxx | libcurl | 7.29.0 |
| haxx | curl | 7.27.0 |
| haxx | libcurl | 7.18.0 |
| opensuse | opensuse | 13.2 |
| haxx | libcurl | 7.16.4 |
| haxx | curl | 7.11.0 |
| haxx | curl | 7.19.1 |
| haxx | libcurl | 7.19.0 |
| haxx | libcurl | 7.19.6 |
| haxx | libcurl | 7.14.0 |
| haxx | libcurl | 7.25.0 |
| haxx | libcurl | 7.36.0 |
| haxx | curl | 7.18.0 |
| haxx | libcurl | 7.20.0 |
| haxx | libcurl | 7.39 |
| fedoraproject | fedora | 22 |
| haxx | curl | 7.11.2 |
| haxx | libcurl | 7.19.3 |
| haxx | curl | 7.16.0 |
| haxx | libcurl | 7.18.1 |
| haxx | libcurl | 7.21.5 |
| haxx | libcurl | 7.23.0 |
| canonical | ubuntu_linux | 14.04 |
| apple | mac_os_x | 10.10.2 |
| haxx | libcurl | 7.16.3 |
| haxx | curl | 7.15.0 |
| haxx | curl | 7.41.0 |
| haxx | curl | 7.29.0 |
| haxx | curl | 7.10.6 |
| haxx | curl | 7.15.2 |
| haxx | curl | 7.25.0 |
| haxx | libcurl | 7.13.0 |
| haxx | curl | 7.10.8 |
| haxx | curl | 7.21.3 |
| haxx | libcurl | 7.18.2 |
| haxx | curl | 7.18.2 |
| canonical | ubuntu_linux | 12.04 |
| haxx | curl | 7.24.0 |
| haxx | curl | 7.10.7 |
| haxx | curl | 7.17.1 |
| haxx | curl | 7.23.1 |
| haxx | curl | 7.15.1 |
| haxx | curl | 7.28.1 |
| haxx | libcurl | 7.16.2 |
| haxx | curl | 7.36.0 |
| haxx | libcurl | 7.17.0 |
| haxx | libcurl | 7.21.7 |
| haxx | curl | 7.39.0 |
| fedoraproject | fedora | 21 |
| haxx | libcurl | 7.21.3 |
| haxx | libcurl | 7.11.2 |
| haxx | curl | 7.21.7 |
| haxx | libcurl | 7.21.0 |
| haxx | curl | 7.14.0 |
| haxx | curl | 7.19.6 |
| haxx | libcurl | 7.15.3 |
| haxx | curl | 7.34.0 |
| haxx | curl | 7.38.0 |
| apple | mac_os_x | 10.10.1 |
| haxx | curl | 7.11.1 |
| haxx | curl | 7.19.5 |
| haxx | curl | 7.22.0 |
| haxx | libcurl | 7.14.1 |
| opensuse | opensuse | 13.1 |
| haxx | libcurl | 7.38.0 |
| haxx | curl | 7.12.1 |
| haxx | curl | 7.26.0 |
| haxx | libcurl | 7.19.1 |
| haxx | curl | 7.13.2 |
| haxx | curl | 7.21.1 |
| haxx | libcurl | 7.12.1 |
| haxx | curl | 7.17.0 |
| haxx | libcurl | 7.19.2 |
| haxx | libcurl | 7.33.0 |
| haxx | curl | 7.15.5 |
| haxx | curl | 7.21.0 |
| haxx | curl | 7.28.0 |
| haxx | libcurl | 7.16.0 |
| haxx | libcurl | 7.41.0 |
| haxx | curl | 7.19.3 |
| apple | mac_os_x | 10.10.0 |
| haxx | curl | 7.13.1 |
| haxx | curl | 7.14.1 |
| haxx | libcurl | 7.32.0 |
| haxx | curl | 7.37.0 |
| haxx | curl | 7.16.2 |
| haxx | libcurl | 7.21.1 |
| debian | debian_linux | 7.0 |
| haxx | libcurl | 7.37.1 |
| haxx | curl | 7.32.0 |
| haxx | libcurl | 7.21.6 |
| haxx | curl | 7.21.4 |
| haxx | libcurl | 7.26.0 |
| haxx | libcurl | 7.28.0 |
| haxx | curl | 7.20.0 |
| haxx | libcurl | 7.11.0 |
| haxx | libcurl | 7.12.3 |
| haxx | curl | 7.23.0 |
| haxx | curl | 7.37.1 |
| haxx | curl | 7.19.7 |
| haxx | libcurl | 7.19.7 |
ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openssl | openssl | 1.0.0j |
| canonical | ubuntu_linux | 14.04 |
| openssl | openssl | 1.0.1c |
| openssl | openssl | 1.0.1b |
| canonical | ubuntu_linux | 15.10 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_server_eus | 7.4 |
| openssl | openssl | 1.0.0i |
| openssl | openssl | 1.0.1g |
| redhat | enterprise_linux_server_tus | 7.2 |
| redhat | enterprise_linux_server_eus | 7.3 |
| openssl | openssl | 1.0.0l |
| redhat | enterprise_linux_server_eus | 6.7 |
| openssl | openssl | 1.0.0g |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| canonical | ubuntu_linux | 12.04 |
| openssl | openssl | 1.0.1j |
| debian | debian_linux | 8.0 |
| hp | icewall_sso | 10.0 |
| openssl | openssl | 1.0.1m |
| openssl | openssl | 1.0.0o |
| openssl | openssl | 1.0.0b |
| openssl | openssl | 1.0.0n |
| canonical | ubuntu_linux | 15.04 |
| openssl | openssl | 1.0.1h |
| openssl | openssl | 1.0.1o |
| openssl | openssl | 1.0.0s |
| oracle | vm_virtualbox | * |
| hp | icewall_sso_agent_option | 10.0 |
| redhat | enterprise_linux_server | 7.0 |
| openssl | openssl | 1.0.0d |
| openssl | openssl | 1.0.0h |
| redhat | enterprise_linux_desktop | 6.0 |
| openssl | openssl | 1.0.1k |
| openssl | openssl | 1.0.0k |
| openssl | openssl | 1.0.0p |
| redhat | enterprise_linux_workstation | 6.0 |
| openssl | openssl | 1.0.0f |
| openssl | openssl | 1.0.1l |
| redhat | enterprise_linux_server | 6.0 |
| openssl | openssl | 1.0.1a |
| openssl | openssl | 1.0.1i |
| openssl | openssl | 1.0.0m |
| openssl | openssl | 1.0.1f |
| openssl | openssl | 1.0.0e |
| openssl | openssl | 1.0.0r |
| openssl | openssl | 1.0.1d |
| redhat | enterprise_linux_server_aus | 7.3 |
| debian | debian_linux | 7.0 |
| openssl | openssl | 1.0.0 |
| openssl | openssl | 1.0.1 |
| redhat | enterprise_linux_server_eus | 7.2 |
| redhat | enterprise_linux_server_tus | 7.3 |
| openssl | openssl | 1.0.1e |
| redhat | enterprise_linux_desktop | 7.0 |
| openssl | openssl | 1.0.1n |
| redhat | enterprise_linux_server_aus | 7.2 |
| openssl | openssl | 1.0.0a |
| fedoraproject | fedora | 22 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| openssl | openssl | 1.0.0c |
| openssl | openssl | 1.0.0q |
mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | solaris | 11.3 |
| hp | virtual_customer_access_system | * |
| lighttpd | lighttpd | * |
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| haxx | curl | 7.42.0 |
| hp | system_management_homepage | * |
| haxx | curl | 7.41.0 |
| haxx | libcurl | 7.42.1 |
| oracle | enterprise_manager_ops_center | 12.3.2 |
| oracle | enterprise_manager_ops_center | 12.1.4 |
| oracle | glassfish_server | 3.0.1 |
| oracle | glassfish_server | 3.1.2 |
| haxx | curl | 7.40.0 |
| haxx | libcurl | 7.42.0 |
| oracle | enterprise_manager_ops_center | 12.2.2 |
| haxx | curl | 7.42.1 |
| haxx | libcurl | 7.41.0 |
| haxx | libcurl | 7.40.0 |
Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354169 and other products, allows remote attackers to read arbitrary files via an AMF message containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | business_service_management | * |
| adobe | livecycle_data_services | 4.6 |
| adobe | livecycle_data_services | 4.7 |
| adobe | livecycle_data_services | 4.5 |
| adobe | livecycle_data_services | 3.0 |
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| chrome | - | |
| oracle | jre | 1.7.0 |
| suse | linux_enterprise_desktop | 12 |
| suse | suse_linux_enterprise_server | 12 |
| opera | opera_browser | - |
| canonical | ubuntu_linux | 14.04 |
| oracle | jre | 1.6.0 |
| ibm | content_manager | 8.5 |
| mozilla | firefox | 38.1.0 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_os | 2.2 |
| mozilla | firefox | 39.0 |
| microsoft | internet_explorer | - |
| openssl | openssl | * |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| mozilla | firefox_esr | 31.8 |
| mozilla | firefox | - |
| mozilla | seamonkey | 2.35 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| suse | linux_enterprise_server | 11.0 |
| canonical | ubuntu_linux | 14.10 |
| apple | mac_os_x | * |
| mozilla | network_security_services | 3.19 |
| apple | safari | - |
| oracle | jdk | 1.8.0 |
| suse | linux_enterprise_software_development_kit | 12 |
| hp | hp-ux | b.11.31 |
| oracle | jre | 1.8.0 |
| oracle | sparc-opl_service_processor | * |
| canonical | ubuntu_linux | 15.04 |
| oracle | jrockit | r28.3.6 |
| apple | iphone_os | * |
| mozilla | firefox_esr | 38.1.0 |
| mozilla | thunderbird | 31.8 |
| mozilla | thunderbird | 38.1 |
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_server | 7.0 |
| php | php | 5.5.5 |
| php | php | 5.5.19 |
| hp | system_management_homepage | * |
| php | php | 5.5.14 |
| php | php | 5.5.21 |
| php | php | 5.5.7 |
| php | php | 5.5.24 |
| php | php | 5.5.9 |
| redhat | enterprise_linux | 6.0 |
| php | php | 5.6.6 |
| php | php | 5.6.4 |
| php | php | 5.5.18 |
| php | php | 5.5.4 |
| redhat | enterprise_linux_server_eus | 7.1 |
| php | php | * |
| php | php | 5.6.5 |
| php | php | 5.5.23 |
| oracle | linux | 6 |
| redhat | enterprise_linux_hpc_node_eus | 7.1 |
| php | php | 5.5.11 |
| oracle | solaris | 11.2 |
| php | php | 5.5.0 |
| php | php | 5.5.12 |
| php | php | 5.5.13 |
| php | php | 5.5.6 |
| php | php | 5.4.39 |
| php | php | 5.5.10 |
| php | php | 5.6.7 |
| apple | mac_os_x | * |
| redhat | enterprise_linux | 7.0 |
| php | php | 5.5.22 |
| redhat | enterprise_linux_hpc_node | 7.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| php | php | 5.5.2 |
| php | php | 5.5.20 |
| php | php | 5.6.2 |
| php | php | 5.6.8 |
| oracle | linux | 7 |
| php | php | 5.5.1 |
| redhat | enterprise_linux_workstation | 7.0 |
| php | php | 5.6.3 |
| php | php | 5.5.8 |
| php | php | 5.5.3 |
| php | php | 5.6.0 |
Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x before 3.0.0.354175, 3.1.x before 3.1.0.354180, 4.5.x before 4.5.1.354177, 4.6.2.x before 4.6.2.354178, and 4.7.x before 4.7.0.354178, allows remote attackers to send HTTP traffic to intranet servers via a crafted XML document, related to a Server-Side Request Forgery (SSRF) issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp_p9000_command_view_advanced_edition | - |
| adobe | livecycle_data_services | 4.6 |
| adobe | livecycle_data_services | 4.7 |
| hp | xp7_command_view_advanced_edition | - |
| adobe | livecycle_data_services | 4.5 |
| adobe | livecycle_data_services | 3.0 |
| adobe | coldfusion | * |
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 15.10 |
| redhat | enterprise_linux_hpc_node | 6.0 |
| apple | mac_os_x | * |
| xmlsoft | libxml2 | * |
| apple | watchos | * |
| hp | icewall_file_manager | 3.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 15.04 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| apple | tvos | * |
| apple | iphone_os | * |
| hp | icewall_federation_agent | 3.0 |
| debian | debian_linux | 8.0 |
The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows local users to gain privileges via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | probook_440_g1 | * |
| hp | zbook_17_g2 | * |
| hp | elitepad_1000_g2 | * |
| hp | probook_450_g2 | * |
| hp | elitebook_1040_g1 | * |
| hp | hspa+_gobi_4g | 12.500.00.15.1802 |
| hp | elitebook_revolve_810_g1 | * |
| hp | probook_440_g0 | * |
| hp | probook_645_g1 | * |
| hp | probook_x2_620_g1 | * |
| hp | zbook_15 | * |
| hp | mt41_thin_client | * |
| hp | probook_640_g1 | * |
| hp | probook_440_g2 | * |
| hp | probook_430_g2 | * |
| hp | elite_x2_1010_g2 | * |
| hp | zbook_15u | * |
| hp | elitebook_840_g2 | * |
| hp | elitebook_845_g1 | * |
| hp | elitebook_1040_g2 | * |
| hp | zbook_15_g2 | * |
| hp | elitebook_revolve_810_g2 | * |
| hp | probook_655_g1 | * |
| hp | elitebook_850_g2 | * |
| hp | zbook_14_g2 | * |
| hp | elitebook_825_g2 | * |
| hp | elitebook_820_g1 | * |
| hp | probook_450_g1 | * |
| hp | elitebook_820_g2 | * |
| hp | probook_650_g1 | * |
| hp | elitebook_folio_9470m | * |
| hp | elitebook_840_g1 | * |
| hp | elitebook_850_g1 | * |
| hp | probook_430_g1 | * |
| hp | lt4112_lte | 12.500.00.15.1802 |
| hp | probook_450_g0 | * |
| hp | zbook_14 | * |
| hp | elitebook_855_g1 | * |
| hp | spectre_x2_13-smb_pro | * |
The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad, Elite, ProBook, Spectre, ZBook, and mt41 Thin Client devices allows remote attackers to modify data or cause a denial of service, or execute arbitrary code, via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | probook_440_g1 | * |
| hp | zbook_17_g2 | * |
| hp | elitepad_1000_g2 | * |
| hp | probook_450_g2 | * |
| hp | elitebook_1040_g1 | * |
| hp | hspa+_gobi_4g | 12.500.00.15.1802 |
| hp | elitebook_revolve_810_g1 | * |
| hp | probook_440_g0 | * |
| hp | probook_645_g1 | * |
| hp | probook_x2_620_g1 | * |
| hp | zbook_15 | * |
| hp | mt41_thin_client | * |
| hp | probook_640_g1 | * |
| hp | probook_440_g2 | * |
| hp | probook_430_g2 | * |
| hp | elite_x2_1010_g2 | * |
| hp | zbook_15u | * |
| hp | elitebook_840_g2 | * |
| hp | elitebook_845_g1 | * |
| hp | elitebook_1040_g2 | * |
| hp | zbook_15_g2 | * |
| hp | elitebook_revolve_810_g2 | * |
| hp | probook_655_g1 | * |
| hp | elitebook_850_g2 | * |
| hp | zbook_14_g2 | * |
| hp | elitebook_825_g2 | * |
| hp | elitebook_820_g1 | * |
| hp | probook_450_g1 | * |
| hp | elitebook_820_g2 | * |
| hp | probook_650_g1 | * |
| hp | elitebook_folio_9470m | * |
| hp | elitebook_840_g1 | * |
| hp | elitebook_850_g1 | * |
| hp | probook_430_g1 | * |
| hp | lt4112_lte | 12.500.00.15.1802 |
| hp | probook_450_g0 | * |
| hp | zbook_14 | * |
| hp | elitebook_855_g1 | * |
| hp | spectre_x2_13-smb_pro | * |
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows local users to gain privileges, and consequently obtain sensitive information, modify data, or cause a denial of service, via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | * |
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-2139.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | * |
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | * |
HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | * |
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control 2.1, 2.2, and 2.3; CentralView Roaming Fraud Control 2.1, 2.2, and 2.3; and CentralView Subscription Fraud Prevention 2.0 and 2.1 allow remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5407 and CVE-2015-5408.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | centralview_fraud_risk_management | 11.2 |
| hp | centralview_dealer_performance_audit | 2.0 |
| hp | centralview_fraud_risk_management | 11.1 |
| hp | centralview_subscription_fraud_prevention | 2.0 |
| hp | centralview_revenue_leakage_control | 4.2 |
| hp | centralview_roaming_fraud_control | 2.1 |
| hp | centralview_roaming_fraud_control | 2.2 |
| hp | centralview_roaming_fraud_control | 2.3 |
| hp | centralview_credit_risk_control | 2.1 |
| hp | centralview_subscription_fraud_prevention | 2.1 |
| hp | centralview_dealer_performance_audit | 2.1 |
| hp | centralview_fraud_risk_management | 11.3 |
| hp | centralview_credit_risk_control | 2.2 |
| hp | centralview_revenue_leakage_control | 4.1 |
| hp | centralview_credit_risk_control | 2.3 |
| hp | centralview_revenue_leakage_control | 4.3 |
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control 2.1, 2.2, and 2.3; CentralView Roaming Fraud Control 2.1, 2.2, and 2.3; and CentralView Subscription Fraud Prevention 2.0 and 2.1 allow remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5406 and CVE-2015-5408.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | centralview_fraud_risk_management | 11.2 |
| hp | centralview_dealer_performance_audit | 2.0 |
| hp | centralview_fraud_risk_management | 11.1 |
| hp | centralview_subscription_fraud_prevention | 2.0 |
| hp | centralview_revenue_leakage_control | 4.2 |
| hp | centralview_roaming_fraud_control | 2.1 |
| hp | centralview_roaming_fraud_control | 2.2 |
| hp | centralview_roaming_fraud_control | 2.3 |
| hp | centralview_credit_risk_control | 2.1 |
| hp | centralview_subscription_fraud_prevention | 2.1 |
| hp | centralview_dealer_performance_audit | 2.1 |
| hp | centralview_fraud_risk_management | 11.3 |
| hp | centralview_credit_risk_control | 2.2 |
| hp | centralview_revenue_leakage_control | 4.1 |
| hp | centralview_credit_risk_control | 2.3 |
| hp | centralview_revenue_leakage_control | 4.3 |
HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control 2.1, 2.2, and 2.3; CentralView Roaming Fraud Control 2.1, 2.2, and 2.3; and CentralView Subscription Fraud Prevention 2.0 and 2.1 allow remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5406 and CVE-2015-5407.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | centralview_fraud_risk_management | 11.2 |
| hp | centralview_dealer_performance_audit | 2.0 |
| hp | centralview_fraud_risk_management | 11.1 |
| hp | centralview_subscription_fraud_prevention | 2.0 |
| hp | centralview_revenue_leakage_control | 4.2 |
| hp | centralview_roaming_fraud_control | 2.1 |
| hp | centralview_roaming_fraud_control | 2.2 |
| hp | centralview_roaming_fraud_control | 2.3 |
| hp | centralview_credit_risk_control | 2.1 |
| hp | centralview_subscription_fraud_prevention | 2.1 |
| hp | centralview_dealer_performance_audit | 2.1 |
| hp | centralview_fraud_risk_management | 11.3 |
| hp | centralview_credit_risk_control | 2.2 |
| hp | centralview_revenue_leakage_control | 4.1 |
| hp | centralview_credit_risk_control | 2.3 |
| hp | centralview_revenue_leakage_control | 4.3 |
Buffer overflow in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | version_control_repository_manager | * |
HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to execute arbitrary code or cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | version_control_repository_manager | * |
HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | version_control_repository_manager | * |
Cross-site request forgery (CSRF) vulnerability in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | version_control_repository_manager | * |
HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain privileges and obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | version_control_repository_manager | * |
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2875.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2876.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2877.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2879.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2880.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2881.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2883.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2884.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2885.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
Unspecified vulnerability in HP LoadRunner Controller before 12.50 allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2756.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | * |
HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5428 and CVE-2015-5429.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5429.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5428.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
HP Matrix Operating Environment before 7.5.0 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | virtual_connect_enterprise_manager_sdk | * |
HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | virtual_connect_enterprise_manager_sdk | * |
HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and forwarding (VRF) hopping."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jc072b_hp_12500_main_processing_unit | - |
| hp | jg354a_hp_hsr6602-xg_router | - |
| hp | jg735a)_hp_msr2004-48_router | - |
| hp | jc124a_hp_a9508_switch_chassis | - |
| hp | jf430b_hp_12518_switch_chassis | - |
| hp | jg777a_hp_hsr6602-xg_taa-compliant_router | - |
| hp | jg785a_hp_ff_12518e_dc_switch_chassis | - |
| hp | jc748a_hp_10512_switch_chassis | - |
| hp | jc613a_hp_10504_switch_chassis | - |
| hp | jc474a_hp_a9508-v_switch_chassis | - |
| hp | jg835a_hp_flexfabric_12508e_dc_switch_taa-compliant_chassis | - |
| hp | jg821a_hp_10508_taa_switch_chassis | - |
| hp | jg409a_hp_msr3012_ac_router | - |
| hp | jc653a_hp_12518_dc_switch_chassis | - |
| hp | jg861a_hp_msr3024_taa-compliant_ac_router | - |
| hp | jh060a_hp_msr1003-8s_ac_router | - |
| hp | jh192a_hp_10500_48-port_gig-t_(rj45)_se | - |
| hp | jg361b_hp_hsr6802_router_chassis | - |
| hp | jg497a_hp_12500_mpu_w/comware | 7.0 |
| hp | jh075a)_hp_hsr6800_rse-x3_router_main_processing_unit | - |
| hp | jf431c_hp_12508_ac_switch_chassis | - |
| hp | jg363b_hp_hsr6808_router_chassis | - |
| hp | jc125b_hp_9512_switch_chassis | - |
| hp | jg410a_hp_msr3012_dc_router | - |
| hp | jg820a_hp_10504_taa_switch_chassis | - |
| hp | jh196a_hp_10500_2-port_100gbe_cfp_ec | - |
| hp | jg408a_hp_msr3024_poe_router | - |
| hp | jg803a_hp_flexfabric_12500e_taa-compliant_main_processing_unit | - |
| hp | jg823a_hp_10512_taa_switch_chassis | - |
| hp | jg364a_hp_hsr6800_rse-x2_router_main_processing_unit | - |
| hp | jg784a_hp_ff_12518e_ac_switch_chassis | - |
| hp | jg810aae_hp_vsr1001_virtual_services_router_60_day_evaluation | - |
| hp | jc654a_hp_12504_ac_switch_chassis | - |
| hp | jg802a_hp_ff_12500e_mpu | - |
| hp | jg411a_hp_msr2003_ac_router | - |
| hp | jg405a_hp_msr3044_router | - |
| hp | jf431a_hp_a12508_switch_chassis | - |
| hp | jg403a_hp_msr4060_router_chassis | - |
| hp | jg783a_hp_ff_12508e_dc_switch_chassis | - |
| hp | jf431b_hp_12508_switch_chassis | - |
| hp | jg789a_hp_flexfabric_12500_4-port_100gbe_cfp_fg_taa | - |
| hp | jf430c_hp_12518_ac_switch_chassis | - |
| hp | jg362b_hp_hsr6804_router_chassis | - |
| hp | jh198a_hp_10500_type_d_main_processing_unit_with_comware | 7.0 |
| hp | jc612a_hp_10508_switch_chassis | - |
| hp | jg296a_hp_5920af-24xg_switch | - |
| hp | jg361a_hp_hsr6802_router_chassis | - |
| hp | jc652a_hp_12508_dc_switch_chassis | - |
| hp | jc655a_hp_12504_dc_switch_chassis | - |
| hp | jg782a_hp_ff_12508e_ac_switch_chassis | - |
| hp | jg813aae_hp_vsr1008_comware_7_virtual_services_router | - |
| hp | jg402a_hp_msr4080_router_chassis | - |
| hp | jg786a_hp_flexfabric_12500_4-port_100gbe_cfp_fd | - |
| hp | jg412a_hp_msr4000_mpu-100_main_processing_unit | - |
| hp | jg837a_hp_flexfabric_12518e_dc_switch_taa-compliant_chassis | - |
| hp | jg788a_hp_flexfabric_12500_4-port_100gbe_cfp_fg | - |
| hp | jh179a_hp_flexfabric_5930_4-slot_switch | - |
| hp | jh188a_hp_flexfabric_5930_4-slot_taa-compliant_switch | - |
| hp | jg406a_hp_msr3024_ac_router | - |
| hp | jg811aae_hp_vsr1001_comware_7_virtual_services_router | - |
| hp | jg875a_hp_msr1002-4_ac_router | - |
| hp | jg834a_hp_flexfabric_12508e_ac_switch_taa-compliant_chassis | - |
| hp | jg836a_hp_flexfabric_12518e_ac_switch_taa-compliant_chassis | - |
| hp | jg787a_hp_flexfabric_12500_4-port_100gbe_cfp_fd_taa | - |
| hp | jg798a_hp_flexfabric_12508e_fabric | - |
| hp | jc474b_hp_9508-v_switch_chassis | - |
| hp | jg866a_hp_msr2003_taa-compliant_ac_router | - |
| hp | jg496a_hp_10500_type_a_mpu_with_comware | 7.0 |
| hp | jg812aae_hp_vsr1004_comware_7_virtual_services_router | - |
| hp | jg869a_hp_msr4000_taa-compliant_mpu-100_main_processing_unit | - |
| hp | jc124b_hp_9505_switch_chassis | - |
| hp | jg407a_hp_msr3024_dc_router | - |
| hp | jc086a_hp_a12508_switch_chassis | - |
| hp | jg363a_hp_hsr6808_router_chassis | - |
| hp | jg734a_hp_msr2004-24_ac_router | - |
| hp | jc085a_hp_a12518_switch_chassis | - |
| hp | jg776a_hp_hsr6602-g_taa-compliant_router | - |
| hp | jf430a_hp_a12518_switch_chassis | - |
| hp | jg362a_hp_hsr6804_router_chassis | - |
| hp | jg404a_hp_msr3064_router | - |
| hp | jc611a_hp_10508-v_switch_chassis | - |
| hp | jg822a_hp_10508-v_taa_switch_chassis | - |
| hp | jc125a_hp_a9512_switch_chassis | - |
| hp | jg353a_hp_hsr6602-g_router | - |
| hp | jc808a_hp_12500_taa_main_processing_unit | - |
| hp | jg555a_hp_5920af-24xg_taa_switch | - |
| hp | jg779a_hp_hsr6800_rse-x2_router_taa-compliant_main_processing_unit | - |
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | integrated_lights-out_3_firmware | * |
A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_firmware | * |
HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21 allows local users to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_configuration_management_database | 10.21 |
| hp | universal_configuration_management_database | 10.11 |
| hp | universal_configuration_management_database | 10.00 |
| hp | universal_configuration_management_database | 10.10 |
| hp | universal_configuration_management_database | 10.01 |
Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ArcSight Logger before 6.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | archsight_management_center | * |
| hp | arcsight_logger | * |
Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | software_update | * |
HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 (GA) SPOCC, and SP 4.3.0-GA-24 (MU1) SPOCC allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_processor_sp | 4.3.0.ga-24_(mu1)_spocc |
| hp | 3par_service_processor_sp | 4.3.0.ga-17_(ga)_spocc |
| hp | 3par_service_processor_sp | 4.2.0.ga-29_(ga)_spocc |
Multiple cross-site scripting (XSS) vulnerabilities in HP Smart Profile Server Data Analytics Layer (SPS DAL) 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | smart_profile_server_data_analytics_layer | 2.3 |
Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storeonce_backup_system_software | * |
HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storeonce_backup_system_software | * |
Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storeonce_backup_system_software | * |
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_orchestration | * |
HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | 6.0.0.7307.1 |
HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_connector_appliance | * |
| hp | arcsight_logger | 6.0.0.7307.1 |
| hp | arcsight_management_center | * |
| hp | arcsight_command_center | 6.8.0.1896.0 |
| hp | arcsight_connectors | * |
| microfocus | arcsight_enterprise_security_manager | * |
| hp | arcsight_express | 4.0 |
Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02, and 12.50 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-3138.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.52 |
| hp | performance_center | 12.00 |
| hp | loadrunner | 12.50 |
| hp | performance_center | 12.20 |
| hp | performance_center | 12.01 |
| hp | loadrunner | 12.01 |
| hp | performance_center | 12.50 |
| hp | loadrunner | 12.02 |
| hp | loadrunner | 12.00 |
| hp | performance_center | 11.52 |
HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_management | * |
HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6860.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_switch_software | * |
HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6859.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | j9532a | * |
| hp | j9574a | * |
| hp | j9091a | * |
| hp | j9264a | * |
| hp | j9448a | * |
| hp | j9584a | * |
| hp | j9638a | * |
| hp | j8693a | * |
| hp | j8697a | * |
| hp | j8992a | * |
| hp | j9639a | * |
| hp | j9826a | * |
| hp | j9866a | * |
| hp | j9533a | * |
| hp | j9641a | * |
| hp | j9825a | * |
| hp | j9585a | * |
| hp | j9447a | * |
| hp | j9824a | * |
| hp | j9587a | * |
| hp | j9850a | * |
| hp | j8700a | * |
| hp | j8692a | * |
| hp | j9451a | * |
| hp | j9539a | * |
| hp | j9472a | * |
| hp | j9573a | * |
| hp | j9851a | * |
| hp | j9265a | * |
| hp | j9821a | * |
| hp | j9470a | * |
| hp | j9643a | * |
| hp | j9823a | * |
| hp | j9822a | * |
| hp | j9475a | * |
| hp | j9311a | * |
| hp | j9588a | * |
| hp | j8699a | * |
| hp | j9575a | * |
| hp | j9576a | * |
| hp | j9473a | * |
| hp | j9586a | * |
| hp | j8715a | * |
| hp | j9540a | * |
| hp | network_switch_software | * |
| hp | j9471a | * |
| hp | j8698a | * |
| hp | j9263a | * |
| hp | j8715b | * |
| hp | j9640a | * |
| hp | j9452a | * |
| hp | j9310a | * |
| hp | j9868a | * |
| hp | j9642a | * |
HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-200,CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ucmdb_browser | 4.0.1 |
HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via unspecified input to the (1) Intellicus or (2) client-certificate upload component.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
The vertica-udx-zygote process in HP Vertica 7.1.1 UDx does not require authentication, which allows remote attackers to execute arbitrary commands via a crafted packet, aka ZDI-CAN-2914.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | vertica | 7.1.1 |
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 15.10 |
| redhat | enterprise_linux_hpc_node | 6.0 |
| xmlsoft | libxml2 | * |
| hp | icewall_file_manager | 3.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 15.04 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| hp | icewall_federation_agent | 3.0 |
| debian | debian_linux | 8.0 |
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 15.10 |
| redhat | enterprise_linux_hpc_node | 6.0 |
| xmlsoft | libxml2 | * |
| hp | icewall_file_manager | 3.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 15.04 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| hp | icewall_federation_agent | 3.0 |
| debian | debian_linux | 8.0 |
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 15.10 |
| opensuse | opensuse | 13.2 |
| redhat | enterprise_linux_hpc_node | 6.0 |
| apple | mac_os_x | * |
| xmlsoft | libxml2 | * |
| apple | watchos | * |
| opensuse | leap | 42.1 |
| hp | icewall_file_manager | 3.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 15.04 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| apple | tvos | * |
| apple | iphone_os | * |
| hp | icewall_federation_agent | 3.0 |
| debian | debian_linux | 8.0 |
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 15.10 |
| redhat | enterprise_linux_hpc_node | 6.0 |
| apple | mac_os_x | * |
| xmlsoft | libxml2 | * |
| apple | watchos | * |
| hp | icewall_file_manager | 3.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 15.04 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| apple | tvos | * |
| apple | iphone_os | * |
| hp | icewall_federation_agent | 3.0 |
| debian | debian_linux | 8.0 |
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_desktop | 12 |
| canonical | ubuntu_linux | 14.04 |
| gnu | glibc | 2.12.2 |
| canonical | ubuntu_linux | 15.10 |
| suse | linux_enterprise_server | 12 |
| gnu | glibc | 2.15 |
| oracle | exalogic_infrastructure | 1.0 |
| f5 | big-ip_advanced_firewall_manager | 12.0.0 |
| f5 | big-ip_analytics | 12.0.0 |
| hp | server_migration_pack | 7.5 |
| gnu | glibc | 2.20 |
| canonical | ubuntu_linux | 12.04 |
| sophos | unified_threat_management_software | 9.319 |
| f5 | big-ip_link_controller | 12.0.0 |
| gnu | glibc | 2.17 |
| debian | debian_linux | 8.0 |
| gnu | glibc | 2.16 |
| sophos | unified_threat_management_software | 9.355 |
| gnu | glibc | 2.19 |
| hp | helion_openstack | 2.1.0 |
| redhat | enterprise_linux_hpc_node | 7.0 |
| suse | linux_enterprise_software_development_kit | 12 |
| f5 | big-ip_domain_name_system | 12.0.0 |
| gnu | glibc | 2.18 |
| hp | helion_openstack | 2.0.0 |
| f5 | big-ip_application_security_manager | 12.0.0 |
| oracle | fujitsu_m10_firmware | * |
| gnu | glibc | 2.11.1 |
| suse | linux_enterprise_software_development_kit | 11.0 |
| redhat | enterprise_linux_server | 7.0 |
| suse | suse_linux_enterprise_server | 12 |
| gnu | glibc | 2.11.3 |
| suse | linux_enterprise_debuginfo | 11.0 |
| gnu | glibc | 2.10.1 |
| gnu | glibc | 2.10 |
| gnu | glibc | 2.12 |
| gnu | glibc | 2.22 |
| gnu | glibc | 2.21 |
| f5 | big-ip_access_policy_manager | 12.0.0 |
| gnu | glibc | 2.9 |
| gnu | glibc | 2.11 |
| f5 | big-ip_policy_enforcement_manager | 12.0.0 |
| suse | linux_enterprise_desktop | 11.0 |
| suse | linux_enterprise_server | 11.0 |
| gnu | glibc | 2.11.2 |
| opensuse | opensuse | 13.2 |
| redhat | enterprise_linux_server_eus | 7.2 |
| gnu | glibc | 2.13 |
| redhat | enterprise_linux_desktop | 7.0 |
| hp | helion_openstack | 1.1.1 |
| redhat | enterprise_linux_server_aus | 7.2 |
| gnu | glibc | 2.12.1 |
| f5 | big-ip_application_acceleration_manager | 12.0.0 |
| gnu | glibc | 2.14.1 |
| redhat | enterprise_linux_hpc_node_eus | 7.2 |
| redhat | enterprise_linux_workstation | 7.0 |
| gnu | glibc | 2.14 |
| oracle | exalogic_infrastructure | 2.0 |
| f5 | big-ip_local_traffic_manager | 12.0.0 |
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 15.10 |
| apple | mac_os_x | * |
| apple | watchos | * |
| hp | icewall_file_manager | 3.0 |
| xmlsoft | libxml2 | 2.9.2 |
| canonical | ubuntu_linux | 15.04 |
| canonical | ubuntu_linux | 12.04 |
| apple | tvos | * |
| apple | iphone_os | * |
| hp | icewall_federation_agent | 3.0 |
| debian | debian_linux | 8.0 |
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 15.10 |
| redhat | enterprise_linux_hpc_node | 6.0 |
| xmlsoft | libxml2 | * |
| hp | icewall_file_manager | 3.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 15.04 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| hp | icewall_federation_agent | 3.0 |
| debian | debian_linux | 8.0 |
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 15.10 |
| redhat | enterprise_linux_hpc_node | 6.0 |
| apple | mac_os_x | * |
| xmlsoft | libxml2 | * |
| apple | watchos | * |
| hp | icewall_file_manager | 3.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 15.04 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| apple | tvos | * |
| apple | iphone_os | * |
| hp | icewall_federation_agent | 3.0 |
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 15.10 |
| redhat | enterprise_linux_hpc_node | 6.0 |
| xmlsoft | libxml2 | * |
| hp | icewall_file_manager | 3.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 15.04 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| hp | icewall_federation_agent | 3.0 |
| debian | debian_linux | 8.0 |
Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | air | * |
| suse | linux_enterprise_desktop | 12 |
| suse | linux_enterprise_workstation_extension | 12 |
| opensuse | opensuse | 13.1 |
| suse | linux_enterprise_desktop | 11 |
| hp | system_management_homepage | * |
| redhat | enterprise_linux_desktop | 6.0 |
| opensuse | opensuse | 13.2 |
| redhat | enterprise_linux_desktop | 5.0 |
| adobe | air_sdk | * |
| hp | systems_insight_manager | * |
| hp | matrix_operating_environment | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| adobe | flash_player | * |
| redhat | enterprise_linux_server | 6.0 |
| hp | insight_control | * |
| opensuse | evergreen | 11.4 |
| hp | insight_control_server_provisioning | * |
| hp | version_control_repository_manager | * |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| adobe | air_sdk_&_compiler | * |
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| android | 4.2.2 | |
| android | 5.1.1 | |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 15.10 |
| android | 5.0.1 | |
| android | 5.0.2 | |
| android | 4.4 | |
| android | 4.2 | |
| android | 4.0 | |
| android | 5.0 | |
| android | 4.4.1 | |
| canonical | ubuntu_linux | 12.04 |
| android | 4.0.4 | |
| android | 4.0.2 | |
| hp | server_migration_pack | * |
| android | 4.0.1 | |
| debian | debian_linux | 8.0 |
| android | 4.3.1 | |
| android | 6.0 | |
| android | 4.1.2 | |
| android | 4.4.2 | |
| android | 5.1.0 | |
| android | 4.0.3 | |
| android | 6.0.1 | |
| canonical | ubuntu_linux | 15.04 |
| android | 4.2.1 | |
| android | 4.3 | |
| android | 5.1 | |
| linux | linux_kernel | * |
| android | 4.4.3 | |
| android | 4.1 |
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sophos | unified_threat_management_software | 9.318 |
| hp | remote_device_access_virtual_customer_access_system | * |
| sophos | unified_threat_management_software | 9.353 |
| openbsd | openssh | 5.1 |
| openbsd | openssh | 5.5 |
| openbsd | openssh | 5.4 |
| openbsd | openssh | 5.3 |
| openbsd | openssh | 6.2 |
| openbsd | openssh | 5.6 |
| openbsd | openssh | 6.5 |
| openbsd | openssh | 6.3 |
| openbsd | openssh | 5.9 |
| openbsd | openssh | 5.2 |
| openbsd | openssh | 5.0 |
| openbsd | openssh | 6.0 |
| apple | mac_os_x | * |
| openbsd | openssh | 6.4 |
| openbsd | openssh | 7.1 |
| oracle | solaris | 11.3 |
| openbsd | openssh | 6.8 |
| openbsd | openssh | 6.1 |
| openbsd | openssh | 5.8 |
| oracle | linux | 7 |
| openbsd | openssh | 6.9 |
| openbsd | openssh | 7.0 |
| openbsd | openssh | 6.6 |
| openbsd | openssh | 6.7 |
| openbsd | openssh | 5.7 |
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openbsd | openssh | 6.0 |
| sophos | unified_threat_management_software | 9.353 |
| apple | mac_os_x | * |
| openbsd | openssh | 5.5 |
| openbsd | openssh | 6.4 |
| openbsd | openssh | 7.1 |
| openbsd | openssh | 5.4 |
| openbsd | openssh | 6.2 |
| openbsd | openssh | 5.6 |
| openbsd | openssh | 6.5 |
| oracle | solaris | 11.3 |
| hp | virtual_customer_access_system | * |
| openbsd | openssh | 6.8 |
| openbsd | openssh | 6.1 |
| openbsd | openssh | 6.3 |
| openbsd | openssh | 5.8 |
| openbsd | openssh | 5.9 |
| oracle | linux | 7 |
| openbsd | openssh | 6.9 |
| openbsd | openssh | 7.0 |
| openbsd | openssh | 6.6 |
| openbsd | openssh | 6.7 |
| openbsd | openssh | 5.7 |
HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_manager | 8.16 |
| hp | operations_manager | 8.1 |
| hp | operations_manager | 8.10 |
| hp | operations_manager | 9.0 |
HP Continuous Delivery Automation (CDA) 1.30 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | continuous_delivery_automation | 1.3.0 |
HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remote attackers to cause a denial of service via unspecified UDP packets.
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux_ipfilter | a.11.31.18.21 |
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 9.22.02 |
| hp | network_automation | 9.22.01 |
| hp | network_automation | 10.00 |
| hp | network_automation | 9.22 |
| hp | network_automation | 10.00.01 |
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 9.22.02 |
| hp | network_automation | 9.22.01 |
| hp | network_automation | 10.00 |
| hp | network_automation | 9.22 |
| hp | network_automation | 10.00.01 |
HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | enterprise_security_manager_express | * |
| hp | enterprise_security_manager | * |
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_orchestration | 10.22 |
| hp | operations_orchestration | 10.50 |
| hp | operations_orchestration | 10.02 |
| hp | operations_orchestration | 10.0 |
| hp | operations_orchestration | 10.01 |
| hp | operations_orchestration | 10.21 |
| hp | operations_orchestration | 10.22.1 |
| hp | operations_orchestration | 10.10 |
| hp | operations_orchestration | 10.20 |
| hp | operations_orchestration_content | * |
HPE Service Manager (SM) 9.3x before 9.35 P4 and 9.4x before 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.32 |
| hp | service_manager | 9.35 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.40 |
| hp | service_manager | 9.30 |
| hp | service_manager | 9.33 |
| hp | service_manager | 9.34 |
| hp | service_manager | 9.41 |
The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | release_control | 9.21 |
| hp | release_control | 9.20 |
| hp | release_control | 9.13 |
HPE Asset Manager 9.40, 9.41, and 9.50 and Asset Manager CloudSystem Chargeback 9.40 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-19,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | asset_manager_cloudsystem_chargeback | 9.40 |
| hp | asset_manager | 9.40 |
| hp | asset_manager | 9.41 |
| hp | asset_manager | 9.50 |
HPE Universal CMDB Foundation 10.0, 10.01, 10.10, 10.11, and 10.20 allows remote attackers to obtain sensitive information or conduct URL redirection attacks via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_cmbd_foundation | 10.20 |
| hp | universal_cmbd_foundation | 10.0 |
| hp | universal_cmbd_foundation | 10.01 |
| hp | universal_cmbd_foundation | 10.10 |
| hp | universal_cmbd_foundation | 10.11 |
The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | vertica | * |
HPE P9000 Command View Advanced Edition Software (CVAE) 7.x and 8.x before 8.4.0-00 and XP7 CVAE 7.x and 8.x before 8.4.0-00 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp7_command_view_advanced_edition_suite | - |
| hp | p9000_command_view_advanced_edition_software | - |
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-306,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3354.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.23 |
| hp | network_node_manager_i | 9.20 |
| hp | network_node_manager_i | 9.24 |
| hp | network_node_manager_i | 10.01 |
| hp | network_node_manager_i | 9.25 |
| hp | network_node_manager_i | 10.00 |
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2011.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.23 |
| hp | network_node_manager_i | 9.20 |
| hp | network_node_manager_i | 9.24 |
| hp | network_node_manager_i | 10.01 |
| hp | network_node_manager_i | 9.25 |
| hp | network_node_manager_i | 10.00 |
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2010.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.23 |
| hp | network_node_manager_i | 9.20 |
| hp | network_node_manager_i | 9.24 |
| hp | network_node_manager_i | 10.01 |
| hp | network_node_manager_i | 9.25 |
| hp | network_node_manager_i | 10.00 |
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to bypass authentication via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.23 |
| hp | network_node_manager_i | 9.20 |
| hp | network_node_manager_i | 9.24 |
| hp | network_node_manager_i | 10.01 |
| hp | network_node_manager_i | 9.25 |
| hp | network_node_manager_i | 10.00 |
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.23 |
| hp | network_node_manager_i | 9.20 |
| hp | network_node_manager_i | 9.24 |
| hp | network_node_manager_i | 10.01 |
| hp | network_node_manager_i | 9.25 |
| hp | network_node_manager_i | 10.00 |
HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 9.23 |
| hp | network_node_manager_i | 9.20 |
| hp | network_node_manager_i | 9.24 |
| hp | network_node_manager_i | 10.01 |
| hp | network_node_manager_i | 9.25 |
| hp | network_node_manager_i | 10.00 |
HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and default:user: entries, which allows local users to bypass intended access restrictions by leveraging the configuration of a parent directory.
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | base-vxfs-51 | b.05.10.02 |
| hp | base-vxfs-501 | b.05.01.0 |
| hp | base-vxfs-501 | b.05.01.01 |
| hp | base-vxfs-501 | b.05.01.03 |
| hp | base-vxfs-51 | b.05.10.00 |
| hp | base-vxfs-50 | b.05.00.01 |
| hp | base-vxfs-50 | b.05.00.02 |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2021, CVE-2016-2022, and CVE-2016-2030.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2022, and CVE-2016-2030.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and CVE-2016-2030.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | restful_interface_tool | 1.40 |
HPE Insight Control before 7.5.1 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_contol | * |
| hp | server_migration_package | * |
HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.32 |
| hp | service_manager | 9.35 |
| hp | service_manager | 9.31 |
| hp | service_manager | 9.40 |
| hp | service_manager | 9.30 |
| hp | service_manager | 9.33 |
| hp | service_manager | 9.34 |
| hp | service_manager | 9.41 |
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2027.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2026.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4357.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4358.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and CVE-2016-2022.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| android | 4.2.2 | |
| canonical | ubuntu_linux | 14.04 |
| hp | helion_openstack | 2.1 |
| canonical | ubuntu_linux | 15.10 |
| android | 5.0.1 | |
| redhat | enterprise_linux_hpc_node | 6.0 |
| android | 4.4 | |
| openssl | openssl | 1.0.2f |
| android | 4.4.1 | |
| canonical | ubuntu_linux | 12.04 |
| android | 4.0.4 | |
| android | 4.0.2 | |
| openssl | openssl | * |
| android | 4.0.1 | |
| openssl | openssl | 1.0.2g |
| debian | debian_linux | 8.0 |
| hp | helion_openstack | 2.1.0 |
| android | 4.3.1 | |
| hp | helion_openstack | 2.1.4 |
| android | 4.4.2 | |
| android | 5.1.0 | |
| nodejs | node.js | * |
| redhat | enterprise_linux_hpc_node | 7.0 |
| openssl | openssl | 1.0.2 |
| android | 4.0.3 | |
| nodejs | node.js | 6.0.0 |
| hp | helion_openstack | 2.0 |
| hp | helion_openstack | 2.0.0 |
| openssl | openssl | 1.0.2c |
| android | 4.3 | |
| android | 4.4.3 | |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| android | 4.2 | |
| redhat | enterprise_linux_workstation | 6.0 |
| android | 4.0 | |
| android | 5.0 | |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| openssl | openssl | 1.0.2a |
| openssl | openssl | 1.0.2d |
| android | 4.1.2 | |
| opensuse | opensuse | 13.2 |
| hp | helion_openstack | 2.1.2 |
| redhat | enterprise_linux_server_eus | 7.2 |
| opensuse | leap | 42.1 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.2 |
| android | 4.2.1 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 |
| redhat | enterprise_linux_workstation | 7.0 |
| android | 5.1 | |
| openssl | openssl | 1.0.2b |
| android | 4.1 | |
| openssl | openssl | 1.0.2e |
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openssl | openssl | 1.0.1t |
| openssl | openssl | 1.0.1c |
| openssl | openssl | 1.0.1s |
| oracle | solaris | 10 |
| openssl | openssl | 1.0.1b |
| openssl | openssl | 1.0.1k |
| openssl | openssl | 1.0.1g |
| openssl | openssl | 1.0.1p |
| openssl | openssl | 1.0.2f |
| openssl | openssl | 1.0.1l |
| openssl | openssl | 1.0.1a |
| openssl | openssl | 1.0.1i |
| openssl | openssl | 1.0.1f |
| oracle | linux | 6 |
| openssl | openssl | 1.0.1j |
| openssl | openssl | 1.0.2g |
| hp | icewall_sso | 10.0 |
| openssl | openssl | 1.0.1m |
| openssl | openssl | 1.0.2a |
| openssl | openssl | 1.0.1r |
| openssl | openssl | 1.0.2d |
| openssl | openssl | 1.0.1d |
| openssl | openssl | 1.0.1 |
| openssl | openssl | 1.0.2h |
| openssl | openssl | 1.0.1e |
| oracle | linux | 5 |
| openssl | openssl | 1.0.2 |
| openssl | openssl | 1.0.1q |
| oracle | solaris | 11.3 |
| openssl | openssl | 1.0.1n |
| openssl | openssl | 1.0.1h |
| openssl | openssl | 1.0.1o |
| hp | icewall_mcrp | 3.0 |
| oracle | linux | 7 |
| openssl | openssl | 1.0.2c |
| openssl | openssl | 1.0.2b |
| hp | icewall_sso_agent_option | 10.0 |
| openssl | openssl | 1.0.2e |
The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openssl | openssl | 1.0.1t |
| openssl | openssl | 1.0.1c |
| openssl | openssl | 1.0.1s |
| openssl | openssl | 1.0.1b |
| openssl | openssl | 1.0.1k |
| openssl | openssl | 1.0.1g |
| openssl | openssl | 1.0.1p |
| openssl | openssl | 1.0.2f |
| openssl | openssl | 1.0.1l |
| openssl | openssl | 1.0.1a |
| openssl | openssl | 1.0.1i |
| openssl | openssl | 1.0.1f |
| oracle | linux | 6 |
| openssl | openssl | 1.0.1j |
| openssl | openssl | 1.0.2g |
| hp | icewall_sso | 10.0 |
| openssl | openssl | 1.0.1m |
| openssl | openssl | 1.0.2a |
| openssl | openssl | 1.0.1r |
| openssl | openssl | 1.0.2d |
| openssl | openssl | 1.0.1d |
| openssl | openssl | 1.0.1 |
| openssl | openssl | 1.0.2h |
| openssl | openssl | 1.0.1e |
| oracle | linux | 5 |
| openssl | openssl | 1.0.2 |
| openssl | openssl | 1.0.1q |
| openssl | openssl | 1.0.1n |
| openssl | openssl | 1.0.1h |
| openssl | openssl | 1.0.1o |
| hp | icewall_mcrp | 3.0 |
| oracle | linux | 7 |
| openssl | openssl | 1.0.2c |
| hp | icewall_federation_agent | 3.0 |
| openssl | openssl | 1.0.2b |
| hp | icewall_sso_agent_option | 10.0 |
| openssl | openssl | 1.0.2e |
Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_firmware | 1.03 |
| hp | z240_firmware | 1.11 |
| hp | 700_series_firmware | 2.05 |
| hp | 1000_series_firmware | 1.1 |
| hp | z238_firmware | 1.11 |
| hp | 1000_series_firmware | 1.04 |
| hp | 800_series_firmware | 2.09 |
| hp | 700_series_firmware | 2.09 |
| hp | 800_series_firmware | 2.1 |
| hp | elitebook_folio_1012_x2_g2 | - |
| hp | 700_series_firmware | 2.07 |
| hp | 1000_series_firmware | 1.01 |
| hp | zbook_firmware | 1.04 |
| hp | 700_series_firmware | 1.08 |
| hp | 700_series_firmware | 1.05 |
HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_firmware | * |
HP Support Assistant before 8.1.52.1 allows remote attackers to bypass authentication via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
HP ThinPro 4.4 through 6.1 mishandles the keyboard layout control panel and virtual keyboard application, which allows local users to bypass intended access restrictions and gain privileges via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | thinpro | 4.4 |
| hp | thinpro | 5.2 |
| hp | thinpro | 5.1 |
| hp | thinpro | 6.1 |
| hp | thinpro | 5.0 |
| hp | thinpro | 5.2.1 |
| hp | thinpro | 6.0 |
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| isc | bind | 9.10.4 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.2 |
| fedoraproject | fedora | 24 |
| isc | bind | 9.11.0 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.2 |
| redhat | enterprise_linux_server_aus | 7.6 |
| isc | bind | * |
| redhat | enterprise_linux_workstation | 6.0 |
| isc | bind | 9.9.9 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| fedoraproject | fedora | 23 |
| redhat | enterprise_linux_server_tus | 7.3 |
| redhat | enterprise_linux_eus | 7.7 |
| hp | hp-ux | b.11.31 |
| redhat | enterprise_linux_server_tus | 7.7 |
| redhat | enterprise_linux_eus | 7.5 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.2 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_eus | 7.4 |
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| isc | bind | 9.10.4 |
| oracle | vm_server | 3.4 |
| oracle | vm_server | 3.3 |
| isc | bind | 9.11.0 |
| isc | bind | 9.10.0 |
| isc | bind | * |
| oracle | vm_server | 3.2 |
| oracle | solaris | 10.0 |
| oracle | solaris | 11.3 |
| isc | bind | 9.10.1 |
| isc | bind | 9.10.3 |
| oracle | linux | 7 |
| isc | bind | 9.10.2 |
| oracle | linux | 5.0 |
| hp | hp-ux | 11.31 |
| oracle | linux | 6 |
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| apache | tomcat | 7.0.56 |
| canonical | ubuntu_linux | 15.10 |
| apache | tomcat | 7.0.14 |
| apache | tomcat | 7.0.37 |
| apache | tomcat | 7.0.42 |
| apache | tomcat | 7.0.69 |
| apache | tomcat | 7.0.40 |
| apache | tomcat | 8.0.11 |
| apache | tomcat | 7.0.20 |
| apache | tomcat | 7.0.4 |
| apache | tomcat | 7.0.57 |
| apache | tomcat | 7.0.34 |
| apache | commons_fileupload | * |
| canonical | ubuntu_linux | 12.04 |
| apache | tomcat | 7.0.2 |
| apache | tomcat | 7.0.21 |
| apache | tomcat | 7.0.30 |
| apache | tomcat | 7.0.52 |
| hp | icewall_identity_manager | 5.0 |
| debian | debian_linux | 8.0 |
| apache | tomcat | 8.5.0 |
| apache | tomcat | 7.0.22 |
| apache | tomcat | 8.0.5 |
| apache | tomcat | 7.0.23 |
| apache | tomcat | 7.0.47 |
| apache | tomcat | 7.0.39 |
| apache | tomcat | 7.0.59 |
| apache | tomcat | 7.0.19 |
| apache | tomcat | 8.0.33 |
| apache | tomcat | 8.0.14 |
| apache | tomcat | 7.0.0 |
| apache | tomcat | 7.0.54 |
| apache | tomcat | 8.0.8 |
| apache | tomcat | 8.0.26 |
| apache | tomcat | 7.0.16 |
| apache | tomcat | 7.0.26 |
| hp | icewall_sso_agent_option | 10.0 |
| apache | tomcat | 7.0.12 |
| apache | tomcat | 8.0.3 |
| apache | tomcat | 8.0.35 |
| apache | tomcat | 7.0.11 |
| apache | tomcat | 7.0.25 |
| apache | tomcat | 8.0.20 |
| apache | tomcat | 8.0.27 |
| apache | tomcat | 7.0.27 |
| apache | tomcat | 8.0.15 |
| apache | tomcat | 7.0.33 |
| apache | tomcat | 7.0.35 |
| apache | tomcat | 8.0.1 |
| apache | tomcat | 7.0.67 |
| apache | tomcat | 9.0.0 |
| apache | tomcat | 7.0.29 |
| apache | tomcat | 7.0.41 |
| apache | tomcat | 8.0.32 |
| apache | tomcat | 7.0.63 |
| apache | tomcat | 7.0.28 |
| apache | tomcat | 7.0.6 |
| apache | tomcat | 8.0.12 |
| apache | tomcat | 7.0.32 |
| apache | tomcat | 8.0.23 |
| apache | tomcat | 7.0.50 |
| apache | tomcat | 7.0.62 |
| canonical | ubuntu_linux | 16.04 |
| apache | tomcat | 8.5.2 |
| apache | tomcat | 7.0.53 |
| apache | tomcat | 7.0.1 |
| apache | tomcat | 7.0.55 |
| apache | tomcat | 8.0.29 |
| apache | tomcat | 8.0.28 |
| apache | tomcat | 8.0.0 |
| apache | tomcat | 7.0.61 |
| apache | tomcat | 7.0.64 |
| apache | tomcat | 7.0.5 |
| apache | tomcat | 7.0.65 |
| apache | tomcat | 8.0.21 |
| apache | tomcat | 8.0.22 |
| apache | tomcat | 8.0.24 |
| apache | tomcat | 8.0.18 |
| apache | tomcat | 8.0.17 |
| apache | tomcat | 7.0.8 |
| apache | tomcat | 8.0.30 |
| apache | tomcat | 7.0.10 |
| apache | tomcat | 7.0.68 |
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-674,CWE-674,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 15.10 |
| oracle | vm_server | 3.4 |
| redhat | enterprise_linux_eus | 7.2 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_eus | 7.6 |
| hp | icewall_file_manager | 3.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 16.04 |
| debian | debian_linux | 8.0 |
| oracle | vm_server | 3.3 |
| xmlsoft | libxml2 | * |
| opensuse | leap | 42.1 |
| redhat | enterprise_linux_eus | 7.7 |
| redhat | enterprise_linux_eus | 7.5 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | solaris | 11.3 |
| redhat | enterprise_linux_server_aus | 7.2 |
| redhat | jboss_core_services | - |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | icewall_federation_agent | 3.0 |
| redhat | enterprise_linux_eus | 7.4 |
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xmlsoft | libxml2 | 2.9.3 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.10 |
| opensuse | leap | 42.1 |
| hp | icewall_file_manager | 3.0 |
| hp | icewall_federation_agent | 3.0 |
| canonical | ubuntu_linux | 16.04 |
| debian | debian_linux | 8.0 |
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | openstack | 7.0 |
| citrix | xenserver | * |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 15.10 |
| redhat | enterprise_linux_server_tus | 7.6 |
| oracle | vm_server | 3.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | virtualization | 3.0 |
| redhat | enterprise_linux_server_tus | 7.2 |
| redhat | enterprise_linux_server_eus | 7.3 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| qemu | qemu | 2.6.0 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| redhat | openstack | 8 |
| redhat | enterprise_linux_server_eus | 7.7 |
| oracle | linux | 6 |
| canonical | ubuntu_linux | 16.04 |
| debian | debian_linux | 8.0 |
| redhat | openstack | 5.0 |
| hp | helion_openstack | 2.1.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| hp | helion_openstack | 2.1.4 |
| oracle | vm_server | 3.3 |
| hp | helion_openstack | 2.1.2 |
| redhat | enterprise_linux_server_eus | 7.2 |
| redhat | enterprise_linux_server_tus | 7.3 |
| oracle | linux | 5 |
| redhat | enterprise_linux_server_tus | 7.7 |
| oracle | vm_server | 3.2 |
| redhat | enterprise_linux_desktop | 7.0 |
| hp | helion_openstack | 2.0.0 |
| redhat | enterprise_linux_server_aus | 7.2 |
| redhat | enterprise_linux_server_eus | 7.5 |
| qemu | qemu | * |
| redhat | openstack | 6.0 |
| oracle | linux | 7 |
| redhat | enterprise_linux_workstation | 7.0 |
HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2028.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | * |
| hp | systems_insight_manager | * |
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allows remote attackers to execute arbitrary code via a long -server_name value, aka ZDI-CAN-3516.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.52 |
| hp | performance_center | 12.00 |
| hp | loadrunner | 12.50 |
| hp | performance_center | 12.20 |
| hp | performance_center | 12.01 |
| hp | loadrunner | 12.01 |
| hp | performance_center | 12.50 |
| hp | loadrunner | 12.02 |
| hp | loadrunner | 12.00 |
| hp | performance_center | 11.52 |
web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.52 |
| hp | performance_center | 12.00 |
| hp | loadrunner | 12.50 |
| hp | performance_center | 12.20 |
| hp | performance_center | 12.01 |
| hp | loadrunner | 12.01 |
| hp | performance_center | 12.50 |
| hp | loadrunner | 12.02 |
| hp | loadrunner | 12.00 |
| hp | performance_center | 11.52 |
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers to cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | 11.52 |
| hp | performance_center | 12.00 |
| hp | loadrunner | 12.50 |
| hp | performance_center | 12.20 |
| hp | performance_center | 12.01 |
| hp | loadrunner | 12.01 |
| hp | performance_center | 12.50 |
| hp | loadrunner | 12.02 |
| hp | loadrunner | 12.00 |
| hp | performance_center | 11.52 |
HPE Insight Control server deployment allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_server_deployment | - |
HPE Insight Control server deployment allows remote attackers to modify data via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_server_deployment | - |
HPE Insight Control server deployment allows local users to gain privileges via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_server_deployment | - |
HPE Insight Control server deployment allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control_server_deployment | - |
HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | * |
The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_cmbd_foundation | 10.20 |
| hp | universal_cmbd_foundation | 10.0 |
| hp | universal_cmbd_foundation | 10.01 |
| hp | universal_cmbd_foundation | 10.10 |
| hp | universal_cmbd_foundation | 10.11 |
| hp | universal_cmbd_foundation | 10.21 |
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_discovery | 10.01 |
| hp | universal_discovery | 10.10 |
| hp | universal_cmbd_configuration_manager | 10.11 |
| hp | universal_discovery | 10.20 |
| hp | universal_discovery | 10.11 |
| hp | universal_cmbd_foundation | 10.01 |
| hp | universal_cmbd_foundation | 10.11 |
| hp | universal_cmbd_configuration_manager | 10.01 |
| hp | universal_cmbd_foundation | 10.21 |
| hp | universal_cmbd_foundation | 10.20 |
| hp | universal_cmbd_foundation | 10.0 |
| hp | universal_cmbd_configuration_manager | 10.0 |
| hp | universal_cmbd_configuration_manager | 10.10 |
| hp | universal_discovery | 10.0 |
| hp | universal_cmbd_foundation | 10.10 |
| hp | universal_cmbd_configuration_manager | 10.21 |
| hp | universal_cmbd_configuration_manager | 10.20 |
| hp | universal_discovery | 10.21 |
HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | discovery_and_dependency_mapping_inventory | 9.31 |
| hp | discovery_and_dependency_mapping_inventory | 9.30 |
| hp | discovery_and_dependency_mapping_inventory | 9.32 |
HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_manager | 9.31 |
| hp | service_manager_mobility | 9.33 |
| hp | service_manager_server | 9.41 |
| hp | service_manager_web_client | 9.34 |
| hp | service_manager | 9.41 |
| hp | service_manager_web_client | 9.33 |
| hp | service_manager_service_request_catalog | 9.35 |
| hp | service_manager_mobility | 9.41 |
| hp | service_manager | 9.32 |
| hp | service_manager_mobility | 9.40 |
| hp | service_manager_mobility | 9.34 |
| hp | service_manager_windows_client | 9.41 |
| hp | service_manager | 9.40 |
| hp | service_manager_windows_client | 9.34 |
| hp | service_manager_web_client | 9.41 |
| hp | service_manager_windows_client | 9.40 |
| hp | service_manager_service_request_catalog | 9.31 |
| hp | service_manager_web_client | 9.30 |
| hp | service_manager | 9.34 |
| hp | service_manager_windows_client | 9.35 |
| hp | service_manager_server | 9.33 |
| hp | service_manager_windows_client | 9.30 |
| hp | service_manager_service_request_catalog | 9.40 |
| hp | service_manager_windows_client | 9.33 |
| hp | service_manager_mobility | 9.31 |
| hp | service_manager_windows_client | 9.32 |
| hp | service_manager_mobility | 9.32 |
| hp | service_manager_mobility | 9.35 |
| hp | service_manager_windows_client | 9.31 |
| hp | service_manager_service_request_catalog | 9.30 |
| hp | service_manager_server | 9.32 |
| hp | service_manager_server | 9.40 |
| hp | service_manager_service_request_catalog | 9.34 |
| hp | service_manager_web_client | 9.35 |
| hp | service_manager | 9.30 |
| hp | service_manager_server | 9.35 |
| hp | service_manager_server | 9.31 |
| hp | service_manager_service_request_catalog | 9.32 |
| hp | service_manager_server | 9.30 |
| hp | service_manager_service_request_catalog | 9.41 |
| hp | service_manager | 9.35 |
| hp | service_manager_service_request_catalog | 9.33 |
| hp | service_manager_mobility | 9.30 |
| hp | service_manager_server | 9.34 |
| hp | service_manager_web_client | 9.32 |
| hp | service_manager | 9.33 |
| hp | service_manager_web_client | 9.40 |
| hp | service_manager_web_client | 9.31 |
HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM before 7.2 E0401P04, iMC NTA before 7.2 E0401P01, iMC BIMS before 7.2 E0402P02, and iMC UAM_TAM before 7.2 E0405P05 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center_application_performance_manager | * |
| hp | intelligent_management_center_network_traffic_analyzer | * |
| hp | intelligent_management_center_user_access_management | * |
| hp | intelligent_management_center_endpoint_admission_defense | * |
| hp | intelligent_management_center_platform | * |
| hp | intelligent_management_center_branch_intelligent_management_system | * |
The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_manager | 9.20.0 |
| hp | operations_manager | * |
HPE Release Control (RC) 9.13, 9.20, and 9.21 before 9.21.0005 p4 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and consequently obtain sensitive information or cause a denial of service, via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-918,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | release_control | 9.21 |
| hp | release_control | 9.20 |
| hp | release_control | 9.13 |
Multiple unspecified vulnerabilities in HPE Integrated Lights-Out 3 (aka iLO 3) firmware before 1.88, Integrated Lights-Out 4 (aka iLO 4) firmware before 2.44, and Integrated Lights-Out 4 (aka iLO 4) mRCA firmware before 2.32 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_mrca_firmware | 2.31 |
| hp | integrated_lights-out_3_firmware | 1.87 |
| hp | integrated_lights-out_4_firmware | 2.43 |
HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy Planning Tool before 3.3, SAP Sizing Tool before 16.12.1, Sizing Tool for SAP Business Suite powered by HANA before 16.11.1, Sizer for ConvergedSystems Virtualization before 16.7.1, Sizer for Microsoft Exchange Server before 16.12.1, Sizer for Microsoft Lync Server 2013 before 16.12.1, Sizer for Microsoft SharePoint 2013 before 16.13.1, Sizer for Microsoft SharePoint 2010 before 16.11.1, and Sizer for Microsoft Skype for Business Server 2015 before 16.5.1 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sizer_for_microsoft_exchange_server_2013 | * |
| hp | sizer_for_microsoft_exchange_server_2016 | * |
| hp | sizer_for_microsoft_skype_for_business_server_2015 | * |
| hp | storage_sizing_tool | * |
| hp | insight_management_sizer | * |
| hp | sizer_for_microsoft_sharepoint_2010 | * |
| hp | power_advisor | * |
| hp | sizer_for_microsoft_exchange_server_2010 | * |
| hp | synergy_planning_tool | * |
| hp | sizer_for_converged_systems_virtualization | * |
| hp | sap_sizing_tool | * |
| hp | sizer_for_microsoft_lync_server_2013 | * |
| hp | sizer_for_microsoft_sharepoint_2013 | * |
| hp | converged_infrastructure_solution_sizer_suite | * |
| hp | sizing_tool_for_sap_business_suite_powered_by_hana | * |
The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp_9000_command_view | * |
| hp | xp7_command_view | * |
The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_3_firmware | * |
Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_manager | * |
HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x before 8.4.1-02, when Replication Manager (RepMgr) and Device Manager (DevMgr) are enabled, allows local users to bypass intended access restrictions via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp7_command_view | * |
HPE Performance Center 11.52, 12.00, 12.01, 12.20, and 12.50 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to a "remote user validation failure" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | performance_center | 12.00 |
| hp | performance_center | 12.20 |
| hp | performance_center | 12.01 |
| hp | performance_center | 12.50 |
| hp | performance_center | 11.52 |
The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | helion_openstack_glance | - |
HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | * |
| hp | performance_center | * |
The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 9.22.02 |
| hp | network_automation | 10.10 |
| hp | network_automation | 10.00.02 |
| hp | network_automation | 9.10 |
| hp | network_automation | 9.20 |
| hp | network_automation | 9.22.01 |
| hp | network_automation | 10.00 |
| hp | network_automation | 9.22 |
| hp | network_automation | 10.11 |
| hp | network_automation | 10.00.01 |
HPE Network Automation Software 10.10 allows local users to write to arbitrary files via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 10.10 |
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4388, CVE-2016-4389, and CVE-2016-4390.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | 10.21.0.0 |
| hp | keyview | 10.23.0.0 |
| hp | keyview | 10.19.0.0 |
| hp | keyview | 10.24.0.0 |
| hp | keyview | 10.18.0.0 |
| hp | keyview | 10.22.0.0 |
| hp | keyview | 10.20.0.0 |
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4389, and CVE-2016-4390.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | 10.21.0.0 |
| hp | keyview | 10.23.0.0 |
| hp | keyview | 10.19.0.0 |
| hp | keyview | 10.24.0.0 |
| hp | keyview | 10.18.0.0 |
| hp | keyview | 10.22.0.0 |
| hp | keyview | 10.20.0.0 |
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-4390.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | 10.21.0.0 |
| hp | keyview | 10.23.0.0 |
| hp | keyview | 10.19.0.0 |
| hp | keyview | 10.24.0.0 |
| hp | keyview | 10.18.0.0 |
| hp | keyview | 10.22.0.0 |
| hp | keyview | 10.20.0.0 |
The Filter SDK in HPE KeyView 10.18 through 10.24 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4387, CVE-2016-4388, and CVE-2016-4389.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | 10.21.0.0 |
| hp | keyview | 10.23.0.0 |
| hp | keyview | 10.19.0.0 |
| hp | keyview | 10.24.0.0 |
| hp | keyview | 10.18.0.0 |
| hp | keyview | 10.22.0.0 |
| hp | keyview | 10.20.0.0 |
A remote code execution security vulnerability has been identified in all versions of the HP ArcSight WINC Connector prior to v7.3.0.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_winc_connector | * |
A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 - v9.25IP1.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | business_service_management | 9.10 |
| hp | business_service_management | * |
| hp | business_service_management | 9.25 |
HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
A local code execution security vulnerability was identified in HP Network Node Manager i (NNMi) v10.00, v10.10 and v10.20 Software.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 10.20 |
| hp | network_node_manager_i | 10.10 |
| hp | network_node_manager_i | 10.00 |
A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10 using Java Deserialization.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 10.01 |
| hp | network_node_manager_i | 10.10 |
| hp | network_node_manager_i | 10.00 |
A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10. The vulnerability could result in cross-site scripting (XSS).
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 10.01 |
| hp | network_node_manager_i | 10.10 |
| hp | network_node_manager_i | 10.00 |
A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10. The vulnerability could result in cross-site scripting (XSS).
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 10.01 |
| hp | network_node_manager_i | 10.10 |
| hp | network_node_manager_i | 10.00 |
A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via memory corruption.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via a memory allocation issue.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | keyview | * |
A remote code execution vulnerability was identified in HP Business Service Management (BSM) using Apache Commons Collection Java Deserialization versions v9.20-v9.26
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | business_service_management | * |
A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | integrated_lights-out_3_firmware | * |
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mcafee | web_gateway | * |
| apple | itunes | 12.4.1 |
| canonical | ubuntu_linux | 14.04 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 15.10 |
| oracle | vm_server | 3.4 |
| oracle | vm_server | 3.3 |
| apple | mac_os_x | * |
| xmlsoft | libxml2 | * |
| apple | watchos | * |
| canonical | ubuntu_linux | 12.04 |
| apple | tvos | * |
| apple | iphone_os | * |
| hp | icewall_federation_agent | 3.0 |
| canonical | ubuntu_linux | 16.04 |
| debian | debian_linux | 8.0 |
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-134,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| oracle | vm_server | 3.4 |
| apple | icloud | * |
| redhat | enterprise_linux_server_eus | 7.4 |
| apple | watchos | * |
| redhat | enterprise_linux_server_tus | 7.2 |
| redhat | enterprise_linux_server_eus | 7.3 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| apple | itunes | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| slackware | slackware_linux | 14.1 |
| redhat | enterprise_linux_server | 6.0 |
| tenable | log_correlation_engine | 4.8.0 |
| apple | tvos | * |
| slackware | slackware_linux | 14.0 |
| redhat | enterprise_linux_server_eus | 7.7 |
| oracle | linux | 6 |
| mcafee | web_gateway | * |
| redhat | enterprise_linux_server_aus | 7.3 |
| oracle | vm_server | 3.3 |
| apple | mac_os_x | * |
| xmlsoft | libxml2 | * |
| redhat | enterprise_linux_server_eus | 7.2 |
| redhat | enterprise_linux_server_tus | 7.3 |
| redhat | enterprise_linux_server_tus | 7.7 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.2 |
| redhat | enterprise_linux_server_eus | 7.5 |
| oracle | linux | 7 |
| redhat | enterprise_linux_workstation | 7.0 |
| apple | iphone_os | * |
| hp | icewall_federation_agent | 3.0 |
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| php | php | 5.6.12 |
| php | php | 5.6.13 |
| hp | system_management_homepage | * |
| php | php | 5.6.15 |
| php | php | 7.0.0 |
| php | php | 7.0.1 |
| fedoraproject | fedora | 24 |
| php | php | 7.0.3 |
| php | php | 5.6.1 |
| php | php | 5.6.6 |
| php | php | 5.6.17 |
| php | php | 5.6.4 |
| php | php | 5.6.19 |
| php | php | * |
| php | php | 5.6.5 |
| php | php | 7.0.4 |
| php | php | 5.6.10 |
| php | php | 7.0.5 |
| php | php | 5.6.11 |
| php | php | 5.6.9 |
| php | php | 5.6.7 |
| php | php | 5.6.14 |
| php | php | 5.6.16 |
| php | php | 7.0.2 |
| opensuse | leap | 42.1 |
| php | php | 5.6.18 |
| php | php | 5.6.2 |
| php | php | 5.6.8 |
| php | php | 5.6.3 |
| php | php | 5.6.20 |
| php | php | 5.6.0 |
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| drupal | drupal | * |
| oracle | communications_user_data_repository | 10.0.1 |
| hp | system_management_homepage | * |
| redhat | enterprise_linux_desktop | 6.0 |
| fedoraproject | fedora | 24 |
| fedoraproject | fedora | 23 |
| opensuse | leap | 42.1 |
| oracle | communications_user_data_repository | 10.0.0 |
| oracle | communications_user_data_repository | 12.0.0 |
| oracle | enterprise_manager_ops_center | 12.3.2 |
| redhat | enterprise_linux_workstation | 6.0 |
| hp | storeever_msl6480_tape_library_firmware | * |
| redhat | enterprise_linux_server | 6.0 |
| oracle | enterprise_manager_ops_center | 12.2.2 |
| oracle | linux | 7 |
| php | php | * |
| oracle | linux | 6 |
| debian | debian_linux | 8.0 |
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| apache | http_server | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| canonical | ubuntu_linux | 14.04 |
| redhat | jboss_enterprise_web_server | 2.0.0 |
| redhat | jboss_core_services | 1.0 |
| hp | system_management_homepage | * |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 15.10 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.2 |
| fedoraproject | fedora | 24 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.2 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | communications_user_data_repository | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| oracle | enterprise_manager_ops_center | 12.2.2 |
| redhat | jboss_enterprise_web_server | 3.0.0 |
| oracle | linux | 6 |
| canonical | ubuntu_linux | 16.04 |
| debian | debian_linux | 8.0 |
| redhat | jboss_web_server | 2.1.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 23 |
| redhat | enterprise_linux_server_tus | 7.3 |
| oracle | linux | 5 |
| opensuse | leap | 42.1 |
| redhat | enterprise_linux_eus | 7.7 |
| oracle | enterprise_manager_ops_center | 12.3.2 |
| redhat | enterprise_linux_server_tus | 7.7 |
| redhat | enterprise_linux_eus | 7.5 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | solaris | 11.3 |
| redhat | enterprise_linux_server_aus | 7.2 |
| oracle | linux | 7 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_eus | 7.4 |
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_server | 7.0 |
| hp | system_management_homepage | * |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_hpc_node | 6.0 |
| redhat | enterprise_linux_server_eus | 7.2 |
| redhat | enterprise_linux_hpc_node | 7.0 |
| redhat | enterprise_linux_server_tus | 7.2 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_aus | 7.2 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_hpc_node_eus | 7.2 |
| apache | tomcat | * |
| oracle | linux | 7 |
| redhat | enterprise_linux_workstation | 7.0 |
| oracle | linux | 6 |
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openssl | openssl | 1.0.1t |
| canonical | ubuntu_linux | 14.04 |
| openssl | openssl | 1.0.1c |
| openssl | openssl | 1.0.1s |
| openssl | openssl | 1.0.1b |
| openssl | openssl | 1.0.1k |
| openssl | openssl | 1.0.1g |
| novell | suse_linux_enterprise_module_for_web_scripting | 12.0 |
| openssl | openssl | 1.0.1p |
| openssl | openssl | 1.0.2f |
| openssl | openssl | 1.0.1l |
| canonical | ubuntu_linux | 12.04 |
| openssl | openssl | 1.0.1a |
| openssl | openssl | 1.0.1i |
| openssl | openssl | 1.0.1f |
| canonical | ubuntu_linux | 16.04 |
| openssl | openssl | 1.0.1j |
| debian | debian_linux | 8.0 |
| hp | icewall_sso | 10.0 |
| openssl | openssl | 1.0.1m |
| openssl | openssl | 1.0.2a |
| openssl | openssl | 1.0.1r |
| openssl | openssl | 1.0.2d |
| openssl | openssl | 1.0.1d |
| openssl | openssl | 1.0.1 |
| openssl | openssl | 1.0.2h |
| openssl | openssl | 1.0.1e |
| nodejs | node.js | * |
| openssl | openssl | 1.0.2 |
| openssl | openssl | 1.0.1q |
| openssl | openssl | 1.0.1n |
| openssl | openssl | 1.0.1h |
| openssl | openssl | 1.0.1o |
| hp | icewall_mcrp | 3.0 |
| openssl | openssl | 1.0.2c |
| hp | icewall_federation_agent | 3.0 |
| openssl | openssl | 1.0.2b |
| hp | icewall_sso_agent_option | 10.0 |
| openssl | openssl | 1.0.2e |
A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lenovo | converged_hx7510_appliance | 5.05 |
| hp | ethernet_10gb_2-port_562sfp+ | * |
| lenovo | nextscale_nx360_m5 | 5.05 |
| lenovo | thinkserver_rd450 | 5.05 |
| lenovo | system_x3250_m5 | 5.05 |
| lenovo | system_x3500_m5 | 5.05 |
| lenovo | system_x3850_x6 | 5.05 |
| intel | ethernet_controller_x710_firmware | * |
| lenovo | system_x3550_m5 | 5.05 |
| lenovo | converged_hx5500_appliance | 5.05 |
| lenovo | thinkserver_td350 | 5.05 |
| hp | ethernet_10gb_2-port_562flr-sfp+ | * |
| hp | ethernet_10gb_4-port_563sfp+ | * |
| lenovo | thinkagile_cx4200 | 5.05 |
| lenovo | thinkserver_rd650 | 5.05 |
| lenovo | thinkagile_cx2200 | 5.05 |
| lenovo | system_x3750_m4 | 5.05 |
| lenovo | thinkagile_cx4600 | 5.05 |
| lenovo | thinkserver_sd350 | 5.05 |
| lenovo | thinkserver_rd350 | 5.05 |
| lenovo | converged_hx_series | 5.05 |
| intel | ethernet_controller_xl710_firmware | * |
| hp | proliant_xl260a_g9_server | * |
| lenovo | system_x3650_m5 | 5.05 |
| lenovo | converged_hx7500_appliance | 5.05 |
| lenovo | thinkserver_rd550 | 5.05 |
| lenovo | system_x3950_x6 | 5.05 |
| lenovo | converged_hx5510_appliance | 5.05 |
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 9.22.02 |
| hp | network_automation | 10.00.02 |
| hp | network_automation | 9.20 |
| hp | network_automation | 9.22 |
| hp | network_automation | 10.11 |
| hp | network_automation | 10.10 |
| hp | network_automation | 10.11.01 |
| hp | network_automation | 9.10 |
| hp | network_automation | 9.22.01 |
| hp | network_automation | 10.00 |
| hp | network_automation | 10.20 |
| hp | network_automation | 10.00.01 |
A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | performance_center | - |
| hp | loadrunner | - |
A Cross-Site Request Forgery (CSRF) vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | version_control_repository_manager | * |
A remote information disclosure in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | version_control_repository_manager | * |
A remote malicious file upload vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-434,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | version_control_repository_manager | * |
A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | * |
A cross site scripting vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | * |
A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | * |
A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_orchestration | * |
A Remote click jacking vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | diagnostics | 9.26 |
| hp | diagnostics | 9.24 |
A cross-site scripting vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | diagnostics | 9.26 |
| hp | diagnostics | 9.24 |
A Remote Arbitrary Code Execution vulnerability in HPE Smart Storage Administrator version before v2.60.18.0 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | smart_storage_administrator | * |
A Remote Disclosure of Information vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
| hp | intelligent_management_center | * |
Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities (XXE). XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the contents of XML files, XXE can be used as an attack vector. Because the XML parser has access to the local filesystem and runs with the permissions of the web server, it can access any file that is readable by the web server and copy it to an external system of the attacker's choosing. This could include files that contain passwords, which could then lead to privilege escalation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-611,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | airwave | * |
Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to a reflected cross-site scripting (XSS). The vulnerability is present in the VisualRF component of AirWave. By exploiting this vulnerability, an attacker who can trick a logged-in AirWave administrative user into clicking a link could obtain sensitive information, such as session cookies or passwords. The vulnerability requires that an administrative users click on the malicious link while currently logged into AirWave in the same browser.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | airwave | * |
A Remote Arbitrary Command Execution vulnerability in HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS version v12.5 and earlier was found. The problem was resolved in LeftHand OS v12.6 or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | lefthand | * |
A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
| hp | intelligent_management_center | * |
A remote information disclosure vulnerability in HPE Matrix Operating Environment version 7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A cross site scripting vulnerability in HPE Matrix Operating Environment version 7.6 was found.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A remote priviledge escalation vulnerability in HPE Matrix Operating Environment version 7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A remote privilege elevation vulnerability in HPE Matrix Operating Environment version 7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A remote HTTP parameter Pollution vulnerability in HPE Matrix Operating Environment version 7.6 was found.
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-674,CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| xmlsoft | libxml2 | 2.9.3 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.10 |
| opensuse | leap | 42.1 |
| hp | icewall_file_manager | 3.0 |
| hp | icewall_federation_agent | 3.0 |
| canonical | ubuntu_linux | 16.04 |
| debian | debian_linux | 8.0 |
In HPE Storage Essentials 9.5.0.142, there is Unauthenticated Java Deserialization with remote code execution via OS commands in a request to invoker/JMXInvokerServlet, aka PSRT110461.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storage_essentials | 9.5.0.142 |
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-300,CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.5 |
| hp | cifs_server | b.04.05.11.00 |
| redhat | enterprise_linux_workstation | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux | 7.0 |
| samba | samba | * |
| debian | debian_linux | 8.0 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | moonshot_remote_console_administrator | * |
| hp | integrated_lights-out_3_firmware | * |
| hp | integrated_lights-out_2_firmware | * |
A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
A local buffer overflow vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
A local security misconfiguration vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT iMC Plat 7.3 E0504P2 and earlier was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote arbitrary file download and disclosure of information vulnerability in HPE Intelligent Management Center (iMC) Service Operation Management (SOM) version IMC SOM 7.3 E0501 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT version Plat 7.3 E0504P4 and earlier was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-824,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,CWE-434,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | bsm_platform_application_performance_management_system_health | 9.40 |
| hp | bsm_platform_application_performance_management_system_health | 9.30 |
| hp | bsm_platform_application_performance_management_system_health | 9.26 |
An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to bypass authentication.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | bsm_platform_application_performance_management_system_health | 9.40 |
| hp | bsm_platform_application_performance_management_system_health | 9.30 |
| hp | bsm_platform_application_performance_management_system_health | 9.26 |
An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to delete arbitrary files via servlet directory traversal.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | bsm_platform_application_performance_management_system_health | 9.40 |
| hp | bsm_platform_application_performance_management_system_health | 9.30 |
| hp | bsm_platform_application_performance_management_system_health | 9.26 |
An authentication vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows remote users to traverse directory leading to disclosure of information.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | bsm_platform_application_performance_management_system_health | 9.40 |
| hp | bsm_platform_application_performance_management_system_health | 9.30 |
| hp | bsm_platform_application_performance_management_system_health | 9.26 |
A reflected Cross-Site Scripting(XSS) vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows for unintended information when a specific URL is sent to the system.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_enterprise_security_manager_express | 6.9.1c |
| hp | arcsight_enterprise_security_manager_express | 6.0c |
| hp | arcsight_enterprise_security_manager_express | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.9.0 |
| hp | arcsight_enterprise_security_manager_express | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.0c |
| hp | arcsight_enterprise_security_manager | 6.8 |
| hp | arcsight_enterprise_security_manager_express | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8 |
| hp | arcsight_enterprise_security_manager | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.9.1c |
An insufficient access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows an unauthorized user to download log files.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_enterprise_security_manager_express | 6.9.1c |
| hp | arcsight_enterprise_security_manager_express | 6.0c |
| hp | arcsight_enterprise_security_manager_express | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.9.0 |
| hp | arcsight_enterprise_security_manager_express | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.0c |
| hp | arcsight_enterprise_security_manager | 6.8 |
| hp | arcsight_enterprise_security_manager_express | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8 |
| hp | arcsight_enterprise_security_manager | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.9.1c |
An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to alter the maximum size of storage groups and enable/disable the setting for the 'follow schedule' function.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_enterprise_security_manager_express | 6.9.1c |
| hp | arcsight_enterprise_security_manager_express | 6.0c |
| hp | arcsight_enterprise_security_manager_express | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.9.0 |
| hp | arcsight_enterprise_security_manager_express | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.0c |
| hp | arcsight_enterprise_security_manager | 6.8 |
| hp | arcsight_enterprise_security_manager_express | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8 |
| hp | arcsight_enterprise_security_manager | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.9.1c |
An improper access control vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows unauthorized users to retrieve or modify storage information.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_enterprise_security_manager_express | 6.9.1c |
| hp | arcsight_enterprise_security_manager_express | 6.0c |
| hp | arcsight_enterprise_security_manager_express | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.9.0 |
| hp | arcsight_enterprise_security_manager_express | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.0c |
| hp | arcsight_enterprise_security_manager | 6.8 |
| hp | arcsight_enterprise_security_manager_express | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8 |
| hp | arcsight_enterprise_security_manager | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.9.1c |
An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of Apache Tomcat application server version.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_enterprise_security_manager_express | 6.9.1c |
| hp | arcsight_enterprise_security_manager_express | 6.0c |
| hp | arcsight_enterprise_security_manager_express | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.9.0 |
| hp | arcsight_enterprise_security_manager_express | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.0c |
| hp | arcsight_enterprise_security_manager | 6.8 |
| hp | arcsight_enterprise_security_manager_express | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8 |
| hp | arcsight_enterprise_security_manager | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.9.1c |
An information leakage vulnerability in ArcSight ESM and ArcSight ESM Express, any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1, allows disclosure of product license features.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_enterprise_security_manager_express | 6.9.1c |
| hp | arcsight_enterprise_security_manager_express | 6.0c |
| hp | arcsight_enterprise_security_manager_express | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.9.0 |
| hp | arcsight_enterprise_security_manager_express | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.0c |
| hp | arcsight_enterprise_security_manager | 6.8 |
| hp | arcsight_enterprise_security_manager_express | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8 |
| hp | arcsight_enterprise_security_manager | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.9.1c |
An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read-only accounts to view all SiteScope interfaces and monitors, potentially exposing sensitive data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.30.521 |
| hp | sitescope | 11.22 |
| hp | sitescope | 11.24 |
| hp | sitescope | 11.33 |
| hp | sitescope | 11.23 |
| hp | sitescope | 11.30 |
| hp | sitescope | 11.31 |
| hp | sitescope | 11.20 |
| hp | sitescope | 11.32 |
| hp | sitescope | 11.21 |
| hp | sitescope | 11.24.391 |
A potential security vulnerability has been identified in HPE Application Performance Management (BSM) Platform versions 9.26, 9.30, 9.40. The vulnerability could be remotely exploited to allow code execution.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-306,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | application_performance_management | 9.30 |
| hp | application_performance_management | 9.26 |
| hp | application_performance_management | 9.40 |
A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. These vulnerabilities could be remotely exploited to allow code execution.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ucmdb_configuration_manager | 10.10 |
| hp | ucmdb_configuration_manager | 10.23 |
| hp | ucmdb_configuration_manager | 10.11 |
| hp | ucmdb_configuration_manager | 10.20 |
| hp | ucmdb_configuration_manager | 10.22 |
| hp | ucmdb_configuration_manager | 10.21 |
A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. These vulnerabilities could be remotely exploited to allow cross-site scripting.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ucmdb_configuration_manager | 10.10 |
| hp | ucmdb_configuration_manager | 10.23 |
| hp | ucmdb_configuration_manager | 10.11 |
| hp | ucmdb_configuration_manager | 10.20 |
| hp | ucmdb_configuration_manager | 10.22 |
| hp | ucmdb_configuration_manager | 10.21 |
A remote code execution vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33, could be remotely exploited to allow code execution.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ucmdb_foundation_software | 10.30 |
| hp | ucmdb_foundation_software | 10.32 |
| hp | ucmdb_foundation_software | 10.33 |
| hp | ucmdb_foundation_software | 10.22 |
| hp | ucmdb_foundation_software | 10.20 |
| hp | ucmdb_foundation_software | 10.21 |
| hp | ucmdb_foundation_software | 10.31 |
| hp | ucmdb_foundation_software | 10.10 |
| hp | ucmdb_foundation_software | 10.11 |
A remote cross-site scripting vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33 could be remotely exploited to allow cross-site scripting.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ucmdb_foundation_software | 10.30 |
| hp | ucmdb_foundation_software | 10.32 |
| hp | ucmdb_foundation_software | 10.33 |
| hp | ucmdb_foundation_software | 10.22 |
| hp | ucmdb_foundation_software | 10.20 |
| hp | ucmdb_foundation_software | 10.21 |
| hp | ucmdb_foundation_software | 10.31 |
| hp | ucmdb_foundation_software | 10.10 |
| hp | ucmdb_foundation_software | 10.11 |
An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQL injection.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_enterprise_security_manager_express | 6.9.1c |
| hp | arcsight_enterprise_security_manager_express | 6.0c |
| hp | arcsight_enterprise_security_manager_express | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.0c |
| hp | arcsight_enterprise_security_manager | 6.8 |
| hp | arcsight_enterprise_security_manager_express | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8 |
| hp | arcsight_enterprise_security_manager | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.5c |
| hp | arcsight_enterprise_security_manager_express | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.9.1c |
A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow Reflected and Stored Cross-Site Scripting (XSS)
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_enterprise_security_manager_express | 6.9.1c |
| hp | arcsight_enterprise_security_manager_express | 6.0c |
| hp | arcsight_enterprise_security_manager_express | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.9.0 |
| hp | arcsight_enterprise_security_manager_express | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.0c |
| hp | arcsight_enterprise_security_manager | 6.8 |
| hp | arcsight_enterprise_security_manager_express | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8 |
| hp | arcsight_enterprise_security_manager | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.5c |
| hp | arcsight_enterprise_security_manager_express | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.9.1c |
A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow URL redirection to untrusted site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_enterprise_security_manager_express | 6.9.1c |
| hp | arcsight_enterprise_security_manager_express | 6.0c |
| hp | arcsight_enterprise_security_manager_express | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.11.0 |
| hp | arcsight_enterprise_security_manager | 6.0c |
| hp | arcsight_enterprise_security_manager | 6.8 |
| hp | arcsight_enterprise_security_manager_express | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.5 |
| hp | arcsight_enterprise_security_manager_express | 6.5c |
| hp | arcsight_enterprise_security_manager | 6.0 |
| hp | arcsight_enterprise_security_manager_express | 6.8 |
| hp | arcsight_enterprise_security_manager | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.5c |
| hp | arcsight_enterprise_security_manager_express | 6.9.0c |
| hp | arcsight_enterprise_security_manager | 6.8c |
| hp | arcsight_enterprise_security_manager | 6.9.1c |
A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | performance_center | 12.20 |
A potential security vulnerability has been identified in HPE Content Manager Workgroup Service v9.00. The vulnerability could be remotely exploited to allow Denial of Service (DoS).
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-400,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | content_manager | 9.0 |
An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is exploitable on VAX and Alpha and may cause a process crash on IA64. Software was affected regardless of whether it was directly shipped by VMS Software, Inc. (VSI), HPE, HP, Compaq, or Digital Equipment Corporation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | openvms | * |
A debug tool in Synaptics TouchPad drivers allows local users with administrative access to obtain sensitive information about keyboard scan codes by modifying registry keys.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | synaptics_touchpad_driver | - |
A potential security vulnerability has been identified with the command line shell of the HP ThinPro operating system 6.1, 5.2.1, 5.2, 5.1, 5.0, and 4.4. The vulnerability could result in a local unauthorized elevation of privilege on an HP thin client device.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | thinpro | 4.4 |
| hp | thinpro | 5.2 |
| hp | thinpro | 5.1 |
| hp | thinpro | 6.1 |
| hp | thinpro | 5.0 |
| hp | thinpro | 5.2.1 |
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmware before 1708D. This vulnerability could potentially be exploited to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | k9z76d_firmware | * |
| hp | d3q21a_firmware | * |
| hp | d3q15a_firmware | * |
| hp | d3q17c_firmware | * |
| hp | j9v82b_firmware | * |
| hp | j9v82d_firmware | * |
| hp | d9l20a_firmware | * |
| hp | d3q20c_firmware | * |
| hp | j9v80a_firmware | * |
| hp | d9l64a_firmware | * |
| hp | t0g70a_firmware | * |
| hp | j6u55a_firmware | * |
| hp | j9v82a_firmware | * |
| hp | k9z76a_firmware | * |
| hp | d3q20b_firmware | * |
| hp | j3p68a_firmware | * |
| hp | d3q19a_firmware | * |
| hp | j9v82c_firmware | * |
| hp | d9l21a_firmware | * |
| hp | d3q21c_firmware | * |
| hp | d3q20a_firmware | * |
| hp | d3q19d_firmware | * |
| hp | j6u55c_firmware | * |
| hp | j6u57b_firmware | * |
| hp | d3q16b_firmware | * |
| hp | d3q17a_firmware | * |
| hp | d3q16d_firmware | * |
| hp | d3q20d_firmware | * |
| hp | d3q15d_firmware | * |
| hp | d3q15b_firmware | * |
| hp | d9l63a_firmware | * |
| hp | j6u55b_firmware | * |
| hp | j9v80b_firmware | * |
| hp | j6u55d_firmware | * |
| hp | d3q17d_firmware | * |
| hp | d3q21d_firmware | * |
| hp | d3q16c_firmware | * |
| hp | d3q16a_firmware | * |
A potential security vulnerability has been identified with HP Web Jetadmin before 10.4 SR2. This vulnerability could potentially be exploited to create a denial of service.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | web_jetadmin | * |
| hp | web_jetadmin | 10.4 |
HP has identified a potential security vulnerability with HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS before 2308214_000901, 2308214_000900, and other firmware versions. The vulnerability could be exploited to perform a cross site scripting (XSS) attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ce503a_firmware | * |
| hp | b3g85a_firmware | * |
| hp | g1w47a_firmware | * |
| hp | cc522a_firmware | * |
| hp | a2w75a_firmware | * |
| hp | b5l25a_firmware | * |
| hp | b5l07a_firmware | * |
| hp | f2a76a_firmware | * |
| hp | c2s11a_firmware | * |
| hp | l3u43a_firmware | * |
| hp | ce709a_firmware | * |
| hp | a2w77a_firmware | * |
| hp | a2w79a_firmware | * |
| hp | e6b70a_firmware | * |
| hp | cc421a_firmware | * |
| hp | cf068a_firmware | * |
| hp | cd646a_firmware | * |
| hp | b5l48a_firmware | * |
| hp | cf236a_firmware | * |
| hp | cf083a_firmware | * |
| hp | 2a68a_firmware | * |
| hp | g1w40a_firmware | * |
| hp | cf118a_firmware | * |
| hp | e6b67a_firmware | * |
| hp | ce738a_firmware | * |
| hp | a2w78a_firmware | * |
| hp | 2a71a_firmware | * |
| hp | cf238a_firmware | * |
| hp | f2a77a_firmware | * |
| hp | g1w41a_firmware | * |
| hp | ce993a_firmware | * |
| hp | ce994a_firmware | * |
| hp | a2w76a_firmware | * |
| hp | e6b68a_firmware | * |
| hp | g1w39a_firmware | * |
| hp | cc419a_firmware | * |
| hp | e6b71a_firmware | * |
| hp | ce504a_firmware | * |
| hp | cd645a_firmware | * |
| hp | d3l09a_firmware | * |
| hp | ce990a_firmware | * |
| hp | cf081a_firmware | * |
| hp | g1w46a_firmware | * |
| hp | g1w47v_firmware | * |
| hp | cc420a_firmware | * |
| hp | b5l05a_firmware | * |
| hp | 2a70a_firmware | * |
| hp | e6b69a_firmware | * |
| hp | j7x28a_firmware | * |
| hp | cc524a_firmware | * |
| hp | b5l46a_firmware | * |
| hp | e6b73a_firmware | * |
| hp | l3u44a_firmware | * |
| hp | cf367a_firmware | * |
| hp | b5l24a_firmware | * |
| hp | cf067a_firmware | * |
| hp | cz245a_firmware | * |
| hp | e6b72a_firmware | * |
| hp | l2717a_firmware | * |
| hp | b5l04a_firmware | * |
| hp | cf117a_firmware | * |
| hp | cc523a_firmware | * |
| hp | cf069a_firmware | * |
| hp | d7p71a_firmware | * |
| hp | cf082a_firmware | * |
| hp | g1w46v_firmware | * |
| hp | d7p70a_firmware | * |
| hp | d3l10a_firmware | * |
| hp | cf116a_firmware | * |
| hp | b5l23a_firmware | * |
| hp | b5l26a_firmware | * |
| hp | ce992a_firmware | * |
| hp | 2a69a_firmware | * |
| hp | cf235a_firmware | * |
| hp | d3l08a_firmware | * |
| hp | l3u42a_firmware | * |
| hp | ce991a_firmware | * |
| hp | cf066a_firmware | * |
| hp | c2s12a_firmware | * |
| hp | ce995a_firmware | * |
| hp | cz244a_firmware | * |
| hp | ce989a_firmware | * |
| hp | b5l47a_firmware | * |
| hp | ce996a_firmware | * |
| hp | ce708a_firmware | * |
| hp | f2a81a_firmware | * |
| hp | cd644a_firmware | * |
| hp | ce707a_firmware | * |
The vulnerability allows attacker to extract binaries into protected file system locations in HP Support Assistant before 12.7.26.1.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1. The vulnerabilities could potentially be exploited to allow stored cross-site scripting which could allow a hacker to execute scripts in a user's browser.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetadvantage_security_manager | * |
Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1. The vulnerabilities could potentially be exploited to allow stored cross-site scripting which could allow a hacker to create a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jetadvantage_security_manager | * |
HP has identified a potential security vulnerability before IG_11_00_00.10 for DesignJet T790, T795, T1300, T2300, before MRY_04_05_00.5 for DesignJet T920, T930, T1500, T1530, T2500, T2530, before AENEAS_03_04_00.9 for DesignJet T3500, before NEXUS_01_12_00.11 for Latex 310, 330, 360, 370, before NEXUS_03_12_00.15 for Latex 315, 335, 365, 375, before STORM_00_05_01.6 for Latex 560, 570 and Latex 110 that may expose the credentials of the SMTP server configured to receive and process emails generated by the printers.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | t1500_firmware | * |
| hp | t1530_firmware | * |
| hp | 330_firmware | * |
| hp | t2300_firmware | * |
| hp | 360_firmware | * |
| hp | 315_firmware | * |
| hp | 365_firmware | * |
| hp | t930_firmware | * |
| hp | 375_firmware | * |
| hp | 570_firmware | * |
| hp | 110_firmware | * |
| hp | t1300_firmware | * |
| hp | 560_firmware | * |
| hp | t2530_firmware | * |
| hp | 310_firmware | * |
| hp | t790_firmware | * |
| hp | t920_firmware | * |
| hp | 335_firmware | * |
| hp | t3500_firmware | * |
| hp | 370_firmware | * |
| hp | t795_firmware | * |
| hp | t2500_firmware | * |
A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | isaac_mizrahi_smartwatch | 1.3.7 |
| hp | isaac_mizrahi_smartwatch | 1.2.2016040820 |
| hp | isaac_mizrahi_smartwatch | 1.0.201601214 |
| hp | isaac_mizrahi_smartwatch | 1.3.2016052319 |
| hp | isaac_mizrahi_smartwatch | 1.0.2.10 |
| hp | isaac_mizrahi_smartwatch | 1.2.2.12 |
| hp | isaac_mizrahi_smartwatch | 1.4.2016072601 |
| hp | isaac_mizrahi_smartwatch | 1.4.8 |
Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code in HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP OfficeJet Enterprise printers before 2308937_578479, 2405087_018548, and other firmware versions.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ce503a_firmware | * |
| hp | b3g85a_firmware | * |
| hp | g1w47a_firmware | * |
| hp | j7z10a_firmware | * |
| hp | k0q14a_firmware | * |
| hp | j8a13a_firmware | * |
| hp | a2w75a_firmware | * |
| hp | cz258a_firmware | * |
| hp | j8a04a_firmware | * |
| hp | l3u43a_firmware | * |
| hp | a2w79a_firmware | * |
| hp | e6b70a_firmware | * |
| hp | cc421a_firmware | * |
| hp | cd646a_firmware | * |
| hp | cf236a_firmware | * |
| hp | cf083a_firmware | * |
| hp | k0q19a_firmware | * |
| hp | j7z13a_firmware | * |
| hp | m0p33a_firmware | * |
| hp | g1w40a_firmware | * |
| hp | b3g84a_firmware | * |
| hp | m0p35a_firmware | * |
| hp | j7z98a_firmware | * |
| hp | l3u59a_firmware | * |
| hp | ce738a_firmware | * |
| hp | a2w78a_firmware | * |
| hp | k0q22a_firmware | * |
| hp | l3u52a_firmware | * |
| hp | f2a77a_firmware | * |
| hp | j8j78a_firmware | * |
| hp | g1w41a_firmware | * |
| hp | j7z04a_firmware | * |
| hp | ce993a_firmware | * |
| hp | a2w76a_firmware | * |
| hp | e6b68a_firmware | * |
| hp | j7z09a_firmware | * |
| hp | k0q21a_firmware | * |
| hp | b5l05v_firmware | * |
| hp | cc419a_firmware | * |
| hp | e6b71a_firmware | * |
| hp | ce504a_firmware | * |
| hp | cd645a_firmware | * |
| hp | j8j80a_firmware | * |
| hp | m0p36a_firmware | * |
| hp | cz255a_firmware | * |
| hp | cf081a_firmware | * |
| hp | k0q17a_firmware | * |
| hp | g1w46a_firmware | * |
| hp | b5l04v_firmware | * |
| hp | b5l49a_firmware | * |
| hp | e6b73a_firmware | * |
| hp | j7z06a_firmware | * |
| hp | l1h45a_firmware | * |
| hp | j8j79a_firmware | * |
| hp | f2a69a_firmware | * |
| hp | l3u44a_firmware | * |
| hp | j8j73a_firmware | * |
| hp | cz245a_firmware | * |
| hp | e6b72a_firmware | * |
| hp | cz249a_firmware | * |
| hp | j8j70a_firmware | * |
| hp | f2a71a_firmware | * |
| hp | l2717a_firmware | * |
| hp | f2a70a_firmware | * |
| hp | cf117a_firmware | * |
| hp | cf069a_firmware | * |
| hp | d7p71a_firmware | * |
| hp | m0p40a_firmware | * |
| hp | b5l06v_firmware | * |
| hp | l3u41a_firmware | * |
| hp | cf116a_firmware | * |
| hp | b5l26a_firmware | * |
| hp | j8a10a_firmware | * |
| hp | j8a17a_firmware | * |
| hp | d3l08a_firmware | * |
| hp | l3u42a_firmware | * |
| hp | j8j71a_firmware | * |
| hp | l2762a_firmware | * |
| hp | j8j66a_firmware | * |
| hp | j8j65a_firmware | * |
| hp | l3u56a_firmware | * |
| hp | ce995a_firmware | * |
| hp | cz244a_firmware | * |
| hp | j7z12a_firmware | * |
| hp | l3u66a_firmware | * |
| hp | ce996a_firmware | * |
| hp | j8a06a_firmware | * |
| hp | ce708a_firmware | * |
| hp | f2a81a_firmware | * |
| hp | l3u55a_firmware | * |
| hp | z5g77a_firmware | * |
| hp | k0q15a_firmware | * |
| hp | z5g79a_firmware | * |
| hp | b5l25a_firmware | * |
| hp | b5l07a_firmware | * |
| hp | j8a12a_firmware | * |
| hp | f2a76a_firmware | * |
| hp | c2s11a_firmware | * |
| hp | ce709a_firmware | * |
| hp | cz248a_firmware | * |
| hp | a2w77a_firmware | * |
| hp | j8j74a_firmware | * |
| hp | j8j63a_firmware | * |
| hp | cf068a_firmware | * |
| hp | j7z03a_firmware | * |
| hp | b5l48a_firmware | * |
| hp | c2s11v_firmware | * |
| hp | cf118a_firmware | * |
| hp | e6b67a_firmware | * |
| hp | k0q20a_firmware | * |
| hp | l3u60a_firmware | * |
| hp | cf238a_firmware | * |
| hp | ce994a_firmware | * |
| hp | g1w39a_firmware | * |
| hp | c2s12v_firmware | * |
| hp | d7p73a_firmware | * |
| hp | cz250a_firmware | * |
| hp | j7z05a_firmware | * |
| hp | d3l09a_firmware | * |
| hp | j8j76a_firmware | * |
| hp | j8j64a_firmware | * |
| hp | ce990a_firmware | * |
| hp | j7z99a_firmware | * |
| hp | g1w40v_firmware | * |
| hp | d7p68a_firmware | * |
| hp | g1w47v_firmware | * |
| hp | cc420a_firmware | * |
| hp | b5l05a_firmware | * |
| hp | j7z07a_firmware | * |
| hp | e6b69a_firmware | * |
| hp | cz256a_firmware | * |
| hp | j7x28a_firmware | * |
| hp | j7z08a_firmware | * |
| hp | f2a68a_firmware | * |
| hp | l3u70a_firmware | * |
| hp | b5l46a_firmware | * |
| hp | j8a11a_firmware | * |
| hp | b5l50a_firmware | * |
| hp | j8j72a_firmware | * |
| hp | cf367a_firmware | * |
| hp | b5l24a_firmware | * |
| hp | b5l06a_firmware | * |
| hp | b5l54a_firmware | * |
| hp | cf067a_firmware | * |
| hp | cz251a_firmware | * |
| hp | j8a05a_firmware | * |
| hp | b5l04a_firmware | * |
| hp | l3u51a_firmware | * |
| hp | m0p39a_firmware | * |
| hp | cf082a_firmware | * |
| hp | g1w46v_firmware | * |
| hp | d3l10a_firmware | * |
| hp | l3u65a_firmware | * |
| hp | k0q18a_firmware | * |
| hp | g1w39v_firmware | * |
| hp | b5l23a_firmware | * |
| hp | ce992a_firmware | * |
| hp | cf235a_firmware | * |
| hp | ce991a_firmware | * |
| hp | cf066a_firmware | * |
| hp | b3g86a_firmware | * |
| hp | c2s12a_firmware | * |
| hp | j7z11a_firmware | * |
| hp | g1w41v_firmware | * |
| hp | cz257a_firmware | * |
| hp | ce989a_firmware | * |
| hp | b5l47a_firmware | * |
| hp | d7p71v_firmware | * |
| hp | cd644a_firmware | * |
| hp | l2683a_firmware | * |
| hp | ce707a_firmware | * |
| hp | j7z14a_firmware | * |
| hp | l3u40a_firmware | * |
A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. The BIOS password was stored in CMOS in a way that allowed it to be extracted. This applies to consumer notebooks launched in early 2014.
CVSS 2.0
Severity: LOW
Problem Type: CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp_240_g3_firmware | * |
| hp | compaq_14-h000_firmware | - |
| hp | hp_250_g1_notebook_pc_firmware | * |
| hp | hp_255_g1_notebook_pc_firmware | * |
| hp | hp_envy_14-k100_firmware | * |
| hp | hp_14-g000_firmware | * |
| hp | compaq_cq45-900_firmware | - |
| hp | hp_pavilion_11-n000_firmware | * |
| hp | hp_pavilion_15-n000_firmware | * |
| hp | hp_255_g3_firmware | * |
| hp | hp_240_g1_firmware | * |
| hp | hp_envy_15-j100_firmware | * |
| hp | hp_455_firmware | * |
| hp | hp_246_g3_firmware | * |
| hp | compaq_14-s000_firmware | - |
| hp | hp_split_13-g200_firmware | * |
| hp | hp_envy_100_firmware | * |
| hp | hp_pavilion_15-n200_firmware | * |
| hp | hp_15-r000_firmware | * |
| hp | hp_g14-a000_firmware | * |
| hp | hp_envy_15-j000_firmware | * |
| hp | hp_pavilion_15-n300_firmware | * |
| hp | hp_14-r000_firmware | * |
| hp | hp_1000-1300_firmware | * |
| hp | hp_spectre_x2_13-smb_pro_firmware | * |
| hp | hp_245_g1_firmware | * |
| hp | hp_spectre_13-h200_firmware | * |
| hp | hp_15-r500_firmware | * |
| hp | hp_envy_m6-n000_firmware | * |
| hp | hp_246_firmware | * |
| hp | hp_envy_17-j100_leap_motion_se_firmware | * |
| hp | hp_envy_17_j100_firmware | * |
| hp | hp_pavilion_10-f000_firmware | * |
| hp | hp_pavilion_14-n000_firmware | * |
A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. HP has no access to customer data as a result of this issue.
CVSS 2.0
Severity: LOW
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | tommy_hilfiger_th24/7 | 2.0.0.11 |
| hp | tommy_hilfiger_th24/7 | 2.0.1.14 |
| hp | tommy_hilfiger_th24/7 | 2.1.0.16 |
| hp | tommy_hilfiger_th24/7 | 2.2.0.19 |
Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-276,CWE-16,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fujitsu | displayview_click | 6.01 |
| fujitsu | displayview_click_suite | 5.0 |
| hp | display_assistant | 2.1 |
| philips | smart_control_premium | 2.23 |
| philips | smart_control_premium | 2.25 |
| portrait | portrait_display_sdk | * |
| fujitsu | displayview_click | 6.0 |
| hp | my_display | 2.0 |
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_agent | 11.15 |
| openssl | openssl | 1.1.0b |
| hp | operations_agent | 11.14 |
| openssl | openssl | 1.1.0c |
| openssl | openssl | 1.1.0 |
| openssl | openssl | 1.1.0a |
| openssl | openssl | 1.1.0d |
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-755,CWE-755,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lenovo | storage_v5030_firmware | 7.7.1.6 |
| apache | struts | 2.3.30 |
| apache | struts | 2.5.2 |
| apache | struts | 2.3.20.1 |
| apache | struts | 2.3.22 |
| apache | struts | 2.5.8 |
| apache | struts | 2.3.10 |
| oracle | weblogic_server | 12.1.3.0.0 |
| apache | struts | 2.3.20.3 |
| apache | struts | 2.3.24 |
| ibm | storwize_v7000_firmware | 7.7.1.6 |
| apache | struts | 2.3.31 |
| apache | struts | 2.5 |
| apache | struts | 2.3.20 |
| hp | server_automation | 10.5.0 |
| apache | struts | 2.3.28.1 |
| arubanetworks | clearpass_policy_manager | * |
| apache | struts | 2.5.9 |
| apache | struts | 2.3.19 |
| ibm | storwize_v7000_firmware | 7.8.1.0 |
| apache | struts | 2.5.6 |
| hp | server_automation | 10.2.0 |
| apache | struts | 2.5.3 |
| apache | struts | 2.5.1 |
| apache | struts | 2.3.12 |
| hp | server_automation | 10.1.0 |
| apache | struts | 2.3.14.2 |
| apache | struts | 2.5.10 |
| oracle | weblogic_server | 12.2.1.2.0 |
| apache | struts | 2.3.16.3 |
| apache | struts | 2.3.20.2 |
| apache | struts | 2.3.29 |
| apache | struts | 2.3.15.2 |
| apache | struts | 2.3.17 |
| apache | struts | 2.3.24.2 |
| apache | struts | 2.3.6 |
| hp | server_automation | 9.1.0 |
| ibm | storwize_v5000_firmware | 7.8.1.0 |
| oracle | weblogic_server | 10.3.6.0.0 |
| ibm | storwize_v5000_firmware | 7.7.1.6 |
| apache | struts | 2.3.21 |
| apache | struts | 2.3.25 |
| apache | struts | 2.3.14.1 |
| apache | struts | 2.3.7 |
| lenovo | storage_v5030_firmware | 7.8.1.0 |
| apache | struts | 2.5.4 |
| apache | struts | 2.3.15.3 |
| apache | struts | 2.3.9 |
| apache | struts | 2.3.16 |
| apache | struts | 2.3.26 |
| apache | struts | 2.5.7 |
| apache | struts | 2.3.14.3 |
| apache | struts | 2.3.27 |
| apache | struts | 2.3.23 |
| hp | server_automation | 10.0.0 |
| apache | struts | 2.3.28 |
| netapp | oncommand_balance | - |
| apache | struts | 2.3.14 |
| apache | struts | 2.3.15 |
| oracle | weblogic_server | 12.2.1.1.0 |
| apache | struts | 2.3.16.2 |
| apache | struts | 2.3.24.3 |
| apache | struts | 2.3.16.1 |
| apache | struts | * |
| apache | struts | 2.3.15.1 |
| apache | struts | 2.3.5 |
| apache | struts | 2.3.11 |
| apache | struts | 2.3.8 |
| ibm | storwize_v3500_firmware | 7.8.1.0 |
| apache | struts | 2.3.24.1 |
| apache | struts | 2.5.5 |
| ibm | storwize_v3500_firmware | 7.7.1.6 |
| apache | struts | 2.3.13 |
Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types may also exhibit such behaviors. One vector in the Java standard library exists that allows an attacker to trigger possibly further exploitable Java deserialization of untrusted data. Other known vectors in third party libraries can be used to trigger remote code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| apache | flex_blazeds | * |
| hp | xp_command_view_advanced_edition | * |
A remote clickjacking vulnerability in HPE Matrix Operating Environment version v7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A CSRF vulnerability in HPE Matrix Operating Environment version v7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A missing HSTS Header vulnerability in HPE Matrix Operating Environment version v7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A remote clickjacking vulnerability in HPE Matrix Operating Environment version v7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A missing HSTS Header vulnerability in HPE Matrix Operating Environment version v7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A remote information disclosure vulnerability in HPE Matrix Operating Environment version v7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A local Unauthorized Data Modification vulnerability in HPE OfficeConnect Network Switches version PT.02.01 including PT.01.03 through PT.01.14
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | officeconnect_1820_24g_switch_j9980a_firmware | * |
| hp | officeconnect_1820_24g_poe+_(185w)_switch_j9983a_firmware | * |
| hp | officeconnect_1820_48g_switch_j9981a_firmware | pt.02.01 |
| hp | officeconnect_1820_8g_poe+_(65w)_switch_j9982a_firmware | * |
| hp | officeconnect_1820_8g_switch_j9979a_firmware | * |
| hp | officeconnect_1820_48g_switch_j9981a_firmware | * |
| hp | officeconnect_1820_24g_switch_j9980a_firmware | pt.02.01 |
| hp | officeconnect_1820_24g_poe+_(185w)_switch_j9983a_firmware | pt.02.01 |
| hp | officeconnect_1820_48g_poe+_(370w)_switch_j9984a_firmware | pt.02.01 |
| hp | officeconnect_1820_8g_switch_j9979a_firmware | pt.02.01 |
| hp | officeconnect_1820_8g_poe+_(65w)_switch_j9982a_firmware | pt.02.01 |
| hp | officeconnect_1820_48g_poe+_(370w)_switch_j9984a_firmware | * |
A remote denial of service vulnerability in HPE Version Control Repository Manager (VCRM) in all versions prior to 7.6 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | version_control_repository_manager | * |
A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_server_software | * |
HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | * |
| hp | performance_center | * |
A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center_plat | 7.2 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Arbitrary Code Execution vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
A Remote Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
A Local Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) version PLAT 7.2 E0403P06 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
A Remote Cross Site Request Forgery (CSRF) vulnerability in HPE 2620 Series Network Switches version RA.15.05.0006 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | j9625a_firmware | * |
| hp | j9626a_firmware | * |
| hp | j9623a_firmware | * |
| hp | j9627a_firmware | * |
| hp | j9624a_firmware | * |
A Remote Unauthenticated Disclosure of Information vulnerability in HPE Intelligent Management Center (IMC) SOM version v7.3 (E0501) was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | opencall_media_platform | * |
A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | opencall_media_platform | * |
A Remote Cross-Site Scripting (XSS) vulnerability in HPE Operations Bridge Analytics version v3.0 was found.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_bridge_analytics | 3.0 |
A Remote Unauthorized Access to Data vulnerability in HPE Business Process Monitor version v09.2x, v09.30 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | business_process_monitor | 09.26 |
| hp | business_process_monitor | 09.21 |
| hp | business_process_monitor | 09.25 |
| hp | business_process_monitor | 09.20 |
| hp | business_process_monitor | 09.22 |
| hp | business_process_monitor | 09.24 |
| hp | business_process_monitor | 09.30 |
| hp | business_process_monitor | 09.23 |
A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics Platform version v4.1 and later was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | vertica | * |
A Remote Disclosure of Information vulnerability in HPE NonStop Servers using SSH Service version L series: T0801L02 through T0801L02^ABX; J and H series: T0801H01 through T0801H01^ACA was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_server_software | * |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
| hp | data_protector | 9.09 |
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
| hp | data_protector | 9.09 |
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-275,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | data_protector | * |
| hp | data_protector | 9.09 |
A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 9.22.02 |
| hp | network_automation | 10.10 |
| hp | network_automation | 10.00.02 |
| hp | network_automation | 10.21 |
| hp | network_automation | 9.10 |
| hp | network_automation | 9.20 |
| hp | network_automation | 9.22.01 |
| hp | network_automation | 10.00 |
| hp | network_automation | 9.22 |
| hp | network_automation | 10.11 |
| hp | network_automation | 10.00.01 |
A remote code execution vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 9.22.02 |
| hp | network_automation | 10.10 |
| hp | network_automation | 10.00.02 |
| hp | network_automation | 10.21 |
| hp | network_automation | 9.10 |
| hp | network_automation | 9.20 |
| hp | network_automation | 9.22.01 |
| hp | network_automation | 10.00 |
| hp | network_automation | 9.22 |
| hp | network_automation | 10.11 |
| hp | network_automation | 10.00.01 |
A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 9.22.02 |
| hp | network_automation | 10.10 |
| hp | network_automation | 10.00.02 |
| hp | network_automation | 10.21 |
| hp | network_automation | 9.10 |
| hp | network_automation | 9.20 |
| hp | network_automation | 9.22.01 |
| hp | network_automation | 10.00 |
| hp | network_automation | 9.22 |
| hp | network_automation | 10.11 |
| hp | network_automation | 10.00.01 |
A remote unauthenticated access vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 9.22.02 |
| hp | network_automation | 10.10 |
| hp | network_automation | 10.00.02 |
| hp | network_automation | 10.21 |
| hp | network_automation | 9.10 |
| hp | network_automation | 9.20 |
| hp | network_automation | 9.22.01 |
| hp | network_automation | 10.00 |
| hp | network_automation | 9.22 |
| hp | network_automation | 10.11 |
| hp | network_automation | 10.00.01 |
A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 9.22.02 |
| hp | network_automation | 10.10 |
| hp | network_automation | 10.00.02 |
| hp | network_automation | 10.21 |
| hp | network_automation | 9.10 |
| hp | network_automation | 9.20 |
| hp | network_automation | 9.22.01 |
| hp | network_automation | 10.00 |
| hp | network_automation | 9.22 |
| hp | network_automation | 10.11 |
| hp | network_automation | 10.00.01 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_clearpass_policy_manager | * |
A privilege escalation vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_clearpass_policy_manager | * |
An authenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_clearpass_policy_manager | * |
A reflected cross site scripting vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_clearpass_policy_manager | * |
An arbitrary command execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-611,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_clearpass_policy_manager | * |
An access restriction bypass vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_clearpass_policy_manager | * |
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-444,CWE-190,CWE-444,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | retail_xstore_point_of_service | 7.1 |
| netapp | hci_storage_nodes | - |
| oracle | retail_xstore_point_of_service | 16.0 |
| oracle | rest_data_services | 11.2.0.4 |
| oracle | retail_xstore_point_of_service | 15.0 |
| debian | debian_linux | 9.0 |
| oracle | rest_data_services | 12.1.0.2 |
| netapp | element_software | - |
| oracle | rest_data_services | 12.2.0.1 |
| netapp | snapcenter | * |
| hp | xp_p9000_command_view | * |
| netapp | element_software_management_node | - |
| eclipse | jetty | * |
| netapp | oncommand_system_manager | 3.x |
| netapp | e-series_santricity_management | - |
| netapp | oncommand_unified_manager | * |
| netapp | e-series_santricity_web_services | - |
| oracle | retail_xstore_point_of_service | 17.0 |
| oracle | rest_data_services | 18c |
| netapp | santricity_cloud_connector | - |
| netapp | e-series_santricity_os_controller | * |
| netapp | snap_creator_framework | * |
| netapp | snapmanager | * |
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-444,CWE-444,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | snapmanager | - |
| oracle | rest_data_services | 11.2.0.4 |
| oracle | retail_xstore_point_of_service | 15.0 |
| debian | debian_linux | 9.0 |
| oracle | rest_data_services | 12.1.0.2 |
| netapp | oncommand_unified_manager_for_7-mode | - |
| netapp | hci_management_node | - |
| eclipse | jetty | * |
| netapp | snap_creator_framework | - |
| netapp | santricity_cloud_connector | - |
| netapp | snapcenter | - |
| netapp | e-series_santricity_os_controller | * |
| oracle | retail_xstore_point_of_service | 7.1 |
| oracle | retail_xstore_point_of_service | 16.0 |
| oracle | rest_data_services | 12.2.0.1 |
| hp | xp_p9000_command_view | * |
| netapp | solidfire | - |
| netapp | hci_storage_node | - |
| netapp | e-series_santricity_management | - |
| netapp | e-series_santricity_web_services | - |
| oracle | retail_xstore_point_of_service | 17.0 |
| netapp | oncommand_system_manager | * |
| oracle | rest_data_services | 18c |
| oracle | retail_xstore_payment | 3.3 |
| netapp | storage_services_connector | - |
A Remote Disclosure of Information vulnerability in HPE Cloud Optimizer version v3.0x was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | cloud_optimizer | * |
A Remote Unauthorized Disclosure of Information vulnerability in HPE IceWall Federation Agent version 3.0 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_federation_agent | 3.0 |
A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_airwave_glass | 1.0.0 |
| hp | aruba_airwave_glass | 1.0.1 |
A Remote Code Execution vulnerability in HPE UCMDB version v10.10, v10.11, v10.20, v10.21, v10.22, v10.30, v10.31 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ucmdb_configuration_manager | 10.10 |
| hp | ucmdb_configuration_manager | 10.11 |
| hp | ucmdb_configuration_manager | 10.20 |
| hp | ucmdb_configuration_manager | 10.31 |
| hp | ucmdb_configuration_manager | 10.30 |
| hp | ucmdb_configuration_manager | 10.22 |
| hp | ucmdb_configuration_manager | 10.21 |
A Remote Bypass Security Restriction vulnerability in HPE Network Node Manager i (NNMi) Software versions v10.0x, v10.1x, v10.2x was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_node_manager_i | 10.21 |
| hp | network_node_manager_i | 10.20 |
| hp | network_node_manager_i | 10.01 |
| hp | network_node_manager_i | 10.10 |
| hp | network_node_manager_i | 10.00 |
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.30.521 |
| hp | sitescope | 11.22 |
| hp | sitescope | 11.24 |
| hp | sitescope | 11.33 |
| hp | sitescope | 11.23 |
| hp | sitescope | 11.30 |
| hp | sitescope | 11.31 |
| hp | sitescope | 11.20 |
| hp | sitescope | 11.32 |
| hp | sitescope | 11.21 |
| hp | sitescope | 11.24.391 |
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.30.521 |
| hp | sitescope | 11.22 |
| hp | sitescope | 11.24 |
| hp | sitescope | 11.33 |
| hp | sitescope | 11.23 |
| hp | sitescope | 11.30 |
| hp | sitescope | 11.31 |
| hp | sitescope | 11.20 |
| hp | sitescope | 11.32 |
| hp | sitescope | 11.21 |
| hp | sitescope | 11.24.391 |
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.30.521 |
| hp | sitescope | 11.22 |
| hp | sitescope | 11.24 |
| hp | sitescope | 11.33 |
| hp | sitescope | 11.23 |
| hp | sitescope | 11.30 |
| hp | sitescope | 11.31 |
| hp | sitescope | 11.20 |
| hp | sitescope | 11.32 |
| hp | sitescope | 11.21 |
| hp | sitescope | 11.24.391 |
A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | sitescope | 11.30.521 |
| hp | sitescope | 11.22 |
| hp | sitescope | 11.24 |
| hp | sitescope | 11.33 |
| hp | sitescope | 11.23 |
| hp | sitescope | 11.30 |
| hp | sitescope | 11.31 |
| hp | sitescope | 11.20 |
| hp | sitescope | 11.32 |
| hp | sitescope | 11.21 |
| hp | sitescope | 11.24.391 |
A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | loadrunner | * |
| hp | performance_center | * |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.2 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 and earlier was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
An Authentication Bypass vulnerability in HPE MSA 1040 and HPE MSA 2040 SAN Storage in version GL220P008 and earlier and was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | msa_1040_san_storage_firmware | * |
| hp | msa_2040_san_storage_firmware | * |
An Authentication Bypass vulnerability in HPE MSA 1040 and MSA 2040 SAN Storage IN version GL220P008 and earlier was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | msa_1040_san_storage_firmware | * |
| hp | msa_2040_san_storage_firmware | * |
A directory traversal vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.3 E0504P02 could allow remote code execution.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A remote execution of arbitrary code vulnerability has been identified in HPE RESTful Interface Tool 1.5, 2.0 (hprest-1.5-79.x86_64.rpm, ilorest-2.0-403.x86_64.rpm). The issue is resolved in iLOREST v2.1 or subsequent versions.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | restful_interface_tool | 2.0 |
| hp | restful_interface_tool | 1.5 |
An improper input validation vulnerability in HPE Insight Control version 7.6 LR1 was found.
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | insight_control | 7.6 |
A remote unauthenticated disclosure of information vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A clickjacking vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A clickjacking vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
An improper input validation vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | matrix_operating_environment | 7.6 |
A Local Authentication Restriction Bypass vulnerability in HPE NonStop Server version L-Series: T6533L01 through T6533L01^ADN; J-Series and H-series: T6533H02 through T6533H04^ADF and T6533H05 through T6533H05^ADL was found.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_server_software | * |
A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | moonshot_provisioning_manager_appliance | 1.20 |
A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | moonshot_provisioning_manager_appliance | 1.20 |
A Remote Denial of Service vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | moonshot_provisioning_manager_appliance | 1.20 |
A Remote Unauthorized Disclosure of Information vulnerability in HPE IceWall Products version MFA 4.0 proxy was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_sso | 10.0 |
| hp | icewall_sso | 11.0 |
| hp | icewall_mfa | 4.0 |
| hp | icewall_mcrp | 4.0 |
Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_2_firmware | 2.29 |
A Remote Disclosure of Information vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Authentication Restriction Bypass vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A remote code execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506P03 was found.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
HPE XP Storage using Hitachi Global Link Manager (HGLM) has a local authenticated information disclosure vulnerability in HGLM version HGLM 6.3.0-00 to 8.5.2-00.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp_storage_hitachi_global_link_manager | * |
A Unauthenticated Remote Denial of Service vulnerability was identified in HPE Integrated Lights-Out 3 (iLO 3) version v1.88 only. The vulnerability is resolved in iLO3 v1.89 or subsequent versions.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_3_firmware | 1.88 |
A Remote Bypass of Security Restrictions vulnerability was identified in HPE XP Command View Advanced Edition Software Earlier than 8.5.3-00. The vulnerability impacts DevMgr Earlier than 8.5.3-00 (for Windows, Linux), RepMgr earlier than 8.5.3-00 (for Windows, Linux) and HDLM earlier than 8.5.3-00 (for Windows, Linux, Solaris, AIX).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp_command_view | * |
A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could be exploited remotely to allow URL Redirection.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_sso | 10.0 |
| hp | icewall_sso | 11.0 |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Service Manager (WSM) Software earlier than version WSM 7.3 (E0506). This issue was resolved in HPE IMC Wireless Services Manager Software IMC WSM 7.3 E0506P01 or subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | imc_wireless_service_manager | * |
| hp | imc_wireless_service_manager | 7.3 |
HPE has identified a cross site scripting (XSS) vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | centralview_fraud_risk_management | * |
HPE has identified a remote privilege escalation vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | centralview_fraud_risk_management | * |
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_orchestration | * |
ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x prior to 6.5.1.9, 6.5.2, 6.5.3 prior to 6.5.3.3, 6.5.4 prior to 6.5.4.2, 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally is vulnerable to unauthenticated arbitrary file access. An unauthenticated user with network access to an Aruba mobility controller on TCP port 8080 or 8081 may be able to access arbitrary files stored on the mobility controller. Ports 8080 and 8081 are used for captive portal functionality and are listening, by default, on all IP interfaces of the mobility controller, including captive portal interfaces. The attacker could access files which could contain passwords, keys, and other sensitive information that could lead to full system compromise.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arubaos | * |
| hp | arubaos | 6.5.2 |
Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthenticated remote command execution vulnerability is present which could allow an unauthenticated user to execute arbitrary commands on the underlying operating system with "root" privilege level. This vulnerability is only present when a specific feature has been enabled. The SSH Lockout feature is not enabled by default, so only systems which have enabled this feature are vulnerable.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_clearpass_policy_manager | * |
All versions of Aruba ClearPass prior to 6.6.8 contain reflected cross-site scripting vulnerabilities. By exploiting this vulnerability, an attacker who can trick a logged-in ClearPass administrative user into clicking a link could obtain sensitive information, such as session cookies or passwords. The vulnerability requires that an administrative users click on the malicious link while currently logged into ClearPass in the same browser.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_clearpass_policy_manager | * |
Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arubaos | - |
An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-611,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | fortify_software_security_center | 17.2 |
| hp | fortify_software_security_center | 17.1 |
| hp | fortify_software_security_center | 18.1 |
SynTP.sys in Synaptics Touchpad drivers before 2018-06-06 allows local users to obtain sensitive information about freed kernel addresses.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | synaptics_touchpad_driver | * |
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ucmdb_configuration_manager | 2018.05 |
| hp | ucmdb_configuration_manager | 2018.02 |
| hp | ucmdb_configuration_manager | 2018.08 |
| hp | ucmdb_configuration_manager | 2018.11 |
| hp | ucmdb_configuration_manager | 10.22 |
| hp | ucmdb_configuration_manager | 10.33 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.2 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| oracle | jrockit | r28.3.16 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| debian | debian_linux | 9.0 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jdk | 9.0.1 |
| oracle | jre | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 16.04 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| oracle | jrockit | r28.3.16 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.2 | 2.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| oracle | jrockit | r28.3.16 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded executes to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.5 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L | 1.0 | 3.4 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| oracle | jrockit | r28.3.16 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| oracle | jrockit | r28.3.16 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N | 1.6 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| oracle | jrockit | r28.3.16 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.3 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H | 1.6 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| oracle | jrockit | r28.3.16 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N | 2.2 | 4.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.4 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N | 2.2 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| oracle | jrockit | r28.3.16 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N | 1.6 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| oracle | jdk | 1.6.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| oracle | jrockit | r28.3.16 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| hp | xp7_command_view | * |
| redhat | satellite | 5.6 |
| oracle | jdk | 1.7.0 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| oracle | jrockit | r28.3.16 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| oracle | jdk | 9.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| debian | debian_linux | 7.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| hp | xp_command_view | * |
| hp | xp_p9000_command_view | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 9.0.1 |
| oracle | jrockit | r28.3.16 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.4 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N | 2.2 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| oracle | jdk | 1.6.0 |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jrockit | r28.3.17 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.1 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.6 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jre | 10 |
| oracle | jdk | 1.6.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| oracle | jdk | 10 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, JRockit executes to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.7 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H | 1.0 | 6.0 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jre | 10 |
| oracle | jdk | 1.6.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jrockit | r28.3.17 |
| oracle | jre | 1.8.0 |
| oracle | jdk | 10 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jre | 10 |
| oracle | jdk | 1.6.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jrockit | r28.3.17 |
| oracle | jre | 1.8.0 |
| oracle | jdk | 10 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jre | 10 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jrockit | r28.3.17 |
| oracle | jre | 1.8.0 |
| oracle | jdk | 10 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jre | 10 |
| oracle | jdk | 1.6.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jrockit | r28.3.17 |
| oracle | jre | 1.8.0 |
| oracle | jdk | 10 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jre | 10 |
| oracle | jdk | 1.6.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jrockit | r28.3.17 |
| oracle | jre | 1.8.0 |
| oracle | jdk | 10 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server | 6.0 |
| apache | xerces-j | * |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jre | 10 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jrockit | r28.3.17 |
| oracle | jre | 1.8.0 |
| oracle | jdk | 10 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N).
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| schneider-electric | struxureware_data_center_expert | * |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jrockit | r28.3.17 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.3 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H | 1.6 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jre | 10 |
| oracle | jdk | 1.6.0 |
| schneider-electric | struxureware_data_center_expert | * |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| oracle | jdk | 10 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 17.10 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server | 6.0 |
| hp | xp7_command_view | - |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jre | 10 |
| oracle | jdk | 1.6.0 |
| schneider-electric | struxureware_data_center_expert | * |
| oracle | jdk | 1.8.0 |
| oracle | jrockit | r28.3.17 |
| oracle | jre | 1.8.0 |
| oracle | jdk | 10 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 17.10 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | satellite | 5.7 |
| netapp | virtual_storage_console | * |
| redhat | enterprise_linux_desktop | 6.0 |
| netapp | snapmanager | - |
| oracle | jdk | 10.0.1 |
| netapp | cloud_backup | - |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | plug-in_for_symantec_netbackup | - |
| redhat | enterprise_linux_server | 6.0 |
| netapp | oncommand_workflow_automation | - |
| netapp | e-series_santricity_os_controller | * |
| oracle | jdk | 1.7.0 |
| netapp | steelstore_cloud_integrated_storage | - |
| oracle | jdk | 1.6.0 |
| redhat | satellite | 5.8 |
| oracle | jre | 10.0.1 |
| oracle | jdk | 1.8.0 |
| netapp | active_iq_unified_manager | - |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| netapp | e-series_santricity_storage_manager | - |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| netapp | oncommand_unified_manager | - |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| redhat | satellite | 5.6 |
| netapp | oncommand_insight | - |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.2 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| netapp | virtual_storage_console | * |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| netapp | snapmanager | - |
| oracle | jdk | 10.0.1 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_eus | 7.6 |
| netapp | cloud_backup | - |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | plug-in_for_symantec_netbackup | - |
| redhat | enterprise_linux_server | 6.0 |
| netapp | oncommand_workflow_automation | - |
| netapp | e-series_santricity_os_controller | * |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| netapp | steelstore_cloud_integrated_storage | - |
| oracle | jdk | 1.6.0 |
| redhat | satellite | 5.8 |
| oracle | jre | 10.0.1 |
| oracle | jdk | 1.8.0 |
| redhat | enterprise_linux_eus | 7.7 |
| netapp | active_iq_unified_manager | - |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| redhat | enterprise_linux_eus | 7.5 |
| redhat | enterprise_linux_desktop | 7.0 |
| netapp | e-series_santricity_storage_manager | - |
| oracle | jrockit | r28.3.18 |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| netapp | oncommand_unified_manager | - |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| redhat | satellite | 5.6 |
| netapp | oncommand_insight | - |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | satellite | 5.7 |
| netapp | virtual_storage_console | * |
| redhat | enterprise_linux_desktop | 6.0 |
| netapp | snapmanager | - |
| oracle | jdk | 10.0.1 |
| netapp | cloud_backup | - |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | plug-in_for_symantec_netbackup | - |
| redhat | enterprise_linux_server | 6.0 |
| netapp | oncommand_workflow_automation | - |
| netapp | e-series_santricity_os_controller | * |
| oracle | jdk | 1.7.0 |
| netapp | steelstore_cloud_integrated_storage | - |
| oracle | jdk | 1.6.0 |
| redhat | satellite | 5.8 |
| oracle | jre | 10.0.1 |
| oracle | jdk | 1.8.0 |
| netapp | active_iq_unified_manager | - |
| oracle | jre | 1.8.0 |
| netapp | storage_replication_adapter_for_clustered_data_ontap | 9.6 |
| redhat | enterprise_linux_desktop | 7.0 |
| netapp | e-series_santricity_storage_manager | - |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| netapp | oncommand_unified_manager | - |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| redhat | satellite | 5.6 |
| netapp | oncommand_insight | - |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g. code installed by an administrator). CVSS 3.0 Base Score 3.4 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.4 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N | 1.6 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| oracle | jdk | 11.0.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| oracle | jre | 11.0.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g. code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.1 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.6 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| oracle | jdk | 11.0.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| oracle | jre | 11.0.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.3 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H | 1.6 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| oracle | jdk | 11.0.0 |
| hp | xp7_command_view | 8.6.4-00 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| oracle | jre | 11.0.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| oracle | jrockit | r28.3.19 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g. code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.3 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H | 1.6 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| oracle | jdk | 11.0.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| oracle | jre | 11.0.0 |
| debian | debian_linux | 8.0 |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.6 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.2 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| oracle | jdk | 11.0.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| oracle | jre | 11.0.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| oracle | jrockit | r28.3.19 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| redhat | satellite | 5.6 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.0 | CRITICAL | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 2.2 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | satellite | 5.8 |
| debian | debian_linux | 9.0 |
| oracle | jdk | 1.8.0 |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| oracle | jdk | 11.0.0 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| oracle | jrockit | r28.3.19 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 16.04 |
| oracle | jre | 11.0.0 |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | satellite | 5.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| oracle | jdk | 1.6.0 |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| oracle | jrockit | r28.3.19 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| redhat | satellite | 5.6 |
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-400,CWE-400,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| f5 | big-ip_domain_name_system | * |
| f5 | big-ip_edge_gateway | * |
| cisco | threat_grid-cloud | - |
| canonical | ubuntu_linux | 14.04 |
| f5 | big-ip_application_acceleration_manager | 14.0.0 |
| hp | aruba_clearpass_policy_manager | * |
| redhat | enterprise_linux_server_aus | 6.4 |
| redhat | enterprise_linux_server_aus | 6.5 |
| redhat | enterprise_linux_server_eus | 7.4 |
| f5 | big-ip_fraud_protection_service | * |
| cisco | telepresence_video_communication_server_firmware | x8.10 |
| f5 | traffix_systems_signaling_delivery_controller | * |
| redhat | enterprise_linux_server_tus | 7.2 |
| redhat | enterprise_linux_server_eus | 7.3 |
| cisco | expressway | x8.10.1 |
| redhat | enterprise_linux_server_eus | 6.7 |
| cisco | expressway | x8.10 |
| linux | linux_kernel | 4.18 |
| f5 | big-ip_link_controller | * |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 6.4 |
| cisco | telepresence_conductor_firmware | xc4.3.3 |
| canonical | ubuntu_linux | 12.04 |
| cisco | telepresence_conductor_firmware | xc4.3.1 |
| cisco | expressway | x8.10.2 |
| cisco | telepresence_video_communication_server_firmware | x8.10.4 |
| cisco | telepresence_conductor_firmware | xc4.3 |
| f5 | big-ip_advanced_firewall_manager | 14.0.0 |
| cisco | network_assurance_engine | 2.1(1a) |
| cisco | telepresence_conductor_firmware | xc4.3.4 |
| f5 | big-ip_global_traffic_manager | 14.0.0 |
| f5 | big-ip_domain_name_system | 14.0.0 |
| hp | aruba_airwave_amp | * |
| debian | debian_linux | 8.0 |
| cisco | expressway | x8.11 |
| cisco | collaboration_meeting_rooms | 1.0 |
| f5 | big-ip_analytics | * |
| f5 | big-ip_application_acceleration_manager | * |
| redhat | enterprise_linux_server_tus | 7.4 |
| a10networks | advanced_core_operating_system | 4.1.4 |
| f5 | big-ip_webaccelerator | 14.0.0 |
| f5 | big-ip_application_security_manager | 14.0.0 |
| f5 | big-ip_policy_enforcement_manager | 14.0.0 |
| f5 | big-ip_edge_gateway | 14.0.0 |
| canonical | ubuntu_linux | 18.04 |
| linux | linux_kernel | * |
| cisco | digital_network_architecture_center | 1.2 |
| cisco | meeting_management | 1.0 |
| redhat | enterprise_linux_server | 7.0 |
| f5 | traffix_systems_signaling_delivery_controller | 4.4.0 |
| redhat | enterprise_linux_server_aus | 6.6 |
| a10networks | advanced_core_operating_system | 4.1.0 |
| cisco | meeting_management | 1.0.1 |
| f5 | big-ip_advanced_firewall_manager | * |
| cisco | telepresence_video_communication_server_firmware | x8.11 |
| debian | debian_linux | 9.0 |
| f5 | big-ip_local_traffic_manager | 14.0.0 |
| cisco | telepresence_video_communication_server_firmware | x8.10.2 |
| cisco | expressway | x8.10.3 |
| cisco | webex_hybrid_data_security | - |
| cisco | webex_video_mesh | - |
| a10networks | advanced_core_operating_system | 4.1.1 |
| cisco | telepresence_video_communication_server_firmware | x8.10.1 |
| redhat | enterprise_linux_server_tus | 6.6 |
| f5 | big-ip_webaccelerator | * |
| f5 | big-ip_local_traffic_manager | * |
| cisco | telepresence_video_communication_server_firmware | x8.10.3 |
| canonical | ubuntu_linux | 16.04 |
| a10networks | advanced_core_operating_system | 4.1.2 |
| f5 | big-ip_access_policy_manager | 14.0.0 |
| f5 | big-ip_application_security_manager | * |
| redhat | enterprise_linux_server_aus | 7.3 |
| cisco | expressway | x8.10.4 |
| cisco | telepresence_conductor_firmware | xc4.3.2 |
| redhat | enterprise_linux_server_eus | 7.2 |
| redhat | enterprise_linux_server_tus | 7.3 |
| f5 | big-ip_access_policy_manager | * |
| f5 | big-ip_link_controller | 14.0.0 |
| f5 | big-ip_global_traffic_manager | * |
| redhat | virtualization | 4.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| a10networks | advanced_core_operating_system | 3.2.2 |
| redhat | enterprise_linux_server_aus | 7.2 |
| f5 | big-ip_fraud_protection_service | 14.0.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| f5 | big-ip_policy_enforcement_manager | * |
| redhat | enterprise_linux_workstation | 7.0 |
| f5 | big-ip_analytics | 14.0.0 |
| cisco | expressway_series | - |
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-617,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| isc | bind | * |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| opensuse | leap | 15.1 |
| canonical | ubuntu_linux | 12.04 |
| opensuse | leap | 15.0 |
| canonical | ubuntu_linux | 18.04 |
| opensuse | leap | 42.3 |
| redhat | enterprise_linux_workstation | 7.0 |
| netapp | data_ontap_edge | - |
| canonical | ubuntu_linux | 16.04 |
| hp | hp-ux | - |
| debian | debian_linux | 8.0 |
A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and could potentially be exploited remotely to allow elevation of privilege.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | b3g85a_firmware | * |
| hp | g1w47a_firmware | * |
| hp | k0q14a_firmware | * |
| hp | x3a78a_firmware | * |
| hp | a2w75a_firmware | * |
| hp | l3u43a_firmware | * |
| hp | a2w79a_firmware | * |
| hp | cd646a_firmware | * |
| hp | g1w40a_firmware | * |
| hp | b3g84a_firmware | * |
| hp | m0p35a_firmware | * |
| hp | j7z98a_firmware | * |
| hp | l3u59a_firmware | * |
| hp | a2w78a_firmware | * |
| hp | k0q22a_firmware | * |
| hp | l3u52a_firmware | * |
| hp | f2a77a_firmware | * |
| hp | j7z04a_firmware | * |
| hp | x3a65a_firmware | * |
| hp | k0q21a_firmware | * |
| hp | l3u46a_firmware | * |
| hp | z8z21a_firmware | * |
| hp | e6b71a_firmware | * |
| hp | cd645a_firmware | * |
| hp | m0p36a_firmware | * |
| hp | x3a89a_firmware | * |
| hp | l8z07a_firmware | * |
| hp | cc524a_firmware | * |
| hp | z8z19a_firmware | * |
| hp | j7z06a_firmware | * |
| hp | l1h45a_firmware | * |
| hp | j8j79a_firmware | * |
| hp | l3u44a_firmware | * |
| hp | z8z03a_firmware | * |
| hp | cz245a_firmware | * |
| hp | cz249a_firmware | * |
| hp | j8j70a_firmware | * |
| hp | z8z12a_firmware | * |
| hp | cf117a_firmware | * |
| hp | cc523a_firmware | * |
| hp | cf069a_firmware | * |
| hp | z8z17a_firmware | * |
| hp | m0p40a_firmware | * |
| hp | d7p70a_firmware | * |
| hp | l3u41a_firmware | * |
| hp | z8z15a_firmware | * |
| hp | x3a66a_firmware | * |
| hp | b5l26a_firmware | * |
| hp | j8a10a_firmware | * |
| hp | j8a17a_firmware | * |
| hp | l2762a_firmware | * |
| hp | j8j66a_firmware | * |
| hp | x3a68a_firmware | * |
| hp | j8j65a_firmware | * |
| hp | l3u66a_firmware | * |
| hp | l3u62a_firmware | * |
| hp | ca251a_firmware | * |
| hp | z8z07a_firmware | * |
| hp | f2a81a_firmware | * |
| hp | z8z16a_firmware | * |
| hp | l3u55a_firmware | * |
| hp | x3a75a_firmware | * |
| hp | k0q15a_firmware | * |
| hp | z8z10a_firmware | * |
| hp | f2a78v_firmware | * |
| hp | cc522a_firmware | * |
| hp | b5l07a_firmware | * |
| hp | l3u50a_firmware | * |
| hp | f2a76a_firmware | * |
| hp | p7z48a_firmware | * |
| hp | x3a77a_firmware | * |
| hp | j8j74a_firmware | * |
| hp | c2s11v_firmware | * |
| hp | z8z00a_firmware | * |
| hp | x3a80a_firmware | * |
| hp | l3u57a_firmware | * |
| hp | k0q20a_firmware | * |
| hp | l3u60a | * |
| hp | g1w39a_firmware | * |
| hp | c2s12v_firmware | * |
| hp | cz250a_firmware | * |
| hp | z8z08a_firmware | * |
| hp | j8j76a_firmware | * |
| hp | x3a83a_firmware | * |
| hp | j7z99a_firmware | * |
| hp | g1w40v_firmware | * |
| hp | d7p68a_firmware | * |
| hp | p7z47a_firmware | * |
| hp | j8j67a_firmware | * |
| hp | h0dc9a_firmware | * |
| hp | l3u70a_firmware | * |
| hp | j8a11a_firmware | * |
| hp | z8z11a_firmware | * |
| hp | b5l50a_firmware | * |
| hp | j8j72a_firmware | * |
| hp | cf367a_firmware | * |
| hp | b5l06a_firmware | * |
| hp | b5l54a_firmware | * |
| hp | x3a90a_firmware | * |
| hp | cf067a_firmware | * |
| hp | j8a05a_firmware | * |
| hp | m0p32a_firmware | * |
| hp | g1w46v_firmware | * |
| hp | l3u65a_firmware | * |
| hp | x3a86a_firmware | * |
| hp | cf066a_firmware | * |
| hp | x3a59a_firmware | * |
| hp | x3a69a_firmware | * |
| hp | f2a67a_firmware | * |
| hp | l3u47a_firmware | * |
| hp | l3u40a_firmware | * |
| hp | l3u49a_firmware | * |
| hp | j8a13a_firmware | * |
| hp | j8a04a_firmware | * |
| hp | x3a87a_firmware | * |
| hp | l3u67a_firmware | * |
| hp | k0q19a_firmware | * |
| hp | m0p33a_firmware | * |
| hp | z8z09a_firmware | * |
| hp | x3a60a_firmware | * |
| hp | j8j78a_firmware | * |
| hp | g1w41a_firmware | * |
| hp | a2w76a_firmware | * |
| hp | f2a80a_firmware | * |
| hp | j8j80a_firmware | * |
| hp | k0q17a_firmware | * |
| hp | g1w46a_firmware | * |
| hp | j8a16a_firmware | * |
| hp | x3a93a_firmware | * |
| hp | b5l49a_firmware | * |
| hp | e6b73a_firmware | * |
| hp | j8j73a_firmware | * |
| hp | z8z01a_firmware | * |
| hp | f2a71a_firmware | * |
| hp | l3u61a_firmware | * |
| hp | z8z13a_firmware | * |
| hp | f2a70a_firmware | * |
| hp | d7p71a_firmware | * |
| hp | z8z18a_firmware | * |
| hp | cf116a_firmware | * |
| hp | l3u42a_firmware | * |
| hp | j8j71a_firmware | * |
| hp | l3u69a_firmware | * |
| hp | x3a84a_firmware | * |
| hp | z8z20a_firmware | * |
| hp | l3u56a_firmware | * |
| hp | cz244a_firmware | * |
| hp | l3u45a_firmware | * |
| hp | j8a06a_firmware | * |
| hp | z8z14a_firmware | * |
| hp | l3u63a_firmware | * |
| hp | b5l39a_firmware | * |
| hp | x3a92a_firmware | * |
| hp | j8a12a_firmware | * |
| hp | c2s11a_firmware | * |
| hp | cz248a_firmware | * |
| hp | a2w77a_firmware | * |
| hp | x3a63a_firmware | * |
| hp | j8j63a_firmware | * |
| hp | cf068a_firmware | * |
| hp | b5l48a_firmware | * |
| hp | x3a72a_firmware | * |
| hp | z8z23a_firmware | * |
| hp | z8z22a_firmware | * |
| hp | z8z04a_firmware | * |
| hp | cf118a_firmware | * |
| hp | x3a71a_firmware | * |
| hp | d7p73a_firmware | * |
| hp | j8j64a_firmware | * |
| hp | g1w47v_firmware | * |
| hp | z8z02a_firmware | * |
| hp | b5l05a_firmware | * |
| hp | l3u64a_firmware | * |
| hp | j7x28a_firmware | * |
| hp | f2a79a_firmware | * |
| hp | b5l46a_firmware | * |
| hp | z8z05a_firmware | * |
| hp | z8z06a_firmware | * |
| hp | x3a81a_firmware | * |
| hp | b5l04a_firmware | * |
| hp | l3u51a_firmware | * |
| hp | x3a79a_firmware | * |
| hp | m0p39a_firmware | * |
| hp | k0q18a_firmware | * |
| hp | g1w39v_firmware | * |
| hp | x3a62a_firmware | * |
| hp | b3g86a_firmware | * |
| hp | c2s12a_firmware | * |
| hp | l3u48a_firmware | * |
| hp | g1w41v_firmware | * |
| hp | b5l47a_firmware | * |
| hp | x3a74a_firmware | * |
| hp | cd644a_firmware | * |
| hp | l2683a_firmware | * |
In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-347,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_enterprise_m609dh_firmware | * |
| hp | laserjet_enterprise_flow_m830z_mfp_firmware | * |
| hp | color_laserjet_enterprise_mfp_m681dh_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m681z_firmware | * |
| hp | color_laserjet_enterprise_m552_firmware | * |
| hp | color_laserjet_enterprise_m653dh_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m525c_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m681f_firmware | * |
| hp | laserjet_enterprise_mfp_m632fht_firmware | * |
| hp | color_laserjet_enterprise_m651_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e58650z_firmware | * |
| hp | laserjet_enterprise_m4555_mfp_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e77830z_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e77650zs_firmware | * |
| hp | laserjet_enterprise_500_mfp_m525f_firmware | * |
| hp | laserjet_enterprise_m606_firmware | * |
| hp | scanjet_enterprise_flow_n9120_document_flatbed_scanner_firmware | * |
| hp | pagewide_enterprise_color_x556xh_firmware | * |
| hp | laserjet_managed_e60075x_firmware | * |
| hp | laserjet_enterprise_color_500_m551_firmware | * |
| hp | laserjet_managed_e50045dw_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e77650z_firmware | * |
| hp | color_laserjet_enterprise_m553_firmware | * |
| hp | laserjet_enterprise_mfp_m633fh_firmware | * |
| hp | laserjet_managed_flow_mfp_e82550_firmware | * |
| hp | color_laserjet_enterprise_m653dn_firmware | * |
| hp | laserjet_enterprise_700_m712xh_firmware | * |
| hp | pagewide_enterprise_color_mpf_785f_firmware | * |
| hp | laserjet_enterprise_mfp_m632h_firmware | * |
| hp | laserjet_enterprise_m607n_firmware | * |
| hp | laserjet_enterprise_600_m603xh_firmware | * |
| hp | pagewide_managed_color_e55650dn_firmware | * |
| hp | color_laserjet_enterprise_mfp_m682dh_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m631h_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m630z_firmware | * |
| hp | color_laserjet_managed_mfp_e87640dn_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e77660zts_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m632z_firmware | * |
| hp | laserjet_enterprise_mfp_m527_firmware | * |
| hp | laserjet_enterprise_m609dn_firmware | * |
| hp | pagewide_enterprise_color_mfp_586dn_firmware | * |
| hp | pagewide_managed_color_mfp_e77650dn_firmware | * |
| hp | officejet_enterprise_color_x555xh_firmware | * |
| hp | pagewide_managed_color_e75160dn_firmware | * |
| hp | officejet_enterprise_color_mfp_x585_firmware | * |
| hp | laserjet_managed_flow_mfp_e72530_firmware | * |
| hp | laserjet_managed_flow_mfp_e72535z_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e77660zs_firmware | * |
| hp | color_laserjet_enterprise_m652dn_firmware | * |
| hp | laserjet_managed_e60075dn_firmware | * |
| hp | color_laserjet_managed_mfp_e67550dh_firmware | * |
| hp | color_laserjet_enterprise_m750_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m682z_firmware | * |
| hp | laserjet_enterprise_m607dn_firmware | * |
| hp | laserjet_managed_mfp_e62555dn_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e67550f_firmware | * |
| hp | laserjet_managed_mfp_e82550_firmware | * |
| hp | color_laserjet_managed_mfp_e67560dh_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e77660z_firmware | * |
| hp | laserjet_enterprise_800_color_mfp_m880_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e77660dn_firmware | * |
| hp | laserjet_enterprise_500_color_mfp_m575dn_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e87660z_firmware | * |
| hp | color_laserjet_managed_e65060x_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e77822_firmware | * |
| hp | laserjet_managed_mfp_e72525_firmware | * |
| hp | officejet_enterprise_color_flow_mfp_x585_firmware | * |
| hp | pagewide_enterprise_color_x556dn_firmware | * |
| hp | pagewide_enterprise_color_mpf_780dn_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e87650_firmware | * |
| hp | laserjet_enterprise_color_flow_mfp_m575c_firmware | * |
| hp | laserjet_managed_e60065dn_firmware | * |
| hp | color_laserjet_managed_e55040dw_firmware | * |
| hp | pagewide_enterprise_color_flow_mfp_586z_firmware | * |
| hp | digital_sender_flow_8500_fn2_document_capture_workstation_firmware | * |
| hp | color_laserjet_enterprise_m652n_firmware | * |
| hp | laserjet_enterprise_m604_firmware | * |
| hp | pagewide_enterprise_color_765dn_firmware | * |
| hp | laserjet_enterprise_m608dn_firmware | * |
| hp | officejet_enterprise_color_x555dn_firmware | * |
| hp | laserjet_enterprise_700_color_mfp_m775_firmware | * |
| hp | color_laserjet_managed_e65050dn_firmware | * |
| hp | laserjet_enterprise_800_color_m855_firmware | * |
| hp | color_laserjet_enterprise_mfp_m577_firmware | * |
| hp | pagewide_managed_color_mfp_e58650dn_firmware | * |
| hp | laserjet_managed_flow_mfp_e72525_firmware | * |
| hp | color_laserjet_enterprise_m653x_firmware | * |
| hp | laserjet_enterprise_m506_firmware | * |
| hp | laserjet_enterprise_mfp_m630_firmware | * |
| hp | pagewide_managed_color_mfp_e77650dns_firmware | * |
| hp | color_laserjet_cm4540_mfp_firmware | * |
| hp | color_laserjet_m680_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e77825_firmware | * |
| hp | laserjet_enterprise_mfp_m631dn_firmware | * |
| hp | laserjet_enterprise_600_m602_firmware | * |
| hp | laserjet_managed_flow_mfp_e82560z_firmware | * |
| hp | laserjet_enterprise_m608dh_firmware | * |
| hp | color_laserjet_cp5525_firmware | * |
| hp | pagewide_enterprise_color_mpf_785zs_firmware | * |
| hp | color_laserjet_managed_mfp_e87650_firmware | * |
| hp | laserjet_managed_flow_mfp_e62565h_firmware | * |
| hp | color_laserjet_managed_e65060dn_firmware | * |
| hp | laserjet_enterprise_mfp_m631z_firmware | * |
| hp | laserjet_managed_mfp_e52545dn_firmware | * |
| hp | laserjet_managed_mfp_e82540_firmware | * |
| hp | laserjet_managed_e60065x_firmware | * |
| hp | laserjet_managed_flow_mfp_e82540_firmware | * |
| hp | laserjet_enterprise_mfp_m725_firmware | * |
| hp | color_laserjet_enterprise_mfp_m681f_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e87640_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e87640z_firmware | * |
| hp | pagewide_enterprise_color_mfp_586f_firmware | * |
| hp | laserjet_enterprise_m608x_firmware | * |
| hp | color_laserjet_managed_mfp_e57540dn_firmware | * |
| hp | color_laserjet_managed_mfp_e77825_firmware | * |
| hp | laserjet_managed_flow_mfp_e62565z_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m633z_firmware | * |
| hp | laserjet_managed_mfp_e62565hs_firmware | * |
| hp | color_laserjet_managed_mfp_e77830dn_firmware | * |
| hp | color_laserjet_managed_mfp_e77822_firmware | * |
| hp | color_laserjet_managed_mfp_e87660dn_firmware | * |
| hp | laserjet_managed_mfp_e72530_firmware | * |
| hp | scanjet_enterprise_8500_document_capture_workstation_firmware | * |
| hp | pagewide_enterprise_color_mpf_780f_firmware | * |
| hp | laserjet_managed_flow_mfp_e62575z_firmware | * |
| hp | laserjet_managed_flow_mfp_e52545c_firmware | * |
| hp | laserjet_enterprise_m605_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e57540c_firmware | * |
| hp | laserjet_enterprise_m806_firmware | * |
| hp | color_laserjet_managed_mfp_e87640_firmware | * |
| hp | laserjet_managed_mfp_e82560dn_firmware | * |
| hp | laserjet_enterprise_m609x_firmware | * |
| hp | laserjet_managed_e60055dn_firmware | * |
| hp | laserjet_managed_flow_mfp_e62555dn_firmware | * |
| hp | laserjet_enterprise_600_m601_firmware | * |
| hp | laserjet_managed_mfp_e72535dn_firmware | * |
| hp | laserjet_enterprise_m608n_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e67560z_firmware | * |
A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | cr769a_firmware | 1829a |
| hp | d3q19a_firmware | 001.1829a |
| hp | t0g56a_firmware | 1827b |
| hp | w1b37_firmware | 005.1828a |
| hp | 3aw51a_firmware | 1828a |
| hp | t6t77a_firmware | 1827b |
| hp | f0v63_firmware | 1827b |
| hp | t0g50a_firmware | 1828a |
| hp | 1jl02a_firmware | 1829a |
| hp | a9j41_firmware | 1828b |
| hp | cq891c_firmware | 1829b |
| hp | cn460a_firmware | 1829b |
| hp | l9d57a_firmware | 1828a |
| hp | f0v67_firmware | 1827b |
| hp | y0s19a_firmware | 1828a |
| hp | d3q20d_firmware | 001.1829a |
| hp | w1b31_firmware | 005.1828a |
| hp | cn463a_firmware | 1829b |
| hp | cr768a_firmware | 1829a |
| hp | cn459a_firmware | 1829b |
| hp | g0v47_firmware | 1831a |
| hp | k9z76a_firmware | 001.1829a |
| hp | j9v80b_firmware | 001.1829a |
| hp | t0f29a_firmware | 1830a |
| hp | t1p36_firmware | 1827a |
| hp | z4b56a_firmware | 1805j |
| hp | cq893ar_firmware | 1829b |
| hp | t3p04a_firmware | 1828a |
| hp | cz293a_firmware | 1828a |
| hp | j7a28a_firmware | 1828a |
| hp | f5s57a_firmware | 1829a |
| hp | 2nd31a_firmware | 1828b |
| hp | d4h21a_firmware | 1826a |
| hp | t0g45a_firmware | 1828a |
| hp | b9s58a_firmware | 1830b |
| hp | e3e03a_firmware | 1827a |
| hp | y3z45_firmware | 005.1828a |
| hp | g5j38a_firmware | 1828a |
| hp | b9s57c_firmware | 1829a |
| hp | d3q17d_firmware | 001.1829a |
| hp | j9v82b_firmware | 001.1829a |
| hp | w3u23_firmware | 1827b |
| hp | y3z57_firmware | 005.1828a |
| hp | f1h97_firmware | 1828b |
| hp | y5h80a_firmware | 1828a |
| hp | d7z37a_firmware | 1828a |
| hp | n4k99c_firmware | 1828a |
| hp | t0g70a_firmware | 1827b |
| hp | cn598a_firmware | 1829b |
| hp | m9l65a_firmware | 1828a |
| hp | j6u63_firmware | 1827b |
| hp | z4a54_firmware | 1828b |
| hp | k4t99b_firmware | 1829a |
| hp | e2d42a_firmware | 1828a |
| hp | k7s42a_firmware | 1832a |
| hp | g0v48b_firmware | 1831a |
| hp | t0g25a_firmware | 1827a |
| hp | d3p93a_firmware | 1827b |
| hp | 4sc29a_firmware | 1828a |
| hp | d4h25a_firmware | 1830a |
| hp | cz152a_firmware | 1829a |
| hp | m2u81_firmware | 1828a |
| hp | t8w35a_firmware | 1830a |
| hp | l9b95a_firmware | 1827a |
| hp | p4c78a_firmware | 1828a |
| hp | m2u91_firmware | 1828a |
| hp | t8x44_firmware | 1828a |
| hp | cz284a_firmware | 1830a |
| hp | t8x39_firmware | 1828a |
| hp | k7s37a_firmware | 1828a |
| hp | a9u23_firmware | 1828a |
| hp | d3q15a_firmware | 001.1829a |
| hp | k9z76d_firmware | 001.1829a |
| hp | j6u55a_firmware | 001.1829a |
| hp | cx017a_firmware | 1828b |
| hp | y3z54_firmware | 005.1828a |
| hp | cq890d_firmware | 1829b |
| hp | cq890a_firmware | 1829b |
| hp | cq893c_firmware | 1829b |
| hp | n9m07a_firmware | 1829a |
| hp | f8b09_firmware | 1830a |
| hp | 3yz74a_firmware | 1828a |
| hp | cq761a_firmware | 1829b |
| hp | m2u86_firmware | 1828a |
| hp | j7a31a_firmware | 1828a |
| hp | z4b07a_firmware | 1737j |
| hp | d3q21c_firmware | 001.1829a |
| hp | j9v87a_firmware | 1828a |
| hp | g0v48c_firmware | 1828b |
| hp | k7v42c_firmware | 1829a |
| hp | x3b09a_firmware | 1829a |
| hp | t5d66a_firmware | 1829a |
| hp | k7s34a_firmware | 1828a |
| hp | t0a23a_firmware | 1829a |
| hp | j9v82d_firmware | 001.1829a |
| hp | j6x80a_firmware | 1828a |
| hp | j6u55b_firmware | 001.1829a |
| hp | m2q28a_firmware | 1829a |
| hp | f0v64_firmware | 1827b |
| hp | cq890ar_firmware | 1829b |
| hp | cm750a_firmware | 1829a |
| hp | cz025a_firmware | 1830a |
| hp | d3q17a_firmware | 001.1829a |
| hp | z4b53a_firmware | 1737j |
| hp | cq890c_firmware | 1829b |
| hp | cq891ar_firmware | 1829b |
| hp | n4l18c_firmware | 1826a |
| hp | cn583a_firmware | 1828a |
| hp | g3j47a_firmware | 1828b |
| hp | a7f64a_firmware | 1828a |
| hp | k9h48_firmware | 1827b |
| hp | f5s43_firmware | 1829a |
| hp | k7g86_firmware | 1830b |
| hp | d3q20b_firmware | 001.1829a |
| hp | a9j40a_firmware | 1828b |
| hp | t0k98a_firmware | 1828a |
| hp | 4uj28b_firmware | 1828a |
| hp | t8w51a_firmware | 1828a |
| hp | f8b05a_firmware | 1830b |
| hp | f5s00_firmware | 1830a |
| hp | m2u76_firmware | 1831a |
| hp | cz992a_firmware | 1828a |
| hp | d3q16a_firmware | 001.1829a |
| hp | k9u05b_firmware | 1828a |
| hp | n4l14c_firmware | 1827a |
| hp | e3e02a_firmware | 1828a |
| hp | n4l17a_firmware | 1828a |
| hp | cm749a_firmware | 1829a |
| hp | f9a28b_firmware | 1829a |
| hp | v1n02a_firmware | 1828a |
| hp | y5z00a_firmware | 1829a |
| hp | k9h57_firmware | 1827b |
| hp | cq176a_firmware | 1829b |
| hp | v6d27_firmware | 1828a |
| hp | d3a82a_firmware | 1828b |
| hp | f8b12a_firmware | 1830a |
| hp | y3z44_firmware | 005.1828a |
| hp | k7c84_firmware | 1831a |
| hp | w1b39_firmware | 005.1828a |
| hp | d3q15d_firmware | 001.1829a |
| hp | d3q21d_firmware | 001.1829a |
| hp | t1q00_firmware | 1827b |
| hp | f8b04a_firmware | 1830b |
| hp | j2d37a_firmware | 1828a |
| hp | f5r95_firmware | 1830a |
| hp | d3q16b_firmware | 001.1829a |
| hp | l8l91a_firmware | 1828a |
| hp | d4h24b_firmware | 1826a |
| hp | f8b13a_firmware | 1830b |
| hp | a7f65a_firmware | 1828a |
| hp | k9v76_firmware | 1830a |
| hp | cv136a_firmware | 1829a |
| hp | d9l63a_firmware | 1827b |
| hp | cz282a_firmware | 1831a |
| hp | y3z47_firmware | 005.1828a |
| hp | j9v86a_firmware | 1828a |
| hp | j6u69_firmware | 1827b |
| hp | y0s18a_firmware | 1830a |
| hp | 3aw44a_firmware | 1828a |
| hp | j9v82c_firmware | 001.1829a |
| hp | w1b33_firmware | 005.1828a |
| hp | f5s60a_firmware | 1829a |
| hp | cz292a_firmware | 1828a |
| hp | e1d36a_firmware | 1828a |
| hp | g1w52a_firmware | 1828a |
| hp | j6u55d_firmware | 001.1829a |
| hp | m9l81a_firmware | 1828a |
| hp | b9s56a_firmware | 1830b |
| hp | cz283a_firmware | 1829a |
| hp | z6z97a_firmware | 1805j |
| hp | k7v35_firmware | 1829a |
| hp | t0g54a_firmware | 1828a |
| hp | cz294a_firmware | 1830a |
| hp | j6u57b_firmware | 001.1829a |
| hp | j7k34a_firmware | 1828a |
| hp | j6u59_firmware | 1827b |
| hp | cx042_firmware | 1828b |
| hp | m9l80a_firmware | 1828a |
| hp | cn461a_firmware | 1829b |
| hp | cq176_firmware | 1828a |
| hp | a9u19a_firmware | 1828b |
| hp | j6u55c_firmware | 001.1829a |
| hp | d3q19d_firmware | 001.1829a |
| hp | y3z46_firmware | 005.1828a |
| hp | b4l03_firmware | 1830a |
| hp | g1x85a_firmware | 1828a |
| hp | d4h22a_firmware | 1826a |
| hp | cq183a_firmware | 1828b |
| hp | g0450_firmware | 1831a |
| hp | j6x76a_firmware | 1828a |
| hp | f9d36_firmware | 1830a |
| hp | a9t80b_firmware | 1828a |
| hp | c9s13a_firmware | 1827d |
| hp | m9l73a_firmware | 1828a |
| hp | 1dt61a_firmware | 1828a |
| hp | f5r96a_firmware | 1830a |
| hp | k4u04b_firmware | 1829a |
| hp | v1n01a_firmware | 1828a |
| hp | w1b38_firmware | 005.1828a |
| hp | j3p68a_firmware | 1829a |
| hp | cq891b_firmware | 1829b |
| hp | cq893a_firmware | 1829b |
| hp | cq893b_firmware | 1829b |
| hp | z4b12_firmware | 1830a |
| hp | 1sh08_firmware | 1828a |
| hp | y5h60a_firmware | 1828a |
| hp | f8b06a_firmware | 1830b |
| hp | b4l08a_firmware | 1830a |
| hp | a9u28b_firmware | 1828b |
| hp | d3q21a_firmware | 001.1829a |
| hp | z6z11a_firmware | 1805j |
| hp | cq890e_firmware | 1829b |
| hp | d3q16d_firmware | 001.1829a |
| hp | cq891a_firmware | 1829b |
| hp | d9l20a_firmware | 1827a |
| hp | d3q17c_firmware | 001.1829a |
| hp | d7z36a_firmware | 1828a |
| hp | k7g93a_firmware | 1737j |
| hp | w3u25_firmware | 1828a |
| hp | k9t01_firmware | 1827b |
| hp | j7k33a_firmware | 1828a |
| hp | d9l19a_firmware | 1828a |
| hp | t0f28a_firmware | 1828a |
| hp | f9a29b_firmware | 1829a |
| hp | e4w43_firmware | 1829d |
| hp | cz045a_firmware | 1830a |
| hp | d9l64a_firmware | 1827b |
| hp | cz276a_firmware | 1827a |
| hp | p0r21a_firmware | 1829a |
| hp | t5d67a_firmware | 1829a |
| hp | cq890b_firmware | 1829b |
| hp | a7f66a_firmware | 1828b |
| hp | b9s76_firmware | 1830a |
| hp | j9v82a_firmware | 001.1829a |
| hp | cn216a_firmware | 1829a |
| hp | d3q20c_firmware | 001.1829a |
| hp | z6z95a_firmware | 1805j |
| hp | d9l18a_firmware | 1828a |
| hp | cq893e_firmware | 1829b |
| hp | m2u75_firmware | 1828a |
| hp | j5t77a_firmware | 1828a |
| hp | d3q15b_firmware | 001.1829a |
| hp | t3p03a_firmware | 1828a |
| hp | f9a29a_firmware | 1829a |
| hp | d4j74_firmware | 1830a |
| hp | v1n08a_firmware | 1828a |
| hp | f1h96_firmware | 1830a |
| hp | cv037a_firmware | 1829b |
| hp | a9t89a_firmware | 1828a |
| hp | cz993a_firmware | 1827a |
| hp | f9a28a_firmware | 1829a |
| hp | f5s65a_firmware | 1829a |
| hp | d3q16c_firmware | 001.1829a |
| hp | d3q20a_firmware | 001.1829a |
| hp | d4j85b_firmware | 1831a |
| hp | f1j00_firmware | 1830a |
| hp | cr7770a_firmware | 1828a |
| hp | j9v80a_firmware | 001.1829a |
| hp | m9l70a_firmware | 1828a |
| hp | f0m65a_firmware | 1828a |
| hp | 1jl02b_firmware | 1829a |
| hp | a9t80a_firmware | 1828a |
| hp | cn577a_firmware | 1828a |
| hp | d3a78b_firmware | 1828b |
| hp | cr771a_firmware | 1829a |
| hp | m2u85_firmware | 1828a |
| hp | cn581a_firmware | 1827d |
| hp | k7g18a_firmware | 1829d |
| hp | t1p99_firmware | 1828a |
| hp | e1d34a_firmware | 1828a |
A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | cr769a_firmware | 1829a |
| hp | d3q19a_firmware | 001.1829a |
| hp | t0g56a_firmware | 1827b |
| hp | w1b37_firmware | 005.1828a |
| hp | 3aw51a_firmware | 1828a |
| hp | t6t77a_firmware | 1827b |
| hp | f0v63_firmware | 1827b |
| hp | t0g50a_firmware | 1828a |
| hp | 1jl02a_firmware | 1829a |
| hp | a9j41_firmware | 1828b |
| hp | cq891c_firmware | 1829b |
| hp | cn460a_firmware | 1829b |
| hp | l9d57a_firmware | 1828a |
| hp | f0v67_firmware | 1827b |
| hp | y0s19a_firmware | 1828a |
| hp | d3q20d_firmware | 001.1829a |
| hp | w1b31_firmware | 005.1828a |
| hp | cn463a_firmware | 1829b |
| hp | cr768a_firmware | 1829a |
| hp | cn459a_firmware | 1829b |
| hp | g0v47_firmware | 1831a |
| hp | k9z76a_firmware | 001.1829a |
| hp | j9v80b_firmware | 001.1829a |
| hp | t0f29a_firmware | 1830a |
| hp | t1p36_firmware | 1827a |
| hp | z4b56a_firmware | 1805j |
| hp | cq893ar_firmware | 1829b |
| hp | t3p04a_firmware | 1828a |
| hp | cz293a_firmware | 1828a |
| hp | j7a28a_firmware | 1828a |
| hp | f5s57a_firmware | 1829a |
| hp | 2nd31a_firmware | 1828b |
| hp | d4h21a_firmware | 1826a |
| hp | t0g45a_firmware | 1828a |
| hp | b9s58a_firmware | 1830b |
| hp | e3e03a_firmware | 1827a |
| hp | y3z45_firmware | 005.1828a |
| hp | g5j38a_firmware | 1828a |
| hp | b9s57c_firmware | 1829a |
| hp | d3q17d_firmware | 001.1829a |
| hp | j9v82b_firmware | 001.1829a |
| hp | w3u23_firmware | 1827b |
| hp | y3z57_firmware | 005.1828a |
| hp | f1h97_firmware | 1828b |
| hp | y5h80a_firmware | 1828a |
| hp | d7z37a_firmware | 1828a |
| hp | n4k99c_firmware | 1828a |
| hp | t0g70a_firmware | 1827b |
| hp | cn598a_firmware | 1829b |
| hp | m9l65a_firmware | 1828a |
| hp | j6u63_firmware | 1827b |
| hp | z4a54_firmware | 1828b |
| hp | k4t99b_firmware | 1829a |
| hp | e2d42a_firmware | 1828a |
| hp | k7s42a_firmware | 1832a |
| hp | g0v48b_firmware | 1831a |
| hp | t0g25a_firmware | 1827a |
| hp | d3p93a_firmware | 1827b |
| hp | 4sc29a_firmware | 1828a |
| hp | d4h25a_firmware | 1830a |
| hp | cz152a_firmware | 1829a |
| hp | m2u81_firmware | 1828a |
| hp | t8w35a_firmware | 1830a |
| hp | l9b95a_firmware | 1827a |
| hp | p4c78a_firmware | 1828a |
| hp | m2u91_firmware | 1828a |
| hp | t8x44_firmware | 1828a |
| hp | cz284a_firmware | 1830a |
| hp | t8x39_firmware | 1828a |
| hp | k7s37a_firmware | 1828a |
| hp | a9u23_firmware | 1828a |
| hp | d3q15a_firmware | 001.1829a |
| hp | k9z76d_firmware | 001.1829a |
| hp | j6u55a_firmware | 001.1829a |
| hp | cx017a_firmware | 1828b |
| hp | y3z54_firmware | 005.1828a |
| hp | cq890d_firmware | 1829b |
| hp | cq890a_firmware | 1829b |
| hp | cq893c_firmware | 1829b |
| hp | n9m07a_firmware | 1829a |
| hp | f8b09_firmware | 1830a |
| hp | 3yz74a_firmware | 1828a |
| hp | cq761a_firmware | 1829b |
| hp | m2u86_firmware | 1828a |
| hp | j7a31a_firmware | 1828a |
| hp | z4b07a_firmware | 1737j |
| hp | d3q21c_firmware | 001.1829a |
| hp | j9v87a_firmware | 1828a |
| hp | g0v48c_firmware | 1828b |
| hp | k7v42c_firmware | 1829a |
| hp | x3b09a_firmware | 1829a |
| hp | t5d66a_firmware | 1829a |
| hp | k7s34a_firmware | 1828a |
| hp | t0a23a_firmware | 1829a |
| hp | j9v82d_firmware | 001.1829a |
| hp | j6x80a_firmware | 1828a |
| hp | j6u55b_firmware | 001.1829a |
| hp | m2q28a_firmware | 1829a |
| hp | f0v64_firmware | 1827b |
| hp | cq890ar_firmware | 1829b |
| hp | cm750a_firmware | 1829a |
| hp | cz025a_firmware | 1830a |
| hp | d3q17a_firmware | 001.1829a |
| hp | z4b53a_firmware | 1737j |
| hp | cq890c_firmware | 1829b |
| hp | cq891ar_firmware | 1829b |
| hp | n4l18c_firmware | 1826a |
| hp | cn583a_firmware | 1828a |
| hp | g3j47a_firmware | 1828b |
| hp | a7f64a_firmware | 1828a |
| hp | k9h48_firmware | 1827b |
| hp | f5s43_firmware | 1829a |
| hp | k7g86_firmware | 1830b |
| hp | d3q20b_firmware | 001.1829a |
| hp | a9j40a_firmware | 1828b |
| hp | t0k98a_firmware | 1828a |
| hp | 4uj28b_firmware | 1828a |
| hp | t8w51a_firmware | 1828a |
| hp | f8b05a_firmware | 1830b |
| hp | f5s00_firmware | 1830a |
| hp | m2u76_firmware | 1831a |
| hp | cz992a_firmware | 1828a |
| hp | d3q16a_firmware | 001.1829a |
| hp | k9u05b_firmware | 1828a |
| hp | n4l14c_firmware | 1827a |
| hp | e3e02a_firmware | 1828a |
| hp | n4l17a_firmware | 1828a |
| hp | cm749a_firmware | 1829a |
| hp | f9a28b_firmware | 1829a |
| hp | v1n02a_firmware | 1828a |
| hp | y5z00a_firmware | 1829a |
| hp | k9h57_firmware | 1827b |
| hp | cq176a_firmware | 1829b |
| hp | v6d27_firmware | 1828a |
| hp | d3a82a_firmware | 1828b |
| hp | f8b12a_firmware | 1830a |
| hp | y3z44_firmware | 005.1828a |
| hp | k7c84_firmware | 1831a |
| hp | w1b39_firmware | 005.1828a |
| hp | d3q15d_firmware | 001.1829a |
| hp | d3q21d_firmware | 001.1829a |
| hp | t1q00_firmware | 1827b |
| hp | f8b04a_firmware | 1830b |
| hp | j2d37a_firmware | 1828a |
| hp | f5r95_firmware | 1830a |
| hp | d3q16b_firmware | 001.1829a |
| hp | l8l91a_firmware | 1828a |
| hp | d4h24b_firmware | 1826a |
| hp | f8b13a_firmware | 1830b |
| hp | a7f65a_firmware | 1828a |
| hp | k9v76_firmware | 1830a |
| hp | cv136a_firmware | 1829a |
| hp | d9l63a_firmware | 1827b |
| hp | cz282a_firmware | 1831a |
| hp | y3z47_firmware | 005.1828a |
| hp | j9v86a_firmware | 1828a |
| hp | j6u69_firmware | 1827b |
| hp | y0s18a_firmware | 1830a |
| hp | 3aw44a_firmware | 1828a |
| hp | j9v82c_firmware | 001.1829a |
| hp | w1b33_firmware | 005.1828a |
| hp | f5s60a_firmware | 1829a |
| hp | cz292a_firmware | 1828a |
| hp | e1d36a_firmware | 1828a |
| hp | g1w52a_firmware | 1828a |
| hp | j6u55d_firmware | 001.1829a |
| hp | m9l81a_firmware | 1828a |
| hp | b9s56a_firmware | 1830b |
| hp | cz283a_firmware | 1829a |
| hp | z6z97a_firmware | 1805j |
| hp | k7v35_firmware | 1829a |
| hp | t0g54a_firmware | 1828a |
| hp | cz294a_firmware | 1830a |
| hp | j6u57b_firmware | 001.1829a |
| hp | j7k34a_firmware | 1828a |
| hp | j6u59_firmware | 1827b |
| hp | cx042_firmware | 1828b |
| hp | m9l80a_firmware | 1828a |
| hp | cn461a_firmware | 1829b |
| hp | cq176_firmware | 1828a |
| hp | a9u19a_firmware | 1828b |
| hp | j6u55c_firmware | 001.1829a |
| hp | d3q19d_firmware | 001.1829a |
| hp | y3z46_firmware | 005.1828a |
| hp | b4l03_firmware | 1830a |
| hp | g1x85a_firmware | 1828a |
| hp | d4h22a_firmware | 1826a |
| hp | cq183a_firmware | 1828b |
| hp | g0450_firmware | 1831a |
| hp | j6x76a_firmware | 1828a |
| hp | f9d36_firmware | 1830a |
| hp | a9t80b_firmware | 1828a |
| hp | c9s13a_firmware | 1827d |
| hp | m9l73a_firmware | 1828a |
| hp | 1dt61a_firmware | 1828a |
| hp | f5r96a_firmware | 1830a |
| hp | k4u04b_firmware | 1829a |
| hp | v1n01a_firmware | 1828a |
| hp | w1b38_firmware | 005.1828a |
| hp | j3p68a_firmware | 1829a |
| hp | cq891b_firmware | 1829b |
| hp | cq893a_firmware | 1829b |
| hp | cq893b_firmware | 1829b |
| hp | z4b12_firmware | 1830a |
| hp | 1sh08_firmware | 1828a |
| hp | y5h60a_firmware | 1828a |
| hp | f8b06a_firmware | 1830b |
| hp | b4l08a_firmware | 1830a |
| hp | a9u28b_firmware | 1828b |
| hp | d3q21a_firmware | 001.1829a |
| hp | z6z11a_firmware | 1805j |
| hp | cq890e_firmware | 1829b |
| hp | d3q16d_firmware | 001.1829a |
| hp | cq891a_firmware | 1829b |
| hp | d9l20a_firmware | 1827a |
| hp | d3q17c_firmware | 001.1829a |
| hp | d7z36a_firmware | 1828a |
| hp | k7g93a_firmware | 1737j |
| hp | w3u25_firmware | 1828a |
| hp | k9t01_firmware | 1827b |
| hp | j7k33a_firmware | 1828a |
| hp | d9l19a_firmware | 1828a |
| hp | t0f28a_firmware | 1828a |
| hp | f9a29b_firmware | 1829a |
| hp | e4w43_firmware | 1829d |
| hp | cz045a_firmware | 1830a |
| hp | d9l64a_firmware | 1827b |
| hp | cz276a_firmware | 1827a |
| hp | p0r21a_firmware | 1829a |
| hp | t5d67a_firmware | 1829a |
| hp | cq890b_firmware | 1829b |
| hp | a7f66a_firmware | 1828b |
| hp | b9s76_firmware | 1830a |
| hp | j9v82a_firmware | 001.1829a |
| hp | cn216a_firmware | 1829a |
| hp | d3q20c_firmware | 001.1829a |
| hp | z6z95a_firmware | 1805j |
| hp | d9l18a_firmware | 1828a |
| hp | cq893e_firmware | 1829b |
| hp | m2u75_firmware | 1828a |
| hp | j5t77a_firmware | 1828a |
| hp | d3q15b_firmware | 001.1829a |
| hp | t3p03a_firmware | 1828a |
| hp | f9a29a_firmware | 1829a |
| hp | d4j74_firmware | 1830a |
| hp | v1n08a_firmware | 1828a |
| hp | f1h96_firmware | 1830a |
| hp | cv037a_firmware | 1829b |
| hp | a9t89a_firmware | 1828a |
| hp | cz993a_firmware | 1827a |
| hp | f9a28a_firmware | 1829a |
| hp | f5s65a_firmware | 1829a |
| hp | d3q16c_firmware | 001.1829a |
| hp | d3q20a_firmware | 001.1829a |
| hp | d4j85b_firmware | 1831a |
| hp | f1j00_firmware | 1830a |
| hp | cr7770a_firmware | 1828a |
| hp | j9v80a_firmware | 001.1829a |
| hp | m9l70a_firmware | 1828a |
| hp | f0m65a_firmware | 1828a |
| hp | 1jl02b_firmware | 1829a |
| hp | a9t80a_firmware | 1828a |
| hp | cn577a_firmware | 1828a |
| hp | d3a78b_firmware | 1828b |
| hp | cr771a_firmware | 1829a |
| hp | m2u85_firmware | 1828a |
| hp | cn581a_firmware | 1827d |
| hp | k7g18a_firmware | 1829d |
| hp | t1p99_firmware | 1828a |
| hp | e1d34a_firmware | 1828a |
A potential vulnerability has been identified in HP Remote Graphics Software’s certificate authentication process version 7.5.0 and earlier.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | remote_graphics_software | * |
HP Support Assistant before 8.7.50.3 allows an unauthorized person with local access to load arbitrary code.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | operations_orchestration | 10.0 |
Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow persistent cross-site scripting, and non-persistent HTML Injection.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 10.50 |
| hp | network_operations_management_ultimate | 2017.07 |
| hp | network_automation | 10.10 |
| hp | network_automation | 10.30 |
| hp | network_operations_management_ultimate | 2018.02 |
| hp | network_automation | 10.00 |
| hp | network_operations_management_ultimate | 2017.11 |
| hp | network_automation | 10.20 |
| hp | network_automation | 10.11 |
| hp | network_automation | 10.40 |
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 10.50 |
| hp | network_operations_management_ultimate | 2017.07 |
| hp | network_automation | 10.10 |
| hp | network_automation | 10.30 |
| hp | network_operations_management_ultimate | 2018.02 |
| hp | network_automation | 10.00 |
| hp | network_operations_management_ultimate | 2017.11 |
| hp | network_automation | 10.20 |
| hp | network_automation | 10.11 |
| hp | network_automation | 10.40 |
A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_management_center | * |
Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. This vulnerability could be exploited to allow for insufficient access controls.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_management_center | * |
A potential Reflected Cross-Site Scripting (XSS) Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Reflected Cross-site Scripting (XSS).
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_management_center | * |
A potential Access Control vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for vulnerable Access Controls.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_management_center | * |
A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Unauthenticated File Downloads.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_management_center | * |
Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_clearpass_policy_manager | * |
Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the "mon" permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is only present when authenticated as a user with "mon" permission.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_clearpass_policy_manager | * |
HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-444,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | centralview_fraud_risk_management | * |
HPE has identified a remote unauthenticated access to files vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | centralview_fraud_risk_management | * |
HPE has identified a remote disclosure of information vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | centralview_fraud_risk_management | * |
HPE has identified a remote access to sensitive information vulnerability in HPE Network Function Virtualization Director (NFVD) 4.2.1 prior to gui patch 3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | network_function_virtualization_director | 4.2.1 |
| hp | network_function_virtualization_director | * |
A remote bypass of security restrictions vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | moonshot_provisioning_manager | * |
A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24.
CVSS 2.0
Severity: LOW
Problem Type: CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 14.04 |
| hp | moonshot_provisioning_manager | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 16.04 |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT 7.3 E0506P07. The vulnerability was resolved in iMC PLAT 7.3 E0605P04 or subsequent version.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A remote cross-site scripting (XSS) vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT version v7.3 (E0506). The vulnerability is fixed in Intelligent Management Center PLAT 7.3 E0605P04 or subsequent version.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A security vulnerability in HPE XP P9000 Command View Advanced Edition (CVAE) Device Manager (DevMgr 8.5.0-00 and prior to 8.6.0-00), Configuration Manager (CM 8.5.0-00 and prior to 8.6.0-00) could be exploited to allow local and remote unauthorized access to sensitive information.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp_p9000_configuration_manager | * |
| hp | xp_p9000_device_manager | * |
A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | integrated_lights-out_5_firmware | * |
HPE XP P9000 Command View Advanced Edition Software (CVAE) has local and remote cross site scripting vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp_9000_command_view | * |
HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp_9000_command_view | * |
A potential security vulnerability has been identified in HPE Intelligent Management Center Platform (IMC Plat) 7.3 E0506P09. The vulnerability could be remotely exploited to allow for remote directory traversal leading to arbitrary file deletion.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior to v2.55 could be remotely exploited to create a denial of service.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | integrated_lights-out_5_firmware | * |
| hp | moonshot_chassis_manager_firmware | * |
| hp | integrated_lights-out_3_firmware | * |
| hp | moonshot_component_pack_firmware | * |
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow access restriction bypass.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_provider | sp-4.2.0 |
| hp | 3par_service_provider | sp-4.4.0 |
| hp | 3par_service_provider | sp-4.3.0 |
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow code execution.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_provider | sp-4.2.0 |
| hp | 3par_service_provider | sp-4.4.0 |
| hp | 3par_service_provider | sp-4.3.0 |
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow cross-site request forgery.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_provider | sp-4.2.0 |
| hp | 3par_service_provider | sp-4.4.0 |
| hp | 3par_service_provider | sp-4.3.0 |
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow directory traversal.
CVSS 2.0
Severity: LOW
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_provider | sp-4.2.0 |
| hp | 3par_service_provider | sp-4.4.0 |
| hp | 3par_service_provider | sp-4.3.0 |
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow disclosure of privileged information.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_provider | sp-4.2.0 |
| hp | 3par_service_provider | sp-4.4.0 |
| hp | 3par_service_provider | sp-4.3.0 |
A potential security vulnerability has been identified in HPE OfficeConnect 1810 Switch Series (HP 1810-24G - P.2.22 and previous versions, HP 1810-48G PK.1.34 and previous versions, HP 1810-8 v2 P.2.22 and previous versions). The vulnerability could allow local disclosure of sensitive information.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | officeconnect_1810-48g_switch_firmware | * |
| hp | officeconnect_1810-24g_switch_firmware | * |
| hp | officeconnect_1810-8_v2_switch_firmware | * |
A potential remote denial of service security vulnerability has been identified in HPE Integrated Lights Out 4 prior to v2.60 and iLO 5 for Gen 10 servers prior to v1.30.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | integrated_lights-out_5_firmware | * |
A security vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09, createFabricAutoCfgFile could be remotely exploited via directory traversal to allow remote arbitrary file modification.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center_wireless_services_manager_software | 7.3 |
| hp | intelligent_management_center_wireless_services_manager_software | * |
A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center_wireless_services_manager_software | 7.3 |
| hp | intelligent_management_center_wireless_services_manager_software | * |
A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | integrated_lights-out_5_firmware | * |
| hp | integrated_lights-out_3_firmware | * |
HPE has addressed a remote arbitrary file modification vulnerability in HPE enhanced Internet Usage Manager (eIUM) v9.0FP1 with the cumulative patch for v9.0FP1 - eIUM90FP01XXX.YYYYMMDD-HHMM.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | enhanced_internet_usage_manager | 9.0 |
A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Specifically, there is a malfunction identified in some section of the DSM portal and some DSM APIs. The impact of the malfunction is that the info can be changed by other users.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_internet_of_things | 1.4.0 |
| hp | universal_internet_of_things | 1.4.1 |
| hp | universal_internet_of_things | 1.4.2 |
| hp | universal_internet_of_things | 1.5 |
| hp | universal_internet_of_things | 1.2.4.2 |
The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which also addressed the original Spectre/Meltdown set of vulnerabilities. At that time, the Windows firmware installer was also updated in the versions of HPE Integrated Lights-Out 2, 3, and 4 (iLO 2, 3, and 4) listed in the security bulletin. The updated HPE Windows firmware installer was released in the system ROM and HPE Integrated Lights-Out (iLO) releases documented in earlier HPE Security Bulletins: HPESBHF03805, HPESBHF03835, HPESBHF03831. Windows-based systems that have already been updated to the system ROM or iLO versions described in these security bulletins require no further action.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | proliant_bl490c_g7_server_blade_firmware | * |
| hp | proliant_dl380p_gen8_server_firmware | * |
| hp | proliant_dl380e_gen8_server_firmware | * |
| hp | proliant_dl120_g7_server_firmware | * |
| hp | proliant_xl270d_gen9_accelerator_tray_firmware | * |
| hp | proliant_dl585_g7_server_(amd)_firmware | * |
| hp | proliant_xl450_gen9_server_firmware | * |
| hp | proliant_dl60_gen9_server_firmware | * |
| hp | proliant_bl465c_gen8_(amd)_firmware | * |
| hp | proliant_ml310e_gen8_v2_server_firmware | * |
| hp | proliant_ml110_gen9_server_firmware | * |
| hp | proliant_dl385_g7_server_firmware | * |
| hp | proliant_ml10_gen9_server_firmware | * |
| hp | integrated_lights-out_3_firmware | * |
| hp | proliant_ml350e_gen8_server_firmware | * |
| hp | proliant_thin_micro_tm200_server_firmware | * |
| hp | proliant_ml310e_gen8_server_firmware | * |
| hp | proliant_dl160_g6_server_firmware | * |
| hp | proliant_ml330_g6_server_firmware | * |
| hp | proliant_ml350p_gen8_server_firmware | * |
| hp | proliant_ml150_g6_server_firmware | * |
| hp | proliant_microserver_gen8_firmware | * |
| hp | proliant_bl460c_g7_server_blade_firmware | * |
| hp | proliant_dl320e_gen8_v2_server_firmware | * |
| hp | integrated_lights-out_2_firmware | * |
| hp | proliant_ml110_g6_server_firmware | * |
| hp | proliant_ml350e_gen8_v2_server_firmware | * |
| hp | proliant_dl180_g6_server_firmware | * |
| hp | proliant_bl460c_gen9_server_blade_firmware | * |
| hp | proliant_ws460c_gen9_workstation_firmware | * |
| hp | proliant_dl380_gen9_server_firmware | * |
| hp | proliant_dl80_gen9_server_firmware | * |
| hp | proliant_xl260a_gen9_server_firmware | * |
| hp | proliant_xl230a_gen9_server_firmware | * |
| hp | proliant_ml30_gen9_server_firmware | * |
| hp | proliant_dl580_g7_server_firmware | * |
| hp | proliant_dl560_gen9_server_firmware | * |
| hp | proliant_xl270d_gen9_server_firmware | * |
| hp | proliant_dl360_g6_server_firmware | * |
| hp | proliant_bl460c_g6_server_blade_firmware | * |
| hp | proliant_sl4545_g7_server_(amd)_firmware | 2018.03.14(a) |
| hp | proliant_dl380_g6_server_firmware | * |
| hp | proliant_ml350_gen9_server_firmware | * |
| hp | proliant_sl170z_g6_server_firmware | * |
| hp | proliant_bl465c_g7_server_blade_firmware | * |
| hp | proliant_dl360e_gen8_server_firmware | * |
| hp | proliant_dl560_gen8_server_firmware | * |
| hp | proliant_m710_server_cartridge_firmware | * |
| hp | proliant_m510_server_cartridge_firmware | * |
| hp | proliant_xl170r_gen9_server_firmware | * |
| hp | proliant_dl160_gen9_server_firmware | * |
| hp | proliant_dl20_gen9_server_firmware | * |
| hp | proliant_sl4540_gen8_1_node_server_firmware | * |
| hp | proliant_bl420c_gen8_server_firmware | * |
| hp | proliant_ml370_g6_server_firmware | * |
| hp | proliant_dl170e_g6_server_firmware | * |
| hp | proliant_dl980_g7_server_firmware | * |
| hp | proliant_dl370_g6_server_firmware | * |
| hp | proliant_bl2x220c_g6_server_blade_firmware | * |
| hp | proliant_xl750f_gen9_server_firmware | * |
| hp | proliant_xl730f_gen9_server_firmware | * |
| hp | proliant_dl380_g7_server_firmware | - |
| hp | proliant_dl360p_gen8_server_firmware | * |
| hp | integrated_lights-out_4_firmware | * |
| hp | proliant_xl190r_gen9_server_firmware | * |
| hp | proliant_ml10_v2_server_firmware | * |
| hp | proliant_ml350_g6_server_firmware | * |
| hp | proliant_bl620c_g7_server_blade_firmware | * |
| hp | proliant_sl390s_g7_server_firmware | * |
| hp | proliant_dl180_gen9_server_firmware | * |
| hp | proliant_m710p_server_cartridge_firmware | * |
| hp | proliant_m300_server_cartridge_firmware | * |
| hp | proliant_bl680c_g7_server_blade_firmware | * |
| hp | proliant_dl320e_gen8_server_firmware | * |
| hp | proliant_m350_server_cartridge_firmware | * |
| hp | proliant_bl685c_g7_server_blade_(amd)_firmware | * |
| hp | proliant_dl170h_g6_server_firmware | * |
| hp | proliant_dl385p_gen8_(amd)_firmware | * |
| hp | proliant_bl660c_gen8_server_blade_firmware | * |
| hp | proliant_bl280c_g6_server_bladefirmware | * |
| hp | proliant_ml150_gen9_server_firmware | * |
| hp | proliant_bl460c_gen8_server_blade_firmware | * |
| hp | proliant_dl360_g7_server_firmware | * |
| hp | proliant_m710x_server_cartridge_firmware | * |
| hp | proliant_sl210t_gen8_server_firmware | * |
| hp | proliant_dl580_gen8_server_firmware | * |
| hp | proliant_bl2x220c_g7_server_blade_firmware | * |
| hp | proliant_xl250a_gen9_server_firmware | * |
| hp | proliant_ml110_g7_server_firmware | * |
| hp | proliant_sl270s_gen8_server_firmware | * |
| hp | proliant_dl320_g6_server_firmware | * |
| hp | proliant_bl660c_gen9_server_firmware | * |
| hp | proliant_bl490c_g6_server_blade_firmware | * |
| hp | proliant_xl740f_gen9_server_firmware | * |
| hp | proliant_sl160s_g6_server_firmware | * |
| hp | proliant_dl120_g6_server_firmware | * |
| hp | proliant_sl2x170z_g6_server_firmware | * |
| hp | proliant_dl120_gen9_server_firmware | * |
| hp | proliant_dl160_gen8_server_firmware | * |
| hp | proliant_sl250s_gen8_server_firmware | * |
| hp | proliant_dl360_gen9_server_firmware | * |
A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) prior to v1.37 could be locally exploited to bypass the security restrictions for firmware updates.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_5_firmware | * |
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote denial of service via dbman Opcode 10003 'Filename'. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote Cross-Site Scripting in HPE iLO 5 Web User Interface vulnerability was identified in HPE Integrated Lights-Out 5 (iLO 5) for Gen10 ProLiant Servers earlier than version v1.40.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_5_firmware | * |
A local access restriction bypass vulnerability was identified in HPE Service Pack for ProLiant (SPP) Bundled Software earlier than version 2018.09.0.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_pack_for_proliant | * |
A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. STDSEC-STANDARD SECURITY PROD All prior versions before T6533L01^ADU or T6533H05^ADW, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND and all versions on H-series . Note that some commands in NonStop Safeguard and NonStop Standard Security software require username and password to be passed as command line parameters, which may lead to a local disclosure of the credentials.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_standard_security_h_series | * |
| hp | nonstop_safeguard_l_series | * |
| hp | nonstop_safeguard_j_series | * |
| hp | nonstop_standard_security_j_series | * |
| hp | nonstop_standard_security_l_series | * |
| hp | nonstop_safeguard_h_series | * |
A security vulnerability in the HPE Virtual Connect SE 16Gb Fibre Channel Module for HPE Synergy running firmware 5.00.50, which is part of the HPE Synergy Custom SPP 2018.11.20190205, could allow local or remote unauthorized elevation of privilege.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | synergy_firmware | 5.00.50 |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote disclosure of information vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote denial of service vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
In some Lenovo IdeaPad consumer notebook models, a race condition in the BIOS flash device locking mechanism is not adequately protected against, potentially allowing an attacker with administrator access to alter the contents of BIOS.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H | 0.7 | 5.2 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lenovo | v310-14ikb_firmware | * |
| hp | lenovo_y520-15ikba_firmware | * |
| hp | xiaoxinair13ikbpro_firmware | * |
| hp | 310s-14isk_firmware | * |
| hp | lenovo_ideapad_320-15ikb(i+n)_firmware | - |
| hp | lenovo_ideapad_320-14ikb(i+a)_firmware | - |
| hp | lenovo_ideapad_320-14ikb(i+n)_firmware | - |
| lenovo | v310-14isk_firmware | * |
| hp | 320-15ikbra_firmware | * |
| lenovo | e52-80_firmware | * |
| hp | yoga_510-14isk_firmware | * |
| hp | 520s-14ikb_firmware | * |
| hp | lenovo_ideapad_320-15abr_firmware | - |
| hp | yoga_310-11iap_firmware | * |
| lenovo | v510-14ikb_firmware | * |
| hp | b320-14ikb_firmware | - |
| hp | 320s-15isk_firmware | * |
| lenovo | v510-15ikb_firmware | * |
| hp | flex_5-1470_firmware | * |
| hp | lenovo_ideapad_y520-15ikbn_firmware | - |
| hp | lenovo_tianyi_310-15ikb_firmware | - |
| hp | lenovo_ideapad_520s-14ikbr_firmware | - |
| hp | lenovo_tianyi_310-14ikb_firmware | - |
| hp | 710s_plus_touch-13ikb_firmware | * |
| hp | lenovo_ideapad_320s-15ikbr_firmware | - |
| hp | lenovo_ideapad_320s-14ikbr_firmware | - |
| hp | 710s_plus-13ikb_16g_firmware | * |
| hp | nano110-14ikb_firmware | - |
| hp | r720-15ikbn_firmware | * |
| hp | lenovo_y520-15ikbm_firmware | * |
| lenovo | v310-15isk_firmware | * |
| hp | 320s-14ikb | * |
| hp | r720-15ikba_firmware | * |
| hp | 320-15ikbrn_firmware | * |
| hp | lenovo_ideapad_720s-14ikb_firmware | * |
| hp | ideapad_2in1_14_firmware | - |
| hp | y520-15ikba_firmware | * |
| hp | yoga_720-15ikb_firmware | * |
| hp | 320-15ikbrn_touch_firmware | * |
| hp | yoga_720-13ikbr_firmware | * |
| hp | miix_720-12ikb | * |
| lenovo | e42-80_firmware | * |
| hp | flex_4-1470_firmware | * |
| hp | lenovo_ideapad_flex_5-1570_firmware | * |
| hp | v330-14isk_firmware | * |
| hp | lenovo_v720-14_firmware | * |
| hp | v330-14ikb_firmware | * |
| hp | 7000-15_u42_firmware | * |
| hp | y520-15ikbn_firmware | * |
| hp | rescuer_y520-15ikbm_firmware | * |
| hp | lenovo_y720-15ikb_firmware | * |
| hp | lenovo_yoga_520-14ikb_firmware | * |
| hp | yoga_720-13ikb_firmware | * |
| hp | 510s-14isk_firmware | * |
| hp | 320-17ikbrn | * |
| hp | y720-15ikb_firmware | * |
| hp | lenovo_ideapad_flex_5-1470_firmware | * |
| hp | e43-80_kbl_firmware | * |
| hp | 720s-13ikb_firmware | * |
| hp | rescuer_r720-15ikbm_firmware | * |
| hp | 320s-15ikb_firmware | * |
| hp | 520-15ikbrn_firmware | * |
| hp | nano110-15ikb_firmware | * |
| hp | 710s_plus-3ikb_firmware | * |
| hp | flex_5-1570_firmware | * |
| lenovo | v310-15ikb_firmware | * |
| hp | 7000_u42_firmware | * |
| hp | lenovo_yoga_520-15ikb_firmware | * |
Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,CWE-131,CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | k9z76d_firmware | * |
| hp | j6u51b_firmware | * |
| hp | k9z74a_firmware | * |
| hp | d3q21a_firmware | * |
| hp | d3q15a_firmware | * |
| hp | j9v82d_firmware | * |
| hp | d3q20c_firmware | * |
| hp | j9v80a_firmware | * |
| hp | d9l64a_firmware | * |
| hp | t0g70a_firmware | * |
| hp | j6u55a_firmware | * |
| hp | j9v82a_firmware | * |
| hp | k9z76a_firmware | * |
| hp | d3q20b_firmware | * |
| hp | j3p68a_firmware | * |
| hp | d3q19a_firmware | * |
| hp | k9z74d_firmware | * |
| hp | d3q21c_firmware | * |
| hp | d3q20a_firmware | * |
| hp | d3q19d_firmware | * |
| hp | w2z53b_firmware | * |
| hp | j6u57b_firmware | * |
| hp | w2z52b_firmware | * |
| hp | d3q17a_firmware | * |
| hp | d3q16d_firmware | * |
| hp | d3q20d_firmware | * |
| hp | d3q15d_firmware | * |
| hp | d3q15b_firmware | * |
| hp | j3p65a_firmware | * |
| hp | 2dr21d_firmware | * |
| hp | d9l63a_firmware | * |
| hp | d3q21b_firmware | * |
| hp | j9v78b_firmware | * |
| hp | d3q19b_firmware | * |
| qualcomm | ips | * |
| hp | j9v80b_firmware | * |
| hp | k9z76b_firmware | * |
| hp | j6u55d_firmware | * |
| hp | d3q17d_firmware | * |
| hp | d3q21d_firmware | * |
| hp | d3q16a_firmware | * |
| hp | j6u57a_firmware | * |
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 31 |
| hp | proliant_dl20_firmware | * |
| intel | pentium_6405u_firmware | - |
| hp | proliant_dl180_firmware | * |
| intel | xeon_3206r_firmware | - |
| redhat | enterprise_linux_server_tus | 7.6 |
| hp | apollo_4200_firmware | * |
| intel | xeon_8260y_firmware | - |
| intel | xeon_5215m_firmware | - |
| intel | xeon_6238l_firmware | - |
| oracle | zfs_storage_appliance_kit | 8.8 |
| redhat | enterprise_linux_server_aus | 7.6 |
| intel | xeon_6230n_firmware | - |
| redhat | enterprise_linux_server_aus | 8.4 |
| intel | core_i7-9850h_firmware | - |
| opensuse | leap | 15.1 |
| intel | core_i9-9900k_firmware | - |
| intel | core_i5-9600kf_firmware | - |
| intel | xeon_4216r_firmware | - |
| hp | proliant_ml30_firmware | * |
| debian | debian_linux | 8.0 |
| intel | xeon_6230t_firmware | - |
| intel | xeon_6240l_firmware | - |
| intel | xeon_5215_firmware | - |
| intel | core_i7-9750hf_firmware | - |
| intel | xeon_w-3223_firmware | - |
| intel | xeon_6244_firmware | - |
| redhat | enterprise_linux_server_aus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.6 |
| intel | core_i5-8210y_firmware | - |
| intel | core_i5-9300h_firmware | - |
| intel | xeon_8268_firmware | - |
| redhat | enterprise_linux_server_tus | 7.7 |
| intel | xeon_w-2265_firmware | - |
| intel | xeon_8280m_firmware | - |
| intel | core_i9-9900kf_firmware | - |
| intel | xeon_w-3245_firmware | - |
| hp | proliant_bl460c_firmware | * |
| hp | proliant_xl190r_firmware | * |
| intel | xeon_5218n_firmware | - |
| debian | debian_linux | 10.0 |
| opensuse | leap | 15.0 |
| intel | core_i5-10210u_firmware | - |
| hp | proliant_dl580_firmware | * |
| intel | xeon_e-2278ge_firmware | - |
| hp | proliant_e910_firmware | * |
| intel | core_i9-9880h_firmware | - |
| intel | xeon_w-3275m_firmware | - |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| intel | xeon_5217_firmware | - |
| intel | core_i5-8200y_firmware | - |
| intel | xeon_6242_firmware | - |
| intel | xeon_5220s_firmware | - |
| debian | debian_linux | 9.0 |
| hp | proliant_ml350_firmware | * |
| hp | apollo_2000_firmware | * |
| intel | xeon_8256_firmware | - |
| intel | xeon_e-2288g_firmware | - |
| redhat | codeready_linux_builder | 8.0 |
| hp | proliant_xl230k_firmware | * |
| redhat | enterprise_linux_server_tus | 8.4 |
| intel | core_i7-9700k_firmware | - |
| intel | celeron_5305u_firmware | - |
| intel | xeon_6240_firmware | - |
| intel | core_i5-8365u_firmware | - |
| hp | proliant_xl450_firmware | * |
| intel | xeon_6246_firmware | - |
| intel | core_i7-8500y_firmware | - |
| intel | xeon_9220_firmware | - |
| intel | xeon_8270_firmware | - |
| redhat | enterprise_linux_server_tus | 8.2 |
| intel | core_i5-10110y_firmware | - |
| redhat | codeready_linux_builder_eus | 8.6 |
| hp | proliant_dl120_firmware | * |
| intel | xeon_6230_firmware | - |
| intel | xeon_4209t_firmware | - |
| redhat | enterprise_linux | 8.0 |
| intel | xeon_6240m_firmware | - |
| intel | xeon_w-2235_firmware | - |
| intel | core_i5-10210y_firmware | - |
| redhat | enterprise_linux_eus | 8.6 |
| intel | xeon_w-2295_firmware | - |
| intel | xeon_9282_firmware | - |
| fedoraproject | fedora | 30 |
| intel | xeon_8276l_firmware | - |
| intel | xeon_8260l_firmware | - |
| intel | core_i9-9980hk_firmware | - |
| hp | proliant_xl170r_firmware | * |
| redhat | enterprise_linux_desktop | 7.0 |
| intel | xeon_9221_firmware | - |
| intel | xeon_5222_firmware | - |
| intel | xeon_6254_firmware | - |
| intel | xeon_5220_firmware | - |
| intel | xeon_8276_firmware | - |
| intel | xeon_4210r_firmware | - |
| intel | xeon_6252_firmware | - |
| redhat | virtualization_manager | 4.2 |
| intel | xeon_4210_firmware | - |
| canonical | ubuntu_linux | 14.04 |
| intel | xeon_5220r_firmware | - |
| intel | xeon_5215r_firmware | - |
| hp | proliant_dl380_firmware | * |
| hp | synergy_660_firmware | * |
| intel | xeon_6252n_firmware | - |
| redhat | enterprise_linux_eus | 8.2 |
| intel | xeon_5218t_firmware | - |
| intel | xeon_w-2255_firmware | - |
| intel | core_i7-10510u_firmware | - |
| intel | core_i7-9700kf_firmware | - |
| intel | xeon_6248_firmware | - |
| intel | xeon_w-3275_firmware | - |
| intel | xeon_9222_firmware | - |
| intel | core_i7-8665u_firmware | - |
| intel | xeon_w-3265_firmware | - |
| hp | proliant_xl270d_firmware | * |
| intel | xeon_6238_firmware | - |
| intel | xeon_8280l_firmware | - |
| intel | xeon_8260m_firmware | - |
| intel | xeon_4214r_firmware | - |
| hp | proliant_dl160_firmware | * |
| intel | xeon_8260_firmware | - |
| intel | xeon_6238m_firmware | - |
| intel | xeon_w-2223_firmware | - |
| redhat | enterprise_linux_server_aus | 8.6 |
| intel | xeon_8280_firmware | - |
| hp | proliant_dl360_firmware | * |
| intel | xeon_9242_firmware | - |
| intel | xeon_8253_firmware | - |
| intel | core_i5-9400_firmware | - |
| intel | xeon_e-2278g_firmware | - |
| intel | xeon_6262v_firmware | - |
| intel | xeon_e-2278gel_firmware | - |
| redhat | codeready_linux_builder_eus | 8.4 |
| intel | xeon_5218_firmware | - |
| intel | xeon_6240y_firmware | - |
| intel | xeon_3204_firmware | - |
| redhat | codeready_linux_builder_eus | 8.2 |
| intel | core_i5-8310y_firmware | - |
| intel | xeon_5218b_firmware | - |
| intel | core_i5-8265u_firmware | - |
| redhat | enterprise_linux_eus | 7.6 |
| intel | xeon_e-2286m_firmware | - |
| intel | xeon_4208_firmware | - |
| intel | core_i5-9400h_firmware | - |
| redhat | codeready_linux_builder_eus | 8.1 |
| intel | core_i5-9400f_firmware | - |
| intel | xeon_6226_firmware | - |
| intel | xeon_8276m_firmware | - |
| intel | core_m3-8100y_firmware | - |
| intel | xeon_4214c_firmware | - |
| intel | xeon_6222v_firmware | - |
| intel | xeon_4216_firmware | - |
| intel | core_i5-10310y_firmware | - |
| hp | synergy_480_firmware | * |
| intel | xeon_5220t_firmware | - |
| intel | xeon_4208r_firmware | - |
| intel | xeon_w-2225_firmware | - |
| intel | xeon_6238t_firmware | - |
| intel | xeon_w-2245_firmware | - |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_eus | 8.1 |
| intel | xeon_5215l_firmware | - |
| intel | xeon_6234_firmware | - |
| redhat | enterprise_linux_eus | 7.7 |
| intel | core_i7-8565u_firmware | - |
| intel | xeon_w-2275_firmware | - |
| hp | proliant_ml110_firmware | * |
| intel | xeon_4215_firmware | - |
| hp | proliant_dl560_firmware | * |
| intel | core_i7-10510y_firmware | - |
| slackware | slackware | 14.2 |
| intel | xeon_w-3225_firmware | - |
| intel | xeon_w-3265m_firmware | - |
| intel | xeon_4214y_firmware | - |
| intel | xeon_4214_firmware | - |
| redhat | enterprise_linux_workstation | 7.0 |
| intel | core_i5-9600k_firmware | - |
| intel | xeon_w-3245m_firmware | - |
| intel | xeon_w-3235_firmware | - |
Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, version 6.7.0 and later. This vulnerability could allow Unrestricted Upload of File with Dangerous type.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-434,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. This vulnerability could allow Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
| hp | arcsight_logger | 6.7.1 |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote credential disclosure vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-798,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-798,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote privilege escalation vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-312,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code exection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | integrated_lights-out_5_firmware | * |
A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4_firmware | * |
| hp | integrated_lights-out_5_firmware | * |
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for Apache 2.4 on RHEL 7, 10.0 for Apache 2.4 on HP-UX 11i v3, 10.0 for IIS on Windows, 11.0 for Apache 2.4 on RHEL 7, MFA Proxy 4.0 (Agent module only) for Apache 2.4 on RHEL 7.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_sso_agent | 11.0 |
| hp | mfa_proxy | 4.0 |
| hp | icewall_sso_agent | 10.0 |
Security vulnerabilities in HPE UIoT versions 1.6, 1.5, 1.4.2, 1.4.1, 1.4.0, and 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: * For customers with release UIoT 1.6, fixes are made available with 1.6 RP603 * For customers with release UIoT 1.5, fixes are made available with 1.5 RP503 HF3 * For customers with release older than 1.5, such as 1.4.0, 1.4.1, 1.4.2 and 1.2.4.2, the resolution will be to upgrade to 1.5 RP503 HF3 or 1.6 RP603 Customers are requested to upgrade to the updated versions or contact HPE support for further assistance.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_internet_of_things | 1.4.0 |
| hp | universal_internet_of_things | 1.6 |
| hp | universal_internet_of_things | 1.4.1 |
| hp | universal_internet_of_things | 1.4.2 |
| hp | universal_internet_of_things | 1.5 |
| hp | universal_internet_of_things | 1.2.4.2 |
HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4. HPE 3PAR Service Processor (SP) version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service Processor and any managed 3PAR arrays.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_processor_firmware | * |
A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview_for_vmware_vcenter | 9.5 |
A security vulnerability has been identified in HPE SimpliVity 380 Gen 9, HPE SimpliVity 380 Gen 10, HPE SimpliVity 380 Gen 10 G, HPE SimpliVity 2600 Gen 10, SimpliVity OmniCube, SimpliVity OmniStack for Cisco, SimpliVity OmniStack for Lenovo and SimpliVity OmniStack for Dell nodes. Two now deprecated APIs run as root, accept a file name path, and can be used to create or delete arbitrary files on the nodes. These APIs do not require user authentication and are accessible over the management network, resulting in remote availability and integrity vulnerabilities For all customers running HPE OmniStack version 3.7.9 and earlier. HPE recommends upgrading the OmniStack software to version 3.7.10 or later, which contains a permanent resolution. Customers and partners who can upgrade to 3.7.10 should upgrade at the earliest convenience. For all customers and partners unable to upgrade their environments to the recommended version 3.7.10, HPE has created a Temporary Workaround https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=mmr_sf-EN_US000061675&withFrame for you to implement. All customer should upgrade to the recommended 3.7.10 or later version at the earliest convenience.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | simplivity_380_gen9_firmware | * |
| hp | simplivity_2600_gen10_firmware | * |
| hp | simplivity_omnicube_firmware | * |
| hp | simplivity_omnistack_for_dell_firmware | * |
| hp | simplivity_380_gen10_firmware | * |
| hp | simplivity_omnistack_for_cisco_firmware | * |
| hp | simplivity_omnistack_for_lenovo_firmware | * |
| hp | simplivity_380_gen10_g_firmware | * |
A security vulnerability has been identified in HPE SimpliVity 380 Gen 9, HPE SimpliVity 380 Gen 10, HPE SimpliVity 380 Gen 10 G, HPE SimpliVity 2600 Gen 10, SimpliVity OmniCube, SimpliVity OmniStack for Cisco, SimpliVity OmniStack for Lenovo and SimpliVity OmniStack for Dell nodes. An API is used to execute a command manifest file during upgrade does not correctly prevent directory traversal and so can be used to execute manifest files in arbitrary locations on the node. The API does not require user authentication and is accessible over the management network, resulting in the potential for unauthenticated remote execution of manifest files. For all customers running HPE OmniStack version 3.7.9 and earlier. HPE recommends upgrading the OmniStack software to version 3.7.10 or later, which contains a permanent resolution. Customers and partners who can upgrade to 3.7.10 should upgrade at the earliest convenience. For all customers and partners unable to upgrade their environments to the recommended version 3.7.10, HPE has created a Temporary Workaround https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=mmr_sf-EN_US000061901&withFrame for you to implement. All customer should upgrade to the recommended 3.7.10 or later version at the earliest convenience.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | simplivity_380_gen9_firmware | * |
| hp | simplivity_2600_gen10_firmware | * |
| hp | simplivity_omnicube_firmware | * |
| hp | simplivity_omnistack_for_dell_firmware | * |
| hp | simplivity_380_gen10_firmware | * |
| hp | simplivity_omnistack_for_cisco_firmware | * |
| hp | simplivity_omnistack_for_lenovo_firmware | * |
| hp | simplivity_380_gen10_g_firmware | * |
Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: For customers with release UIoT 1.2.4.2 fixes are made available with 1.2.4.2 RP3 HF1. For customers with release older than 1.2.4.2, such as 1.2.4.1, 1.2.4.0, the resolution will be to upgrade to 1.2.4.2 RP3 HF1 Customers are requested to upgrade to the updated versions or contact HPE support for further assistance.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_internet_of_things | 1.2.4.0 |
| hp | universal_internet_of_things | 1.2.4.1 |
| hp | universal_internet_of_things | 1.2.4.2 |
A potential security vulnerability has been identified in HPE enhanced Internet Usage Manager (eIUM) versions 8.3 and 9.0. The vulnerability could be used for unauthorized access to information via cross site scripting. HPE has made the following software updates to resolve the vulnerability in eIUM. The eIUM 8.3 FP01 customers are advised to install eIUM83FP01Patch_QXCR1001711284.20190806-1244 patch. The eIUM 9.0 customers are advised to upgrade to eIUM 9.0 FP02 PI5 or later versions. For other versions, please, contact the product support.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | enhanced_internet_usage_manager | 9.0 |
| hp | enhanced_internet_usage_manager | 8.3 |
HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HTTPS configuration as described in the HPE MSE Messaging Gateway Configuration and Operations Guide.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.6 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.7 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mse_msg_gw_application_e-ltu | * |
A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pagewide_pro_477dn_d3q19b_firmware | * |
| hp | pagewide_pro_477dw_d3q20c_firmware | * |
| hp | pagewide_managed_p55250dw_j6u55a_firmware | * |
| hp | pagewide_pro_577dw_d3q21b_firmware | * |
| hp | pagewide_managed_p55250dw_j6u51b_firmware | * |
| hp | pagewide_pro_577dw_d3q21d_firmware | * |
| hp | pagewide_pro_552dw_d3q17d_firmware | * |
| hp | pagewide_pro_452dn_d3q15d_firmware | * |
| hp | pagewide_managed_p57750dw_j9v82a_firmware | * |
| hp | pagewide_pro_477dw_d3q20a_firmware | * |
| hp | pagewide_pro_452dn_d3q15a_firmware | * |
| hp | pagewide_pro_452dw_d3q16a_firmware | * |
| hp | pagewide_pro_577dw_d3q21a_firmware | * |
| hp | pagewide_377dw_j9v80b_firmware | * |
| hp | officejet_pro_8210_d9l63a_firmware | * |
| hp | pagewide_pro_577dw_d3q21c_firmware | * |
| hp | pagewide_managed_p52750dw_j9v82d_firmware | * |
| hp | pagewide_managed_p52750dw_j9v78b_firmware | * |
| hp | pagewide_pro_477dw_d3q20b_firmware | * |
| hp | pagewide_pro_577z_k9z76a_firmware | * |
| hp | pagewide_pro_477dw_w2z53b_firmware | * |
| hp | pagewide_pro_552dw_d3q17a_firmware | * |
| hp | pagewide_pro_452dw_d3q16d_firmware | * |
| hp | pagewide_pro_577z_k9z76d_firmware | * |
| hp | pagewide_377dw_j9v80a_firmware | * |
| hp | officejet_pro_8210_j3p65a_firmware | * |
| hp | pagewide_352dw_j6u57a_firmware | * |
| hp | pagewide_pro_552dw_2dr21d_firmware | * |
| hp | pagewide_pro_577z_k9z76b_firmware | * |
| hp | pagewide_352dw_j6u57b_firmware | * |
| hp | pagewide_pro_477dn_d3q19a_firmware | * |
| hp | pagewide_pro_452dw_w2z52b_firmware | * |
| hp | pagewide_managed_p52750dw_j9v82a_firmware | * |
| hp | officejet_pro_8210_d9l64a_firmware | * |
| hp | officejet_pro_8210_j3p68a_firmware | * |
| hp | pagewide_pro_452dn_d3q15b_firmware | * |
| hp | pagewide_managed_p55250dw_j6u55d_firmware | * |
| hp | pagewide_pro_477dw_d3q20d_firmware | * |
| hp | pagewide_managed_p57750dw_j9v78b_firmware | * |
| hp | pagewide_pro_552dw_k9z74a_firmware | * |
| hp | officejet_pro_8210_t0g70a_firmware | * |
| hp | pagewide_pro_477dn_d3q19d_firmware | * |
| hp | pagewide_managed_p57750dw_j9v82d_firmware | * |
| hp | pagewide_pro_552dw_k9z74d_firmware | * |
A potential security vulnerability has been identified with a version of the HP Softpaq installer that can lead to arbitrary code execution.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | softpaq_installer | 4.0.100.1189 |
A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary SMM (System Management Mode) code. A list of affected products and versions are available in https://support.hp.com/rs-en/document/c06456250.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_15_g3_firmware | * |
| hp | elitedesk_800_g2_dm_firmware | * |
| hp | probook_11_g1_firmware | * |
| hp | prodesk_600_g2_sff_firmware | * |
| hp | prodesk_405_g2_mt_firmware | * |
| hp | 348_g3_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | elitedesk_800_g2_sff_firmware | * |
| hp | probook_450_g3_firmware | * |
| hp | 340_g3_firmware | * |
| hp | zbook_15u_g2_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | probook_11_g2_firmware | * |
| hp | prodesk_400_g3_sff_firmware | * |
| hp | rp9_g1_retail_system_9018_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | prodesk_400_g1_dm_firmware | * |
| hp | probook_440_g1_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | elitebook_820_g1_firmware | * |
| hp | probook_430_g2_firmware | * |
| hp | proone_600_g2_aio_firmware | * |
| hp | probook_x360_11_g1_firmware | * |
| hp | 260_g1_dm_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | elitebook_750_g1_firmware | * |
| hp | z240_tower_firmware | * |
| hp | probook_650_g1_firmware | * |
| hp | elitedesk_800_g2_twr_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | elitebook_revolve_810_g3_firmware | * |
| hp | prodesk_485_g2_mt_firmware | * |
| hp | prodesk_498_g2_mt_firmware | * |
| hp | elitebook_folio_1040_g3_firmware | * |
| hp | elite_slice_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | 346_g3_firmware | * |
| hp | prodesk_490_g3_sff_firmware | * |
| hp | pro_tablet_10_ee_g1_firmware | * |
| hp | prodesk_600_g2_dm_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | sprout_pro_firmware | * |
| hp | elitebook_820_g2_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | elite_x2_1011_g1_firmware | * |
| hp | zbook_15_g2_firmware | * |
| hp | pro_tablet_608_g1_firmware | * |
| hp | elitebook_850_g2_firmware | * |
| hp | elitebook_840_g2_firmware | * |
| hp | z2_mini_g3_firmware | * |
| hp | pro_x2_612_g1_firmware | * |
| hp | eliteone_800_g2_aio_firmware | * |
| hp | elitebook_850_g1_firmware | * |
| hp | 348_g4_firmware | * |
| hp | pro_tablet_610_g1_firmware | * |
| hp | probook_450_g1_firmware | * |
| hp | proone_400_g2_aio_firmware | * |
| hp | elitebook_revolve_810_g2_firmware | * |
| hp | elitebook_720_g2_firmware | * |
| hp | z238_microtower_firmware | * |
| hp | zbook_17_firmware | * |
| hp | probook_430_g1_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | 285_g2_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elitebook_folio_9480m_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_15_firmware | * |
| hp | probook_640_g1_firmware | * |
| hp | probook_450_g2_firmware | * |
| hp | prodesk_480_g3_sff_firmware | * |
| hp | elitebook_folio_1020_g1_firmware | * |
| hp | 280_pro_g1_firmware | * |
| hp | elitebook_1040_g2_firmware | * |
| hp | zbook_14_firmware | * |
| hp | probook_440_g2_firmware | * |
| hp | rp2_retail_system_firmware | * |
| hp | 340_g4_firmware | * |
| hp | elitebook_840_g1_firmware | * |
| hp | prodesk_400_g2.5_sff_firmware | * |
| hp | 346_g4_firmware | * |
| hp | prodesk_490_g2_mt_firmware | * |
| hp | prodesk_498_g3_sff_firmware | * |
| hp | elitebook_750_g2_firmware | * |
| hp | zbook_17_g2_firmware | * |
| hp | rp9_g1_retail_system_9015_firmware | * |
| hp | mp9_g2_retail_system_firmware | * |
| hp | prodesk_400_g2_dm_firmware | * |
| hp | elitebook_folio_1040_g1_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | zbook_14_g2_firmware | * |
| hp | z1_g3_firmware | * |
| hp | elitebook_740_g1_firmware | * |
| hp | elitepad_1000_g2_firmware | * |
| hp | probook_470_g2_firmware | * |
| hp | elitebook_740_g2_firmware | * |
| hp | z240_sff_firmware | * |
| hp | elitebook_720_g1__firmware | * |
| hp | probook_470_g1_firmware | * |
| hp | zbook_15u_g3_firmware | * |
If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | thinpro_linux | 6.2 |
| hp | thinpro_linux | 7.1 |
| hp | thinpro_linux | 7.0 |
| hp | thinpro_linux | 6.2.1 |
An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | thinpro_linux | 6.2 |
| hp | thinpro_linux | 7.1 |
| hp | thinpro_linux | 7.0 |
| hp | thinpro_linux | 6.2.1 |
In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | thinpro | 6.2.1 |
| hp | thinpro | 6.2 |
| hp | thinpro | 7.1 |
| hp | thinpro | 7.0 |
Bromium client version 4.0.3.2060 and prior to 4.1.7 Update 1 has an out of bound read results in race condition causing Kernel memory leaks or denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H | 1.0 | 5.2 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-362,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | bromium | * |
Incorrect access control in the firmware of Synaptics VFS75xx family fingerprint sensors that include external flash (all versions prior to 2019-11-15) allows a local administrator or physical attacker to compromise the confidentiality of sensor data via injection of an unverified partition table.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N | 0.8 | 5.2 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lenovo | thinkpad_t25_(20k7)_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.2810.1050 |
| lenovo | thinkpad_p51_firmware | * |
| lenovo | thinkpad_x380_yoga_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.2734.1050 |
| hp | zbook_14u_g5_firmware | * |
| lenovo | thinkpad_p52s_firmware | * |
| lenovo | thankpad_a475_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| synaptics | vfs75xx_firmware | 5.1.3507.26 |
| hp | elitebook_x360_1030_g2_firmware | * |
| lenovo | thinkpad_t480s_firmware | * |
| lenovo | thinkpad_t570(20jx)_firmware | * |
| lenovo | thankpad_a485_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| lenovo | thinkpad_p1_gen_2_firmware | * |
| lenovo | thinkpad_x1_extreme_2nd_firmware | * |
| lenovo | thinkpad_p1_firmware | * |
| lenovo | thinkpad_e490_firmware | * |
| lenovo | thinkpad_x390_yoga_firmware | * |
| synaptics | vfs75xx_firmware | 5.2.5024.26 |
| lenovo | thinkpad_x1_carbon_firmware | * |
| lenovo | thinkpad_x1_carbon_(20hx)_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.512.1051 |
| synaptics | vfs75xx_firmware | 5.5.4.1116 |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | pavilion_x360_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | elitebook_846_g6_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| lenovo | thinkpad_e585_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| lenovo | thinkpad_t490s_firmware | * |
| synaptics | vfs75xx_firmware | 5.3.3541.26 |
| lenovo | thinkpad_p73_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| synaptics | vfs75xx_firmware | 5.2.3109.26 |
| hp | zbook_studio_x360_g5_firmware | * |
| lenovo | thinkpad_p70_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| lenovo | thinkpad_s3_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | mt45_firmware | * |
| lenovo | thinkpad_p50_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.17.1102 |
| lenovo | thinkpad_x1_yoga_firmware | * |
| hp | envy_x360_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| lenovo | thinkpad_l480_firmware | * |
| lenovo | thinkpad_x1_carbon_(20kx)_firmware | * |
| lenovo | thinkpad_p51s_(20hx)_firmware | * |
| hp | probook_650_g5_firmware | * |
| lenovo | thinkpad_p52_firmware | * |
| synaptics | vfs75xx_firmware | 5.1.337.26 |
| lenovo | thinkpad_x1_tablet_(20jx)_firmware | * |
| synaptics | vfs75xx_firmware | 5.2.3530.26 |
| hp | elitebook_745_g6_firmware | * |
| lenovo | thinkpad_t460s_firmware | * |
| lenovo | thinkpad_t570_(20hx)_firmware | * |
| hp | eliteone_1000_g1_firmware | * |
| lenovo | thinkpad_t490_firmware | * |
| hp | eliteone_1000_g2_firmware | * |
| lenovo | thinkpad_t580_firmware | * |
| lenovo | thinkpad_e490s_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| lenovo | thinkpad_t470_(20hx)_firmware | * |
| hp | elite_slice_firmware | * |
| lenovo | thinkpad_t470s_(20hx)_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | spectre_x360_firmware | * |
| lenovo | thinkpad_25_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| lenovo | thinkpad_yoga_370_firmware | * |
| lenovo | thinkpad_p43s_firmware | * |
| hp | mt44_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.10.1100 |
| lenovo | thinkpad_t470_(20jx)_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | probook_445r_g6_firmware | * |
| lenovo | thinkpad_t470p_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | probook_455_g6_firmware | * |
| lenovo | thinkpad_s1_3rd_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| lenovo | thinkpad_x1_yoga_3rd_gen_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | elitebook_846_g6_healthcare_edition_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | probook_430_g6_firmware | * |
| lenovo | thinkpad_x1_yoga_(20jx)_firmware | * |
| lenovo | thinkpad_e580_firmware | * |
| lenovo | thinkpad_p51s_(20jx)_firmware | * |
| lenovo | thinkpad_p51s_(20kx)_firmware | * |
| lenovo | thinkpad_p53s_firmware | * |
| lenovo | thinkpad_x1_tablet_firmware | * |
| lenovo | thinkpad_p71_(20hx)_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | elite_x2_g4_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.502.79 |
| synaptics | vfs75xx_firmware | 5.2.524.26 |
| lenovo | thinkpad_r590_firmware | * |
| lenovo | thinkpad_x280_firmware | * |
| lenovo | thinkpad_yoga_s1_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| lenovo | thinkpad_e485_firmware | * |
| lenovo | thinkpad_e590_firmware | * |
| synaptics | vfs75xx_firmware | 5.2.320.26 |
| lenovo | thinkpad_p53_firmware | * |
| lenovo | thinkpad_x1_extreme_firmware | * |
| lenovo | thinkpad_x390_firmware | * |
| hp | zbook_17_g5_firmware | * |
| lenovo | thinkpad_t590_firmware | * |
| lenovo | thinkpad_x270_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| lenovo | thinkpad_yoga_260_firmware | * |
| hp | probook_445_g6_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| lenovo | thinkpad_a275_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | elitebook_846_g5_healthcare_edition_firmware | * |
| lenovo | thinkpad_p72_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.17.1099 |
| hp | elitebook_x360_1040_g5_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.35.1058 |
| lenovo | thinkpad_t470s_(20jx)_firmware | * |
| hp | zbook_15_g5_firmware | * |
| lenovo | thinkpad_e480_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.10.1106 |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.8.1092 |
| lenovo | thinkpad_t460p_firmware | * |
| lenovo | thinkpad_t480_firmware | * |
| lenovo | thinkpad_r490_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| lenovo | thinkpad_l580_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| lenovo | thinkpad_x1_yoga_4th_gen_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | probook_455r_g6_firmware | * |
| synaptics | vfs75xx_firmware | 5.1.5.51 |
Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to execute arbitrary code in the enclave (that can compromise confidentiality of enclave data) via APIs that accept invalid pointers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-763,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lenovo | thinkpad_t25_(20k7)_firmware | * |
| lenovo | thinkpad_p51_firmware | * |
| lenovo | thinkpad_x380_yoga_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.2734.1050 |
| lenovo | thinkpad_p52s_firmware | * |
| lenovo | thankpad_a475_firmware | * |
| hp | pavilion_x360_14t-dh000_firmware | * |
| lenovo | thinkpad_t480s_firmware | * |
| lenovo | thinkpad_t570(20jx)_firmware | * |
| synaptics | vfs75xx_firmware | 5.2.318.26 |
| lenovo | thankpad_a485_firmware | * |
| hp | envy_13-aq1xxx_firmware | * |
| lenovo | thinkpad_p1_gen_2_firmware | * |
| lenovo | thinkpad_x1_extreme_2nd_firmware | * |
| lenovo | thinkpad_p1_firmware | * |
| lenovo | thinkpad_e490_firmware | * |
| hp | envy_x360_-_15t-dr100_(validity_fps)_firmware | * |
| hp | envy_15-dr0xxx_x360_(validity_fps)_firmware | * |
| hp | envy_x360_-_15t-cn000_firmware | * |
| lenovo | thinkpad_x390_yoga_firmware | * |
| lenovo | thinkpad_x1_carbon_firmware | * |
| lenovo | thinkpad_x1_carbon_(20hx)_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.3.1116 |
| lenovo | thinkpad_e585_firmware | * |
| hp | envy_17m-ce1xxx_firmware | * |
| lenovo | thinkpad_t490s_firmware | * |
| lenovo | thinkpad_p73_firmware | * |
| hp | envy_15-cn1xxx_x360_firmware | * |
| hp | pavilion_x360_-_15t-dq000_firmware | * |
| lenovo | thinkpad_p70_firmware | * |
| hp | envy_15-dr1xxx_x360_(validity_fps)_firmware | * |
| lenovo | thinkpad_s3_firmware | * |
| hp | pavilion_14m-dh0xxx_x360_firmware | * |
| lenovo | thinkpad_p50_firmware | * |
| lenovo | thinkpad_x1_yoga_firmware | * |
| lenovo | thinkpad_l480_firmware | * |
| lenovo | thinkpad_x1_carbon_(20kx)_firmware | * |
| lenovo | thinkpad_p51s_(20hx)_firmware | * |
| lenovo | thinkpad_p52_firmware | * |
| lenovo | thinkpad_x1_tablet_(20jx)_firmware | * |
| synaptics | vfs75xx_firmware | 5.2.3530.26 |
| lenovo | thinkpad_t460s_firmware | * |
| hp | envy_15m-cn0xxx_x360_firmware | * |
| hp | envy_15-dr1xxx_x360_firmware | * |
| hp | envy_15m-dr0xxx_x360_(validity_fps)_firmware | * |
| lenovo | thinkpad_t570_(20hx)_firmware | * |
| hp | envy_x360_-_15t-dr000_(validity_fps)_firmware | * |
| lenovo | thinkpad_t490_firmware | * |
| lenovo | thinkpad_t580_firmware | * |
| lenovo | thinkpad_e490s_firmware | * |
| hp | envy_15m-dr1xxx_x360_(validity_fps)_firmware | * |
| lenovo | thinkpad_t470_(20hx)_firmware | * |
| hp | pavilion_14-cd1xxx_x360_firmware | * |
| lenovo | thinkpad_t470s_(20hx)_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.8.1096 |
| hp | envy_-_17t-bw000_firmware | * |
| hp | spectre_x360_firmware | * |
| lenovo | thinkpad_25_firmware | * |
| hp | envy_15m-dr0xxx_x360_firmware | * |
| lenovo | thinkpad_yoga_370_firmware | * |
| lenovo | thinkpad_p43s_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.11.1106 |
| hp | pavilion_14-cd2xxx_x360_firmware | * |
| hp | envy_17-ce0xxx_firmware | * |
| lenovo | thinkpad_t470_(20jx)_firmware | * |
| synaptics | vfs75xx_firmware | 6.0.32.1104 |
| hp | envy_17m-ce0xxx_firmware | * |
| hp | envy_15-dr0xxx_x360_firmware | * |
| lenovo | thinkpad_t470p_firmware | * |
| lenovo | thinkpad_s1_3rd_firmware | * |
| synaptics | vfs75xx_firmware | 5.6.23.1000 |
| hp | pavilion_14m-cd0xxx_x360_firmware | * |
| lenovo | thinkpad_x1_yoga_3rd_gen_firmware | * |
| hp | envy_17m-bw0xxx_firmware | * |
| synaptics | vfs75xx_firmware | 5.2.225.26 |
| synaptics | vfs75xx_firmware | 5.3.3539.26 |
| lenovo | thinkpad_x1_yoga_(20jx)_firmware | * |
| lenovo | thinkpad_e580_firmware | * |
| lenovo | thinkpad_p51s_(20jx)_firmware | * |
| hp | envy_17-bw0xxx_firmware | * |
| lenovo | thinkpad_p51s_(20kx)_firmware | * |
| hp | envy_15-cn0xxx_x360_firmware | * |
| lenovo | thinkpad_p53s_firmware | * |
| lenovo | thinkpad_x1_tablet_firmware | * |
| hp | envy_15m-dr1xxx_x360_firmware | * |
| lenovo | thinkpad_p71_(20hx)_firmware | * |
| synaptics | vfs75xx_firmware | 6.0.14.1108 |
| hp | envy_-_13t-ah100_firmware | * |
| hp | pavilion_x360_-_15t-dq100_firmware | * |
| synaptics | vfs75xx_firmware | 5.2.524.26 |
| lenovo | thinkpad_r590_firmware | * |
| lenovo | thinkpad_x280_firmware | * |
| hp | envy_-_17t-ce100_firmware | * |
| lenovo | thinkpad_yoga_s1_firmware | * |
| lenovo | thinkpad_e485_firmware | * |
| lenovo | thinkpad_e590_firmware | * |
| hp | pavilion_15_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.38.1058 |
| lenovo | thinkpad_p53_firmware | * |
| lenovo | thinkpad_x1_extreme_firmware | * |
| hp | envy_x360_-_15t-dr100_firmware | * |
| lenovo | thinkpad_x390_firmware | * |
| lenovo | thinkpad_t590_firmware | * |
| hp | envy_-_17t-ce000_firmware | * |
| lenovo | thinkpad_x270_firmware | * |
| hp | envy_17-ce1xxx_firmware | * |
| lenovo | thinkpad_yoga_260_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.15.1102 |
| synaptics | vfs75xx_firmware | 5.5.2811.1050 |
| hp | envy_13-ah1xxx_firmware | * |
| lenovo | thinkpad_a275_firmware | * |
| synaptics | vfs75xx_firmware | 5.5.10.1093 |
| lenovo | thinkpad_p72_firmware | * |
| hp | envy_-_13t-aq100_firmware | * |
| hp | envy_13-ah0xxx_firmware | * |
| hp | pavilion_14-dh0xxx_x360_firmware | * |
| lenovo | thinkpad_t470s_(20jx)_firmware | * |
| hp | pavilion_x360_-_14t-cd000_firmware | * |
| lenovo | thinkpad_e480_firmware | * |
| hp | envy_x360_-_15t-dr000_firmware | * |
| synaptics | vfs75xx_firmware | 6.0.42.1107 |
| lenovo | thinkpad_t460p_firmware | * |
| lenovo | thinkpad_t480_firmware | * |
| lenovo | thinkpad_r490_firmware | * |
| lenovo | thinkpad_l580_firmware | * |
| hp | envy_13-aq0xxx_firmware | * |
| lenovo | thinkpad_x1_yoga_4th_gen_firmware | * |
| hp | pavilion_x360_14t-cd100_firmware | * |
The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.0 | HIGH | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.1 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | thinpro | 6.2.1 |
| hp | thinpro | 6.2 |
| hp | thinpro | 7.1 |
| hp | thinpro | 7.0 |
The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | thinpro | 6.2.1 |
| hp | thinpro | 6.2 |
| hp | thinpro | 7.1 |
| hp | thinpro | 7.0 |
A potential security vulnerability has been identified for certain HP printers and MFPs with Troy solutions. For affected printers with FutureSmart Firmware bundle version 4.9 or 4.9.0.1 the potential vulnerability may cause instability in the solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_4 | * |
A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | elitedesk_800_g5_twr_firmware | * |
| hp | prodesk_400_g6_mt_firmware | * |
| hp | prodesk_480_g6_mt_firmware | * |
| hp | zbook_14u_g6_mobile_workstation_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | prodesk_400_g5_dm_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitedesk_800_g5_dm_firmware | * |
| hp | proone_400_g5_aio_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | elitebook_846_g6_healthcare_edition_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | prodesk_600_g5_mt_firmware | * |
| hp | proone_600_g5_aio_firmware | * |
| hp | proone_440_g5_aio_firmware | * |
| hp | eliteone_800_g5_aio_firmware | * |
| hp | prodesk_600_g5_pci_mt_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | zbook_17u_g6_mobile_workstation_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | prodesk_600_g5_dm_firmware | * |
| hp | prodesk_600_g5_sff_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | elitebook_846_g6_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | zbook_15u_g6_mobile_workstation_firmware | * |
| hp | elitedesk_800_g5_sff_firmware | * |
| hp | prodesk_400_g6_sff_firmware | * |
A potential security vulnerability has been identified for certain HP printers and MFPs that would allow redirection page Cross-Site Scripting in a client’s browser by clicking on a third-party malicious link.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_4 | * |
| hp | futuresmart_3 | * |
A potential security vulnerability has been identified with certain versions of HP System Event Utility prior to version 1.4.33. This vulnerability may allow a local attacker to execute arbitrary code via an HP System Event Utility system service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-428,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_event_utility | * |
A potential security vulnerability has been identified for HP LaserJet Solution Software (for certain HP LaserJet Printers) which may lead to unauthorized elevation of privilege on the client.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | color_laserjet_pro_mfp_m277_b3q11a_firmware | * |
| hp | color_laserjet_pro_mfp_m277_b3q10v_firmware | * |
| hp | color_laserjet_pro_mfp_m277_b3q11v_firmware | * |
| hp | color_laserjet_pro_mfp_m277_b3q10a_firmware | * |
| hp | color_laserjet_pro_mfp_m277_b3q17a_firmware | * |
A potential security vulnerability has been identified for certain HP Printers and All-in-Ones that would allow bypassing account lockout.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L | 3.9 | 2.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-307,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | envy_5000_m2u85a_firmware | * |
| hp | deskjet_ink_advantage_5000_m2u89b_firmware | * |
| hp | envy_5000_m2u94b_firmware | * |
| hp | envy_5000_m2u85b_firmware | * |
| hp | envy_5000_z4a54a_firmware | * |
| hp | deskjet_ink_advantage_5000_m2u86a_firmware | * |
| hp | envy_5000_m2u91a_firmware | * |
| hp | envy_5000_z4a74a_firmware | * |
An issue was discovered in Idelji Web ViewPoint H01ABO-H01BY and L01ABP-L01ABZ, Web ViewPoint Plus H01AAG-H01AAQ and L01AAH-L01AAR, and Web ViewPoint Enterprise H01-H01AAE and L01-L01AAF. By reading ADB or AADB file content within the Installation subvolume, a Guardian user can discover the password of the group.user or alias who acknowledges events from the WVP Events screen.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | web_viewpoint_t0986 | * |
| hp | web_viewpoint_t0952 | * |
| hp | web_viewpoint_t0320 | * |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.1 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.6 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| netapp | snapmanager | - |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| oracle | jdk | 11.0.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| netapp | oncommand_unified_manager | * |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | leap | 42.3 |
| redhat | enterprise_linux_server | 7.6 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux | 8.0 |
| oracle | jre | 11.0.1 |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| redhat | enterprise_linux_eus | 8.6 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| opensuse | leap | 15.0 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| netapp | oncommand_workflow_automation | * |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.2 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| oracle | jdk | 11.0.1 |
| netapp | oncommand_unified_manager | * |
| oracle | jre | 11.0.1 |
| netapp | snapmanager | - |
| opensuse | leap | 42.3 |
| hp | xp7_command_view | * |
| oracle | jdk | 1.8.0 |
| oracle | jdk | 1.7.0 |
| netapp | oncommand_workflow_automation | * |
| oracle | jre | 1.8.0 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-400,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | openshift_container_platform | 3.11 |
| redhat | enterprise_linux_server_aus | 8.4 |
| redhat | enterprise_linux_eus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.4 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 19.10 |
| opensuse | leap | 42.3 |
| mcafee | epolicy_orchestrator | 5.9.0 |
| redhat | enterprise_linux_server_tus | 8.2 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| mcafee | epolicy_orchestrator | 5.10.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux | 8.0 |
| oracle | jdk | 11.0.2 |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_eus | 8.1 |
| redhat | enterprise_linux_server_aus | 8.6 |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| redhat | enterprise_linux_eus | 8.6 |
| redhat | enterprise_linux_server_aus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.6 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 11.0.2 |
| opensuse | leap | 15.0 |
| oracle | jre | 12 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| mcafee | epolicy_orchestrator | 5.9.1 |
| oracle | jdk | 12 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | openshift_container_platform | 3.11 |
| apache | tomcat | 9.0.0 |
| redhat | enterprise_linux_server_aus | 8.4 |
| redhat | enterprise_linux_eus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.4 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | leap | 42.3 |
| redhat | enterprise_linux_server_tus | 8.2 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux | 8.0 |
| oracle | jdk | 11.0.2 |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_eus | 8.1 |
| redhat | enterprise_linux_server_aus | 8.6 |
| redhat | satellite | 5.8 |
| apache | cassandra | 4.0.0 |
| oracle | jdk | 1.8.0 |
| canonical | ubuntu_linux | 19.04 |
| apache | cassandra | * |
| redhat | enterprise_linux_eus | 8.6 |
| redhat | enterprise_linux_server_aus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.6 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 11.0.2 |
| opensuse | leap | 15.0 |
| apache | tomcat | * |
| oracle | jre | 12 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| oracle | jdk | 12 |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_eus | 8.6 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| redhat | enterprise_linux | 8.0 |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | openshift_container_platform | 3.11 |
| redhat | enterprise_linux_server_aus | 8.4 |
| redhat | enterprise_linux_eus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.4 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | leap | 42.3 |
| redhat | enterprise_linux_server_tus | 8.2 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_eus | 8.1 |
| redhat | enterprise_linux_server_aus | 8.6 |
| redhat | satellite | 5.8 |
| oracle | jdk | 1.8.0 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_eus | 8.6 |
| redhat | enterprise_linux_server_aus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.6 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| opensuse | leap | 15.0 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 1.4 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| oracle | jdk | 11.0.3 |
| oracle | jdk | 1.8.0 |
| oracle | jre | 11.0.3 |
| oracle | jre | 1.8.0 |
| opensuse | leap | 15.1 |
| opensuse | leap | 15.0 |
| mcafee | epolicy_orchestrator | 5.9.0 |
| hp | xp7_command_view | * |
| mcafee | epolicy_orchestrator | 5.9.1 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| mcafee | epolicy_orchestrator | 5.10.0 |
| debian | debian_linux | 8.0 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| oracle | jdk | 11.0.3 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | leap | 15.1 |
| mcafee | epolicy_orchestrator | 5.9.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| mcafee | epolicy_orchestrator | 5.10.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux | 8.0 |
| oracle | jdk | 12.0.1 |
| redhat | satellite | 5.8 |
| oracle | jre | 12.0.1 |
| oracle | jdk | 1.8.0 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_eus | 8.6 |
| oracle | jre | 11.0.3 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| opensuse | leap | 15.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| mcafee | epolicy_orchestrator | 5.9.1 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.1 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.6 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| oracle | jdk | 12.0.1 |
| oracle | jdk | 11.0.3 |
| oracle | jre | 12.0.1 |
| oracle | jdk | 1.8.0 |
| oracle | jre | 11.0.3 |
| oracle | jre | 1.8.0 |
| opensuse | leap | 15.1 |
| opensuse | leap | 15.0 |
| mcafee | epolicy_orchestrator | 5.9.0 |
| hp | xp7_command_view | * |
| mcafee | epolicy_orchestrator | 5.9.1 |
| oracle | jdk | 1.7.0 |
| mcafee | epolicy_orchestrator | 5.10.0 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| oracle | jdk | 11.0.3 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | leap | 15.1 |
| mcafee | epolicy_orchestrator | 5.9.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| mcafee | epolicy_orchestrator | 5.10.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux | 8.0 |
| oracle | jdk | 12.0.1 |
| redhat | satellite | 5.8 |
| oracle | jre | 12.0.1 |
| oracle | jdk | 1.8.0 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_eus | 8.6 |
| oracle | jre | 11.0.3 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| opensuse | leap | 15.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| mcafee | epolicy_orchestrator | 5.9.1 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.4 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N | 1.6 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_server | 7.0 |
| oracle | jdk | 12.0.1 |
| oracle | jdk | 11.0.3 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | satellite | 5.8 |
| oracle | jre | 12.0.1 |
| oracle | jdk | 1.8.0 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_eus | 8.6 |
| oracle | jre | 11.0.3 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | leap | 15.1 |
| opensuse | leap | 15.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| canonical | ubuntu_linux | 16.04 |
| redhat | enterprise_linux | 8.0 |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.2 | 2.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server | 7.0 |
| oracle | jdk | 11.0.3 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | leap | 15.1 |
| mcafee | epolicy_orchestrator | 5.9.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | jdk | 1.7.0 |
| mcafee | epolicy_orchestrator | 5.10.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux | 8.0 |
| oracle | jdk | 12.0.1 |
| redhat | satellite | 5.8 |
| oracle | jre | 12.0.1 |
| oracle | jdk | 1.8.0 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_eus | 8.6 |
| oracle | jre | 11.0.3 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| opensuse | leap | 15.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| mcafee | epolicy_orchestrator | 5.9.1 |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JCE). The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.2 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | leap | 15.1 |
| opensuse | leap | 15.0 |
| mcafee | epolicy_orchestrator | 5.9.0 |
| hp | xp7_command_view | * |
| oracle | jdk | 1.8.0 |
| mcafee | epolicy_orchestrator | 5.9.1 |
| canonical | ubuntu_linux | 16.04 |
| mcafee | epolicy_orchestrator | 5.10.0 |
| oracle | jre | 1.8.0 |
Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-611,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_logger | * |
Mitigates a stored cross site scripting issue in ArcSight Security Management Center versions prior to 2.9.1
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | arcsight_management_center | * |
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| meissner@suse.de | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-732,CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | keystone-json-assignment | * |
| suse | openstack_cloud | 8.0 |
| hp | helion_openstack | 8.0 |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote authentication bypass vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote denial of service vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-434,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-1188,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote command injection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A stack buffer overflow vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A disclosure of information vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
The HPE Nonstop Maintenance Entity family of products are vulnerable to local disclosure of information, such as system layout and configuration.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | maintenance_entity | * |
| hp | blade_maintenance_entity | * |
| hp | integrated_maintenance_entity | * |
A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-434,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_processor_firmware | * |
A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_processor_firmware | * |
A remote bypass of security restrictions vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_processor_firmware | * |
A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_processor_firmware | * |
A remote gain authorized access vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_processor_firmware | * |
A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-384,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_processor_firmware | * |
A potential security vulnerability has been identified in HP2910al-48G version W.15.14.0016. The attack exploits an xss injection by setting the attack vector in one of the switch persistent configuration fields (management URL, location, contact). But admin privileges are required to configure these fields thereby reducing the likelihood of exploit. HPE Aruba has provided firmware updates to resolve the vulnerability in HP 2910-48G al Switch. Please update to W.15.14.0017.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp2910al-48g_firmware | w.15.14.00.16 |
A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_storeserv_management_console | * |
A remote multiple cross-site scripting vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_storeserv_management_console | * |
A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_storeserv_management_console | * |
A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_storeserv_management_console | * |
A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-384,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_storeserv_management_console | * |
A remote information disclosure vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_storeserv_management_console | * |
Command View Advanced Edition (CVAE) products contain a vulnerability that could expose configuration information of hosts and storage systems that are managed by Device Manager server. This problem is due to a vulnerability in Device Manager GUI. The following products are affected. DevMgr version 7.0.0-00 to earlier than 8.6.1-02 RepMgr if it is installed on the same machine as DevMgr TSMgr if it is installed on the same machine as DevMgr. The resolution is to upgrade to the fixed version as described below or later version of DevMgr 8.6.2-02 or later. RepMgr and TSMgr will be corrected by upgrading DevMgr.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | xp7_tiered_storage_manager | - |
| hp | xp7_replication_manager | - |
| hp | xp7_device_manager | * |
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.6 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H | 1.8 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | runc | 1.0.0 |
| redhat | enterprise_linux_server | 7.0 |
| d2iq | kubernetes_engine | * |
| redhat | openshift | 3.7 |
| netapp | hci_management_node | - |
| kubernetes_engine | - | |
| opensuse | leap | 15.1 |
| apache | mesos | * |
| microfocus | service_management_automation | 2018.11 |
| opensuse | leap | 42.3 |
| canonical | ubuntu_linux | 16.04 |
| microfocus | service_management_automation | 2018.05 |
| redhat | enterprise_linux | 8.0 |
| linuxcontainers | lxc | * |
| redhat | openshift | 3.4 |
| docker | docker | * |
| microfocus | service_management_automation | 2018.02 |
| microfocus | service_management_automation | 2018.08 |
| redhat | container_development_kit | 3.7 |
| redhat | openshift | 3.5 |
| d2iq | dc/os | * |
| canonical | ubuntu_linux | 19.04 |
| fedoraproject | fedora | 29 |
| linuxfoundation | runc | * |
| fedoraproject | fedora | 30 |
| hp | onesphere | - |
| netapp | solidfire | - |
| redhat | openshift | 3.6 |
| opensuse | leap | 15.0 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
| opensuse | backports_sle | 15.0 |
HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP Officejet Enterprise printers have an insufficient solution bundle signature validation that potentially allows execution of arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-347,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_enterprise_500_color_m551_firmware | * |
| hp | color_laserjet_managed_mfp_e57540_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m527z_firmware | * |
| hp | pagewide_color_755_firmware | * |
| hp | laserjet_managed_m605_firmware | * |
| hp | color_laserjet_managed_mfp_e87660_firmware | * |
| hp | laserjet_managed_mfp_e82560_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m577_firmware | * |
| hp | color_laserjet_enterprise_m552_firmware | * |
| hp | color_laserjet_managed_flow_mfp_m880zm_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m682_firmware | * |
| hp | color_laserjet_enterprise_m651_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e58650z_firmware | * |
| hp | laserjet_enterprise_m4555_mfp_firmware | * |
| hp | laserjet_enterprise_500_mfp_m525f_firmware | * |
| hp | pagewide_color_mfp_779_firmware | * |
| hp | laserjet_managed_flow_mfp_e62575_firmware | * |
| hp | pagewide_managed_color_p75250_firmware | * |
| hp | laserjet_enterprise_m606_firmware | * |
| hp | color_laserjet_enterprise_m855_firmware | * |
| hp | laserjet_managed_500_mfp_m525_firmware | * |
| hp | laserjet_managed_mfp_m527_firmware | * |
| hp | color_laserjet_enterprise_m553_firmware | * |
| hp | officejet_managed_color_mfp_x585_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e6750_firmware | * |
| hp | laserjet_managed_flow_mfp_e82550_firmware | * |
| hp | color_laserjet_managed_e65050_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m631_firmware | * |
| hp | pagewide_enterprise_color_mfp_780_firmware | * |
| hp | pagewide_managed_color_e55650_firmware | * |
| hp | color_laserjet_managed_mfp_e77830_firmware | * |
| hp | pagewide_enterprise_color_765_firmware | * |
| hp | laserjet_enterprise_mfp_m527_firmware | * |
| hp | color_laserjet_managed_mfp_m577_firmware | * |
| hp | laserjet_managed_flow_mfp_m527z_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e77650_firmware | * |
| hp | color_laserjet_enterprise_mfp_m682_firmware | * |
| hp | officejet_enterprise_color_mfp_x585_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e57540_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e87660_firmware | * |
| hp | laserjet_managed_flow_mfp_e72530_firmware | * |
| hp | pagewide_managed_color_mfp_e77650_firmware | * |
| hp | color_laserjet_managed_mfp_m775_firmware | * |
| hp | laserjet_managed_flow_mfp_m525_firmware | * |
| hp | color_laserjet_enterprise_m750_firmware | * |
| hp | laserjet_managed_flow_mfp_m630_firmware | * |
| hp | color_laserjet_managed_flow_mfp_m577_firmware | * |
| hp | laserjet_managed_mfp_e82550_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m680_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e77660z_firmware | * |
| hp | laserjet_enterprise_700_m712_firmware | * |
| hp | laserjet_managed_500_color_mfp_m575_firmware | * |
| hp | color_laserjet_managed_m651_firmware | * |
| hp | laserjet_managed_mfp_m725_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e77822_firmware | * |
| hp | laserjet_managed_mfp_e62555_firmware | * |
| hp | laserjet_managed_mfp_e72525_firmware | * |
| hp | color_laserjet_managed_flow_mfp_m680_firmware | * |
| hp | laserjet_managed_e60055_firmware | * |
| hp | officejet_enterprise_color_flow_mfp_x585_firmware | * |
| hp | laserjet_managed_m506_firmware | * |
| hp | color_laserjet_managed_mfp_e67550_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m880z_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m632_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m633_firmware | * |
| hp | laserjet_enterprise_m609_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e87650_firmware | * |
| hp | laserjet_managed_e60065_firmware | * |
| hp | laserjet_enterprise_mfp_m631_firmware | * |
| hp | pagewide_enterprise_color_mfp_586_firmware | * |
| hp | laserjet_managed_flow_mfp_e62555_firmware | * |
| hp | color_laserjet_managed_e55040dw_firmware | * |
| hp | laserjet_enterprise_color_flow_mfp_m575_firmware | * |
| hp | laserjet_managed_e50045_firmware | * |
| hp | pagewide_enterprise_color_flow_mfp_586z_firmware | * |
| hp | digital_sender_flow_8500_fn2_document_capture_workstation_firmware | * |
| hp | pagewide_color_mfp_774_firmware | * |
| hp | laserjet_enterprise_m604_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e67560_firmware | * |
| hp | laserjet_enterprise_mfp_m633_firmware | * |
| hp | laserjet_enterprise_700_color_mfp_m775_firmware | * |
| hp | pagewide_managed_color_mfp_p77940_firmware | * |
| hp | color_laserjet_enterprise_mfp_m577_firmware | * |
| hp | pagewide_managed_color_mfp_e58650dn_firmware | * |
| hp | laserjet_managed_flow_mfp_e72525_firmware | * |
| hp | color_laserjet_enterprise_m653_firmware | * |
| hp | laserjet_enterprise_m506_firmware | * |
| hp | laserjet_enterprise_mfp_m630_firmware | * |
| hp | color_laserjet_cm4540_mfp_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m525_firmware | * |
| hp | laserjet_managed_flow_mfp_e72535_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e77825_firmware | * |
| hp | scanjet_enterprise_8500_fn1_document_capture_workstation_firmware | * |
| hp | color_laserjet_managed_mfp_e67560_firmware | * |
| hp | laserjet_managed_flow_mfp_e62565_firmware | * |
| hp | laserjet_enterprise_600_m602_firmware | * |
| hp | officejet_managed_color_flow_mfp_x585_firmware | * |
| hp | laserjet_managed_mfp_e62565_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m630_firmware | * |
| hp | color_laserjet_managed_mfp_m680_firmware | * |
| hp | pagewide_enterprise_color_556_firmware | * |
| hp | pagewide_managed_color_e75160_firmware | * |
| hp | laserjet_managed_color_flow_mfp_m575_firmware | * |
| hp | color_laserjet_enterprise_mfp_m680_firmware | * |
| hp | laserjet_enterprise_600_m603_firmware | * |
| hp | scanjet_enterprise_flow_n9120_fn2_document_scanner_firmware | * |
| hp | color_laserjet_managed_mfp_e87650_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e77830_firmware | * |
| hp | laserjet_enterprise_500_color_mfp_m575_firmware | * |
| hp | laserjet_managed_mfp_e72535_firmware | * |
| hp | color_laserjet_enterprise_mfp_m681_firmware | * |
| hp | color_laserjet_managed_e65060_firmware | * |
| hp | laserjet_managed_flow_mfp_e82560_firmware | * |
| hp | laserjet_managed_mfp_e82540_firmware | * |
| hp | pagewide_enterprise_color_flow_mfp_780f_firmware | * |
| hp | pagewide_managed_color_mfp_p77960_firmware | * |
| hp | laserjet_managed_flow_mfp_e82540_firmware | * |
| hp | pagewide_enterprise_color_flow_mpf_785_firmware | * |
| hp | color_laserjet_enterprise_cp5525_firmware | * |
| hp | laserjet_enterprise_mfp_m725_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e87640_firmware | * |
| hp | laserjet_enterprise_mfp_m632_firmware | * |
| hp | color_laserjet_managed_mfp_e77825_firmware | * |
| hp | laserjet_managed_mfp_m630_firmware | * |
| hp | laserjet_enterprise_m608_firmware | * |
| hp | laserjet_managed_flow_mfp_m830_firmware | * |
| hp | laserjet_enterprise_m607_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m681_firmware | * |
| hp | laserjet_managed_e60075_firmware | * |
| hp | pagewide_managed_color_mfp_p77950_firmware | * |
| hp | color_laserjet_managed_m553_firmware | * |
| hp | color_laserjet_managed_mfp_e77822_firmware | * |
| hp | laserjet_managed_mfp_e52545_firmware | * |
| hp | laserjet_managed_mfp_e72530_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m830_firmware | * |
| hp | laserjet_managed_flow_mfp_e52545c_firmware | * |
| hp | laserjet_enterprise_m605_firmware | * |
| hp | officejet_enterprise_color_x555_firmware | * |
| hp | laserjet_enterprise_m806_firmware | * |
| hp | color_laserjet_managed_mfp_e87640_firmware | * |
| hp | laserjet_enterprise_600_m601_firmware | * |
| hp | color_laserjet_enterprise_m652_firmware | * |
| hp | pagewide_managed_color_mfp_p77440_firmware | * |
HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H | 2.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | deskjet_3630_v3f22a_firmware | * |
| hp | deskjet_3630_k4t93a_firmware | * |
| hp | deskjet_3630_v3f21a_firmware | * |
| hp | deskjet_3630_k4u03b_firmware | * |
| hp | deskjet_3630_k4t99c_firmware | * |
| hp | deskjet_3630_k4u00b_firmware | * |
| hp | deskjet_3630_f5s57a_firmware | * |
| hp | deskjet_3630_f5s43a_firmware | * |
Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H | 2.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | deskjet_3630_v3f22a_firmware | * |
| hp | deskjet_3630_k4t93a_firmware | * |
| hp | deskjet_3630_v3f21a_firmware | * |
| hp | deskjet_3630_k4u03b_firmware | * |
| hp | deskjet_3630_k4t99c_firmware | * |
| hp | deskjet_3630_k4u00b_firmware | * |
| hp | deskjet_3630_f5s57a_firmware | * |
| hp | deskjet_3630_f5s43a_firmware | * |
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-667,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | z6_g4_workstation_firmware | * |
| hp | z4_g4_core-x_workstation_firmware | * |
| hp | z4_g4_workstation_firmware | * |
| hp | z8_g4_workstation_firmware | * |
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-667,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | z6_g4_workstation_firmware | * |
| hp | z4_g4_core-x_workstation_firmware | * |
| hp | z4_g4_workstation_firmware | * |
| hp | z8_g4_workstation_firmware | * |
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an embedded web server potentially vulnerable to reflected XSS in wireless configuration page.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | w2g54a_firmware | * |
| hp | t6b83a_firmware | * |
| hp | y5s54a_firmware | * |
| hp | t6b80a_firmware | * |
| hp | t6b82a_firmware | * |
| hp | w2g55a_firmware | * |
| hp | y5s55a_firmware | * |
| hp | t6b81a_firmware | * |
| hp | y5s53a_firmware | * |
| hp | y5s50a_firmware | * |
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | w2g54a_firmware | * |
| hp | t6b83a_firmware | * |
| hp | y5s54a_firmware | * |
| hp | t6b80a_firmware | * |
| hp | t6b82a_firmware | * |
| hp | w2g55a_firmware | * |
| hp | y5s55a_firmware | * |
| hp | t6b81a_firmware | * |
| hp | y5s53a_firmware | * |
| hp | y5s50a_firmware | * |
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an embedded web server that is potentially vulnerable to Cross-site Request Forgery.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | w2g54a_firmware | * |
| hp | t6b83a_firmware | * |
| hp | y5s54a_firmware | * |
| hp | t6b80a_firmware | * |
| hp | t6b82a_firmware | * |
| hp | w2g55a_firmware | * |
| hp | y5s55a_firmware | * |
| hp | t6b81a_firmware | * |
| hp | y5s53a_firmware | * |
| hp | y5s50a_firmware | * |
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have embedded web server attributes which may be potentially vulnerable to Buffer Overflow.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | w2g54a_firmware | * |
| hp | t6b83a_firmware | * |
| hp | y5s54a_firmware | * |
| hp | t6b80a_firmware | * |
| hp | t6b82a_firmware | * |
| hp | w2g55a_firmware | * |
| hp | y5s55a_firmware | * |
| hp | t6b81a_firmware | * |
| hp | y5s53a_firmware | * |
| hp | y5s50a_firmware | * |
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an IPP Parser potentially vulnerable to Buffer Overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_m280-m281_t6b80a_firmware | * |
| hp | laserjet_pro_mfp_m28-m31_y5s50a_firmware | * |
| hp | laserjet_pro_mfp_m28-m31_w2g54a_firmware | * |
| hp | laserjet_pro_mfp_m28-m31_w2g55a_firmware | * |
| hp | laserjet_pro_mfp_m28-m31_y5s54a_firmware | * |
| hp | laserjet_pro_mfp_m28-m31_y5s55a_firmware | * |
| hp | laserjet_pro_m280-m281_t6b83a_firmware | * |
| hp | laserjet_pro_m280-m281_t6b81a_firmware | * |
| hp | laserjet_pro_m280-m281_t6b82a_firmware | * |
| hp | laserjet_pro_mfp_m28-m31_y5s53a_firmware | * |
HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6329.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
A potential security vulnerability has been identified in the software solution HP Access Control versions prior to 16.7. This vulnerability could potentially grant elevation of privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | access_control | * |
An issue was found in Samsung Mobile Print (Android) versions prior to 4.08.007. A potential security vulnerability caused by incomplete obfuscation of application configuration information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | samsung_mobile_print | * |
A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A - V1N08A, Y5H60A - Y5H80A; HP DeskJet Ink Advantage 2600 All-in-One Printer series model numbers V1N02A - V1N02B, Y5Z00A - Y5Z04B; HP DeskJet Ink Advantage 5000 All-in-One Printer series model numbers M2U86A - M2U89B; HP DeskJet Ink Advantage 5200 All-in-One Printer series model numbers M2U76A - M2U78B; HP ENVY 5000 All-in-One Printer series model numbers M2U85A - M2U85B, M2U91A - M2U94B, Z4A54A - Z4A74A; HP ENVY Photo 6200 All-in-One Printer series model numbers K7G18A-K7G26B, K7S21B, Y0K13D - Y0K15A; HP ENVY Photo 7100 All-in-One Printer series model numbers 3XD89A, K7G93A-K7G99A, Z3M37A - Z3M52A; HP ENVY Photo 7800 All-in-One Printer series model numbers K7R96A, K7S00A - K7S10D, Y0G42D - Y0G52B; HP Ink Tank Wireless 410 series model numbers Z4B53A - Z4B55A, Z6Z95A - Z6Z99A, 4DX94A - 4DX95A, 4YF79A, Z7A01A; HP OfficeJet 5200 All-in-One Printer series model numbers M2U75A, M2U81A-M2U84B, Z4B12A - Z4B14A, Z4B27A - Z4B29A; HP Smart Tank Wireless 450 series model numbers Z4B56A, Z6Z96A - Z6Z98A.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | envy_photo_7100_3xd89a_firmware | * |
| hp | smart_tank_wireless_450_z6z96a_firmware | * |
| hp | envy_5000_m2u85a_firmware | * |
| hp | ink_tank_wireless_410_z4b55a_firmware | * |
| hp | smart_tank_wireless_450_z6z98a_firmware | * |
| hp | envy_photo_6200_k7s21b_firmware | * |
| hp | envy_photo_7800_k7r96a_firmware | * |
| hp | ink_tank_wireless_410_z6z99a_firmware | * |
| hp | envy_5000_m2u91a_firmware | * |
| hp | envy_photo_6200_y0k15a_firmware | * |
| hp | smart_tank_wireless_450_z4b56a_firmware | * |
| hp | envy_5000_z4a54a_firmware | * |
| hp | envy_photo_6200_k7g26b_firmware | * |
| hp | envy_photo_7800_y0g42d_firmware | * |
| hp | officejet_5200_z4b12a_firmware | * |
| hp | deskjet_2600_y5h80a_firmware | * |
| hp | envy_5000_m2u94b_firmware | * |
| hp | officejet_5200_z4b27a_firmware | * |
| hp | officejet_5200_m2u75a_firmware | * |
| hp | deskjet_ink_advantage_2600_v1n02b_firmware | * |
| hp | deskjet_ink_advantage_5200_m2u78b_firmware | * |
| hp | envy_photo_7100_k7g93a_firmware | * |
| hp | envy_5000_z4a74a_firmware | * |
| hp | officejet_5200_z4b14a_firmware | * |
| hp | ink_tank_wireless_410_z7a01a_firmware | * |
| hp | envy_photo_7100_z3m37a_firmware | * |
| hp | envy_photo_7100_z3m52a_firmware | * |
| hp | envy_photo_7800_y0g52b_firmware | * |
| hp | deskjet_ink_advantage_5000_m2u89b_firmware | * |
| hp | officejet_5200_m2u84b_firmware | * |
| hp | deskjet_ink_advantage_2600_y5z04b_firmware | * |
| hp | envy_photo_6200_k7g18a_firmware | * |
| hp | envy_photo_7800_k7s10d_firmware | * |
| hp | officejet_5200_z4b29a_firmware | * |
| hp | envy_5000_m2u85b_firmware | * |
| hp | ink_tank_wireless_410_z6z95a_firmware | * |
| hp | deskjet_ink_advantage_5000_m2u86a_firmware | * |
| hp | deskjet_2600_v1n01a_firmware | * |
| hp | ink_tank_wireless_410_4dx94a_firmware | * |
| hp | deskjet_ink_advantage_5200_m2u76a_firmware | * |
| hp | officejet_5200_m2u81a_firmware | * |
| hp | deskjet_2600_v1n08a_firmware | * |
| hp | ink_tank_wireless_410_z4b53a_firmware | * |
| hp | deskjet_ink_advantage_2600_v1n02a_firmware | * |
| hp | deskjet_ink_advantage_2600_y5z00a_firmware | * |
| hp | ink_tank_wireless_410_4yf79a_firmware | * |
| hp | envy_photo_7800_k7s00a_firmware | * |
| hp | deskjet_2600_4uj28b_firmware | * |
| hp | deskjet_2600_y5h60a_firmware | * |
| hp | envy_photo_6200_y0k13d__firmware | * |
| hp | envy_photo_7100_k7g99a_firmware | * |
| hp | ink_tank_wireless_410_4dx95a_firmware | * |
A potential security vulnerability has been identified with certain versions of HP Touchpoint Analytics prior to version 4.1.4.2827. This vulnerability may allow a local attacker with administrative privileges to execute arbitrary code via an HP Touchpoint Analytics system service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | touchpoint_analytics | * |
HP LaserJet, PageWide, OfficeJet Enterprise, and LaserJet Managed Printers have a solution to check application signature that may allow potential execution of arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_4 | * |
| hp | futuresmart_3 | * |
A potential security vulnerability has been identified with Samsung Laser Printers. This vulnerability could potentially be exploited to create a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | samsung_m2070_firmware | - |
| hp | samsung_c480_firmware | - |
| hp | samsung_clp680_firmware | * |
| hp | samsung_m436dn_firmware | * |
For the printers listed a maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.2 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 0.9 | 4.2 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | k9z76d_firmware | * |
| hp | j6u51b_firmware | * |
| hp | k9z74a_firmware | * |
| hp | d3q21a_firmware | * |
| hp | d3q15a_firmware | * |
| hp | j9v82d_firmware | * |
| hp | d3q20c_firmware | * |
| hp | j9v80a_firmware | * |
| hp | d9l64a_firmware | * |
| hp | t0g70a_firmware | * |
| hp | j6u55a_firmware | * |
| hp | j9v82a_firmware | * |
| hp | k9z76a_firmware | * |
| hp | d3q20b_firmware | * |
| hp | j3p68a_firmware | * |
| hp | d3q19a_firmware | * |
| hp | k9z74d_firmware | * |
| hp | d3q21c_firmware | * |
| hp | d3q20a_firmware | * |
| hp | d3q19d_firmware | * |
| hp | w2z53b_firmware | * |
| hp | j6u57b_firmware | * |
| hp | w2z52b_firmware | * |
| hp | d3q17a_firmware | * |
| hp | d3q16d_firmware | * |
| hp | d3q20d_firmware | * |
| hp | d3q15d_firmware | * |
| hp | d3q15b_firmware | * |
| hp | j3p65a_firmware | * |
| hp | 2dr21d_firmware | * |
| hp | d9l63a_firmware | * |
| hp | d3q21b_firmware | * |
| hp | j9v78b_firmware | * |
| hp | d3q19b_firmware | * |
| hp | j9v80b_firmware | * |
| hp | k9z76b_firmware | * |
| hp | j6u55d_firmware | * |
| hp | d3q17d_firmware | * |
| hp | d3q21d_firmware | * |
| hp | d3q16a_firmware | * |
| hp | j6u57a_firmware | * |
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | mysql | * |
| opensuse | package_hub | - |
| netapp | cloud_backup | - |
| redhat | enterprise_linux_for_power_little_endian | 8.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_for_ibm_z_systems | 8.0 |
| mozilla | thunderbird | - |
| netapp | active_iq_unified_manager | * |
| opensuse | leap | 15.1 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_for_ibm_z_systems | 7.0 |
| mozilla | firefox | - |
| netapp | steelstore | - |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_for_ibm_z_systems | 6.0 |
| netapp | snapmanager | 3.4.2 |
| redhat | enterprise_linux_for_power_little_endian | 7.0 |
| netapp | e-series_santricity_web_services | * |
| netapp | e-series_santricity_unified_manager | * |
| opensuse | leap | 15.0 |
| canonical | ubuntu_linux | 18.04 |
| netapp | active_iq_unified_manager | 9.6 |
| redhat | enterprise_linux_for_power_big_endian | 7.0 |
| oracle | jdk | 11.0.3 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | plug-in_for_symantec_netbackup | - |
| oracle | java_se | 8u212 |
| libpng | libpng | * |
| opensuse | leap | 42.3 |
| netapp | snapmanager | * |
| oracle | hyperion_infrastructure_technology | 11.2.6.0 |
| canonical | ubuntu_linux | 16.04 |
| oracle | java_se | 7u221 |
| redhat | enterprise_linux | 8.0 |
| netapp | e-series_santricity_storage_manager | * |
| oracle | jdk | 12.0.1 |
| netapp | oncommand_insight | * |
| redhat | satellite | 5.8 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_for_scientific_computing | 6.0 |
| redhat | enterprise_linux_for_scientific_computing | 7.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_for_power_big_endian | 6.0 |
| netapp | e-series_santricity_management | - |
| hpe | xp7_command_view_advanced_edition_suite | * |
| canonical | ubuntu_linux | 18.10 |
| redhat | enterprise_linux_workstation | 7.0 |
| hp | xp7_command_view | * |
| netapp | oncommand_workflow_automation | * |
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-290,CWE-290,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cisco | nx-os | 5.2(1)n1(2) |
| cisco | nx-os | 6.1(2)i2(2a) |
| cisco | nx-os | 5.2(1)sm1(5.2a) |
| cisco | nx-os | 5.2(1)n1(1a) |
| cisco | nx-os | 7.3(5)d1(1) |
| cisco | nx-os | 5.2(1)sk3(2.2b) |
| cisco | nx-os | 5.0(3)u1(1b) |
| cisco | nx-os | 7.0(5)n1(1a) |
| cisco | nx-os | 7.1(3)n1(5) |
| treck | tcp/ip | * |
| cisco | nx-os | 7.2(2)d1(1) |
| cisco | nx-os | 6.0(2)u5(1) |
| cisco | nx-os | 6.0(2)u1(1) |
| cisco | nx-os | 5.0(3)u3(2a) |
| cisco | nx-os | 7.1(3)n1(4) |
| cisco | nx-os | 6.0(2)n1(2) |
| cisco | nx-os | 5.2(4) |
| cisco | nx-os | 6.0(2)a1(2d) |
| cisco | nx-os | 6.0(2)a3(1) |
| cisco | nx-os | 7.0(3)i1(1z) |
| cisco | nx-os | 5.2(1)sm3(1.1) |
| cisco | nx-os | 6.0(2)a4(2) |
| cisco | nx-os | 7.3(4)d1(1) |
| cisco | nx-os | 5.0(3)u1(2a) |
| cisco | nx-os | 7.3(2)n1(1) |
| cisco | nx-os | 6.0(2)a1(1b) |
| cisco | nx-os | 5.0(3)u2(2c) |
| cisco | nx-os | 6.0(2)u2(4.92.4z) |
| cisco | nx-os | 5.0(3)u5(1c) |
| cisco | nx-os | 7.3(7)n1(1) |
| cisco | nx-os | 7.3(6)d1(1) |
| cisco | nx-os | 6.0(2)a4(4) |
| cisco | nx-os | 7.1(3)n1(2) |
| cisco | nx-os | 7.2(1)d1(1) |
| cisco | nx-os | 6.2(2) |
| cisco | nx-os | 7.1(1)n1(1) |
| cisco | nx-os | 5.2(1)sv3(2.8) |
| cisco | nx-os | 6.0(2)a1(1c) |
| cisco | nx-os | 6.2(14) |
| cisco | nx-os | 5.2(9) |
| cisco | nx-os | 5.0(3)u1(2) |
| cisco | nx-os | 7.1(1)n1(1a) |
| cisco | nx-os | 5.2(1)sm3(1.1a) |
| cisco | nx-os | 6.0(2)u2(1) |
| cisco | nx-os | 6.2(6b) |
| cisco | nx-os | 6.0(2)a1(1d) |
| cisco | nx-os | 6.0(2)a4(1) |
| cisco | nx-os | 5.0(3)u5(1a) |
| cisco | nx-os | 7.3(0)n1(1b) |
| cisco | nx-os | 7.3(2)d1(3) |
| cisco | nx-os | 7.3(0)d1(1) |
| cisco | nx-os | 5.2(1)sv3(1.2) |
| cisco | nx-os | 6.1(2)i1(2) |
| cisco | nx-os | 6.0(2)a3(2) |
| cisco | nx-os | 5.0(3)u5(1f) |
| cisco | nx-os | 6.0(2)u2(6) |
| cisco | nx-os | 5.2(1)n1(8a) |
| cisco | nx-os | 6.0(2)u2(3) |
| cisco | nx-os | 5.2(1)sv3(3.1) |
| cisco | nx-os | 7.3(4)n1(1) |
| cisco | nx-os | 6.2(20a) |
| cisco | nx-os | 7.3(1)n1(1) |
| cisco | nx-os | 7.2(1)n1(1) |
| cisco | nx-os | 6.2(16) |
| cisco | nx-os | 6.0(2)n2(5b) |
| cisco | nx-os | 6.0(2)a1(1f) |
| cisco | nx-os | 7.3(2)d1(3a) |
| cisco | nx-os | 7.1(0)n1(1b) |
| cisco | nx-os | 5.2(1)sv3(1.4) |
| cisco | nx-os | 6.0(2)n2(5a) |
| cisco | nx-os | 6.2(6) |
| cisco | nx-os | 5.0(3)u3(2) |
| cisco | nx-os | 7.1(4)n1(1) |
| cisco | nx-os | 5.2(1)sv3(1.6) |
| cisco | nx-os | 7.1(4)n1(1c) |
| cisco | nx-os | 7.1(5)n1(1) |
| cisco | nx-os | 5.0(3)u2(2b) |
| cisco | unified_computing_system | - |
| cisco | nx-os | 7.1(3)n1(1) |
| cisco | nx-os | 5.2(1)n1(7) |
| cisco | nx-os | 5.2(1)sk3(2.1a) |
| cisco | nx-os | 5.0(3)u4(1) |
| cisco | nx-os | 6.0(2)u2(4) |
| cisco | nx-os | 5.2(1)sv3(1.10) |
| cisco | nx-os | 6.0(2)a4(5) |
| cisco | nx-os | 5.2(1) |
| cisco | nx-os | 6.0(2)n1(1) |
| cisco | nx-os | 7.0(6)n1(4s) |
| cisco | nx-os | 6.0(2)u4(3) |
| cisco | nx-os | 7.3(2)d1(1) |
| cisco | nx-os | 6.1(2)i2(3) |
| cisco | nx-os | 7.1(4)n1(1a) |
| cisco | nx-os | 5.2(1)sv3(4.1) |
| cisco | nx-os | 7.1(3)n1(3) |
| cisco | nx-os | 5.2(1)n1(9) |
| cisco | nx-os | 5.2(1)sv3(1.4b) |
| cisco | nx-os | 5.2(1)sv3(1.5a) |
| cisco | nx-os | 7.3(2)n1(1c) |
| cisco | nx-os | 5.2(1)n1(8b) |
| digi | saros | * |
| cisco | nx-os | 5.2(1)sv3(4.1b) |
| cisco | nx-os | 5.2(1)n1(6) |
| cisco | nx-os | 5.2(1)n1(9a) |
| cisco | nx-os | 5.0(3)u5(1i) |
| cisco | nx-os | 7.1(2)n1(1a) |
| cisco | nx-os | 7.3(2)d1(1d) |
| cisco | nx-os | 6.0(2)u4(4) |
| cisco | nx-os | 6.1(2)i2(2) |
| cisco | nx-os | 7.0(4)n1(1) |
| hp | x3220nr_firmware | * |
| cisco | nx-os | 6.0(2)u3(4) |
| cisco | nx-os | 7.3(7)n1(1a) |
| cisco | nx-os | 5.2(1)n1(1b) |
| cisco | nx-os | 7.0(3)i1(1b) |
| cisco | nx-os | 6.0(2)n1(2a) |
| cisco | nx-os | 7.3(0)dx(1) |
| cisco | nx-os | 5.2(1)n1(8) |
| cisco | nx-os | 5.2(9a) |
| cisco | nx-os | 7.3(3)d1(1) |
| cisco | nx-os | 5.2(1)sv3(1.1) |
| cisco | nx-os | 7.0(3)i1(1a) |
| cisco | nx-os | 5.2(1)n1(1) |
| cisco | nx-os | 6.0(2)u3(5) |
| cisco | nx-os | 5.2(1)sm1(5.1) |
| cisco | nx-os | 5.2(1)sv3(2.1) |
| cisco | nx-os | 5.2(1)sv5(1.2) |
| cisco | nx-os | 6.1(2)i3(1) |
| cisco | nx-os | 7.2(2)d1(3) |
| cisco | nx-os | 5.0(3)u3(1) |
| cisco | nx-os | 5.0(3)u1(1a) |
| cisco | nx-os | 6.0(2)a1(1e) |
| cisco | nx-os | 5.0(3)u2(2a) |
| cisco | nx-os | 6.0(2)n2(2) |
| cisco | nx-os | 6.0(2)u3(9) |
| cisco | nx-os | 5.2(3) |
| cisco | nx-os | 6.0(2)u3(6) |
| cisco | nx-os | 5.2(1)sv3(4.1a) |
| cisco | nx-os | 7.0(2)n1(1) |
| cisco | nx-os | 6.2(18) |
| cisco | nx-os | 7.0(4)n1(1a) |
| cisco | nx-os | 7.0(7)n1(1b) |
| cisco | nx-os | 5.2(1)sv3(1.3) |
| cisco | nx-os | 5.0(3)u5(1j) |
| cisco | nx-os | 5.0(3)u2(2d) |
| cisco | nx-os | 5.0(3)u5(1e) |
| cisco | nx-os | 6.0(2)a3(4) |
| cisco | nx-os | 5.2(7) |
| cisco | nx-os | 6.0(2)u3(1) |
| cisco | nx-os | 7.3(2)n1(1b) |
| cisco | nx-os | 7.0(6)n1(3s) |
| cisco | nx-os | 5.2(1)sv5(1.1) |
| cisco | nx-os | 5.0(3)u5(1) |
| cisco | nx-os | 7.3(0)n1(1a) |
| cisco | nx-os | 6.0(2)a4(6) |
| cisco | nx-os | 6.0(2)u3(2) |
| cisco | nx-os | 5.0(3)u3(2b) |
| cisco | nx-os | 5.0(3)u5(1g) |
| cisco | nx-os | 6.0(2)n2(1) |
| cisco | nx-os | 5.0(3)a1(2a) |
| cisco | nx-os | 6.0(2)n1(1a) |
| cisco | nx-os | 5.2(1)n1(9b) |
| cisco | nx-os | 5.0(3)u2(2) |
| cisco | nx-os | 7.3(6)n1(1a) |
| cisco | nx-os | 7.3(0)n1(1) |
| cisco | nx-os | 6.1(2)i2(1) |
| cisco | nx-os | 5.2(1)sv5(1.3) |
| cisco | nx-os | 6.2(8) |
| cisco | nx-os | 7.0(3)n1(1) |
| cisco | ucs_manager | 3.2(3n)a |
| cisco | nx-os | 5.0(3)u5(1d) |
| cisco | nx-os | 7.0(7)n1(1) |
| cisco | nx-os | 6.1(2)i3(3) |
| cisco | nx-os | 5.0(3)u2(1) |
| cisco | nx-os | 6.2(10) |
| cisco | nx-os | 5.2(1)n1(4) |
| cisco | nx-os | 7.0(0)n1(1) |
| cisco | nx-os | 5.2(1)sm1(5.2c) |
| cisco | nx-os | 7.1(3)n1(2a) |
| cisco | nx-os | 7.3(3)n1(1) |
| cisco | nx-os | 7.3(6)n1(1) |
| cisco | nx-os | 6.0(2)n2(4) |
| cisco | nx-os | 6.2(14a) |
| cisco | nx-os | 5.0(3)a1(1) |
| cisco | nx-os | 5.2(1)sm1(5.2b) |
| cisco | nx-os | 5.0(3)u1(1c) |
| cisco | nx-os | 7.0(6)n1(2s) |
| cisco | nx-os | 5.2(5) |
| cisco | nx-os | 7.0(5)n1(1) |
| cisco | nx-os | 6.0(2)a1(1a) |
| cisco | nx-os | 5.2(1)sk3(1.1) |
| cisco | nx-os | 7.2(2)d1(2) |
| cisco | nx-os | 6.0(2)u3(3) |
| cisco | nx-os | 6.1(2)i2(2b) |
| cisco | nx-os | 6.0(2)n2(1b) |
| cisco | nx-os | 6.0(2)u3(8) |
| cisco | nx-os | 6.0(2)u1(3) |
| cisco | nx-os | 6.0(2)u1(2) |
| cisco | nx-os | 6.1(2)i3(3a) |
| cisco | nx-os | 6.1(2)i1(3) |
| cisco | nx-os | 6.1(2)i3(2) |
| cisco | nx-os | 5.2(1)sv3(2.5) |
| cisco | nx-os | 5.2(1)sm1(5.2) |
| cisco | nx-os | 6.2(20) |
| cisco | nx-os | 5.2(1)sm3(1.1c) |
| cisco | nx-os | 5.0(3)u5(1b) |
| cisco | nx-os | 7.0(3)i1(1) |
| cisco | nx-os | 6.0(2)u2(5) |
| cisco | nx-os | 5.2(1)sm3(2.1) |
| cisco | nx-os | 5.2(1)sv3(1.15) |
| cisco | nx-os | 6.2(8a) |
| cisco | nx-os | 7.2(2)d1(4) |
| cisco | nx-os | 6.0(2)n2(7) |
| cisco | nx-os | 6.0(2)a1(1) |
| cisco | nx-os | 7.3(2)d1(2) |
| cisco | nx-os | 7.3(4)n1(1a) |
| cisco | nx-os | 6.0(2)n2(5) |
| cisco | nx-os | 7.0(6)n1(1) |
| cisco | nx-os | 7.0(7)n1(1a) |
| cisco | nx-os | 6.0(2)u1(4) |
| cisco | nx-os | 5.2(1)sk3(2.2) |
| cisco | nx-os | 7.2(0)d1(1) |
| cisco | nx-os | 5.2(1)n1(3) |
| cisco | nx-os | 5.2(1)sk3(2.1) |
| cisco | nx-os | 6.0(2)u2(2) |
| cisco | nx-os | 7.1(4)n1(1d) |
| cisco | nx-os | 5.2(3a) |
| cisco | nx-os | 6.2(24) |
| cisco | nx-os | 6.0(2)n2(3) |
| cisco | nx-os | 7.3(5)n1(1) |
| cisco | nx-os | 6.2(12) |
| cisco | nx-os | 6.2(22) |
| cisco | nx-os | 5.0(3)a1(2) |
| cisco | nx-os | 5.2(1)sv3(3.15) |
| cisco | nx-os | 6.2(2a) |
| cisco | nx-os | 6.2(14b) |
| cisco | nx-os | 7.1(0)n1(1) |
| cisco | nx-os | 7.1(5)n1(1b) |
| cisco | nx-os | 6.2(8b) |
| cisco | nx-os | 5.0(3)u5(1h) |
| cisco | nx-os | 7.0(8)n1(1a) |
| cisco | nx-os | 6.2(6a) |
| cisco | nx-os | 7.1(0)n1(1a) |
| cisco | nx-os | 7.1(2)n1(1) |
| cisco | nx-os | 5.0(3)u1(1) |
| cisco | nx-os | 7.0(8)n1(1) |
| cisco | nx-os | 6.0(2)a4(3) |
| cisco | nx-os | 6.0(2)n2(6) |
| cisco | nx-os | 5.2(1)n1(5) |
| cisco | nx-os | 7.0(1)n1(1) |
| cisco | nx-os | 5.2(1)sm3(1.1b) |
| cisco | nx-os | 6.0(2)u3(7) |
| cisco | nx-os | 6.0(2)u4(1) |
| cisco | nx-os | 7.3(1)d1(1) |
| cisco | nx-os | 5.0(3)u1(1d) |
| cisco | nx-os | 5.2(1)sv3(1.5b) |
| cisco | nx-os | 5.2(1)n1(2a) |
| cisco | nx-os | 6.0(2)u1(1a) |
| cisco | nx-os | 6.0(2)u4(2) |
Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) Universal CMDB affecting version: 2020.05, 2019.11, 2019.05, 2019.02, 2018.11, 2018.08, 2018.05, 11, 10.33, 10.32, 10.31, 10.30 6.) Hybrid Cloud Management affecting version 2020.05 7.) Service Management Automation affecting version 2020.5 and 2020.02. The vulnerability could allow to execute arbitrary code.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_cmbd_foundation | 2018.08 |
| microfocus | hybrid_cloud_management | * |
| microfocus | operation_bridge_manager | 10.11 |
| microfocus | operation_bridge_manager | 10.12 |
| hp | universal_cmbd_foundation | 2019.05 |
| microfocus | operation_bridge_manager | 10.61 |
| hp | universal_cmbd_foundation | 10.30 |
| microfocus | service_manager_automation | 2020.05 |
| hp | universal_cmbd_foundation | 10.20 |
| hp | universal_cmbd_foundation | 10.31 |
| hp | universal_cmbd_foundation | 2019.11 |
| microfocus | operations_bridge_manager | 2017.11 |
| microfocus | data_center_automation | * |
| microfocus | operations_bridge_manager | 2019.11 |
| microfocus | operations_bridge_manager | 2020.05 |
| microfocus | operations_bridge_manager | 2018.11 |
| hp | universal_cmbd_foundation | 2018.11 |
| hp | universal_cmbd_foundation | 2018.05 |
| hp | universal_cmbd_foundation | 10.33 |
| microfocus | operations_bridge_manager | 2018.05 |
| microfocus | operations_bridge_manager | 2019.08 |
| microfocus | application_performance_management | 9.51 |
| microfocus | operations_bridge_manager | 2018.02 |
| hp | universal_cmbd_foundation | 2019.02 |
| microfocus | operation_bridge_manager | 10.63 |
| hp | universal_cmbd_foundation | 11.0 |
| hp | universal_cmbd_foundation | 10.32 |
| microfocus | operation_bridge_manager | 10.60 |
| microfocus | application_performance_management | 9.50 |
| microfocus | operations_bridge_manager | 2018.08 |
| microfocus | operation_bridge_manager | * |
| microfocus | operations_bridge_manager | 2019.05 |
| microfocus | operation_bridge_manager | 10.62 |
| microfocus | service_manager_automation | 2020.02 |
| hp | universal_cmbd_foundation | 2020.05. |
| microfocus | application_performance_management | 9.40 |
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H | 2.2 | 4.7 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | envy_5000_z4a54a | - |
| fedoraproject | fedora | 31 |
| hp | envy_4524_k9t01a | - |
| hp | hp_envy_4522_f0v67a | - |
| hp | envy_5543_n9u88a | - |
| hp | envy_4500_a9t80a | - |
| hp | envy_photo_7100_z3m52a | - |
| hp | hp_envy_4526_k9t05b | - |
| hp | envy_5536 | - |
| hp | envy_4508_e6g72b | - |
| cisco | wap351 | - |
| hp | hp_envy_4513_k9h51a | - |
| hp | envy_photo_7164_k7g99a | - |
| epson | xp-2101 | - |
| hp | envy_5020_m2u91b | - |
| hp | envy_pro_6452_5se47a | - |
| hp | envy_4505_a9t86a | - |
| hp | hp_deskjet_ink_advantage_4675_f1h97b | - |
| epson | xp-440 | - |
| hp | envy_4501_c8d05a | - |
| hp | envy_photo_7822_y0g43d | - |
| hp | deskjet_ink_advantage_3545_a9t81c | - |
| hp | envy_100_cn519a | - |
| hp | envy_pro_6420_6wd14a | - |
| hp | hp_officejet_4655_k9v79a | - |
| hp | deskjet_ink_advantage_4538_f0v66b | - |
| epson | xp-340 | - |
| hp | officejet_4656_k9v81b | - |
| ruckussecurity | zonedirector_1200 | - |
| hp | envy_111_cq810a | - |
| epson | xp-320 | - |
| hp | deskjet_ink_advantage_4678_f1h99b | - |
| hp | envy_110_cq812c | - |
| hp | envy_5542_k7c88a | - |
| hp | envy_5000_m2u85a | - |
| epson | m571t | - |
| hp | officejet_4658_v6d30b | - |
| hp | officejet_4657_v6d29b | - |
| hp | envy_5640_b9s58a | - |
| hp | hp_officejet_4655_f1j00a | - |
| hp | deskjet_ink_advantage_3545_a9t83b | - |
| hp | envy_5540_k7c85a | - |
| hp | envy_4522_f0v67a | - |
| hp | envy_5535 | - |
| hp | hp_officejet_4650_e6g87a | - |
| hp | envy_110_cq809a | - |
| hp | envy_6052_5se18a | - |
| hp | hp_officejet_4652_f1j05b | - |
| hp | envy_5000_m2u85b | - |
| hp | officejet_4652_k9v84b | - |
| hp | 5030_m2u92b | - |
| hp | envy_photo_7120_z3m41d | - |
| hp | deskjet_ink_advantage_3546_a9t82a | - |
| hp | hp_envy_4520_f0v63b | - |
| hp | envy_photo_7800_y0g52b | - |
| hp | envy_5644_b9s65a | - |
| epson | xp-330 | - |
| hp | envy_114_cq812a | - |
| hp | envy_photo_7100_k7g99a | - |
| hp | officejet_4655_f1j00a | - |
| hp | envy_4520_e6g67b | - |
| hp | envy_photo_6200_k7g26b | - |
| hp | envy_photo_7800_k7s00a | - |
| hp | envy_5544_k7c89a | - |
| hp | envy_5548_k7g87a | - |
| hp | envy_4523_j6u60b | - |
| hp | envy_7644_e4w46a | - |
| hp | envy_4509_d3p94a | - |
| canonical | ubuntu_linux | 20.04 |
| hp | hp_officejet_4657_v6d29b | - |
| zte | zxv10_w300 | - |
| hp | hp_envy_4520_e6g67a | - |
| hp | hp_envy_4512_k9h49a | - |
| hp | 5030_z4a70a | - |
| hp | envy_4509_d3p94b | - |
| cisco | wap131 | - |
| hp | envy_120_cz022c | - |
| hp | envy_photo_6200_y0k15a | - |
| hp | hp_envy_4511_k9h50a | - |
| canon | selphy_cp1200 | - |
| hp | officejet_4654_f1j06b | - |
| hp | deskjet_ink_advantage_4676_f1h98a | - |
| hp | envy_photo_7800_k7s10d | - |
| hp | envy_5540_g0v53a | - |
| hp | envy_photo_7155_z3m52a | - |
| hp | envy_4520_f0v63b | - |
| hp | envy_5000_m2u91a | * |
| hp | envy_5541_k7g89a | - |
| epson | xp-4100 | - |
| hp | envy_100_cn519b | - |
| hp | envy_110_cq809c | - |
| hp | envy_4520_f0v63a | - |
| hp | hp_deskjet_ink_advantage_4535_f0v64c | - |
| ui | unifi_controller | - |
| hp | envy_4500_a9t89a | - |
| hp | hp_envy_4525_k9t09b | - |
| hp | hp_officejet_4654_f1j07b | - |
| hp | envy_4511_k9h50a | - |
| hp | envy_5646_f8b05a | - |
| tp-link | archer_c50 | - |
| hp | envy_pro_6420_6wd16a | - |
| hp | 5020_z4a69a | - |
| hp | deskjet_ink_advantage_4675_f1h97a | - |
| hp | envy_4528_k9t08b | - |
| dell | b1165nfw | - |
| epson | xp-702 | - |
| hp | hp_officejet_4650_f1h96a | - |
| zyxel | vmg8324-b10a | - |
| hp | envy_7640 | - |
| epson | ew-m970a3t | - |
| hp | envy_photo_7800_y0g42d | - |
| hp | hp_officejet_4654_f1j06b | - |
| hp | envy_photo_6252_k7g22a | - |
| nec | wr8165n | - |
| epson | xp-630 | - |
| hp | envy_4524_f0v72b | - |
| hp | envy_photo_7100_3xd89a | - |
| dlink | dvg-n5412sp | - |
| hp | hp_deskjet_ink_advantage_4535_f0v64b | - |
| hp | deskjet_ink_advantage_4536_f0v65a | - |
| hp | deskjet_ink_advantage_5575_g0v48c | - |
| hp | envy_photo_7800_k7r96a | - |
| epson | xp-620 | - |
| hp | hp_envy_4524_f0v72b | - |
| hp | envy_6055_5se16a | - |
| epson | xp-2105 | - |
| hp | envy_100_cn518a | - |
| hp | hp_envy_4520_f0v69a | - |
| hp | envy_photo_6220_k7g21b | - |
| hp | envy_5664_f8b08a | - |
| hp | deskjet_ink_advantage_3548_a9t81b | - |
| hp | 5660_f8b04a | - |
| hp | hp_envy_4523_j6u60b | - |
| w1.fi | hostapd | * |
| hp | envy_5000_z4a74a | - |
| epson | xp-4105 | - |
| hp | officejet_4655_k9v79a | - |
| hp | envy_7645_e4w44a | - |
| microsoft | windows_10 | - |
| hp | hp_deskjet_ink_advantage_4675_f1h97c | - |
| hp | officejet_4652_f1j02a | - |
| hp | envy_100_cn517c | - |
| epson | xp-960 | - |
| hp | envy_5643_b9s63a | - |
| hp | envy_photo_6222_y0k14d | - |
| hp | envy_4525_k9t09b | - |
| hp | envy_5531 | - |
| hp | hp_envy_4520_e6g67b | - |
| hp | envy_4521_k9t10b | - |
| hp | envy_4527_j6u61b | - |
| hp | hp_envy_4524_f0v71b | - |
| hp | envy_5540_g0v47a | - |
| hp | envy_4524_f0v71b | - |
| hp | deskjet_ink_advantage_4675_f1h97c | - |
| hp | hp_deskjet_ink_advantage_4538_f0v66b | - |
| hp | deskjet_ink_advantage_3456_a9t84c | - |
| hp | envy_photo_7100_z3m37a | - |
| hp | officejet_4654_f1j07b | - |
| hp | envy_5540_g0v52a | - |
| hp | envy_5530 | - |
| hp | envy_5642_b9s64a | - |
| hp | envy_pro_6420_5se46a | - |
| hp | hp_envy_4528_k9t08b | - |
| hp | envy_110_cq809d | - |
| asus | rt-n11 | - |
| zyxel | amg1202-t10b | - |
| debian | debian_linux | 10.0 |
| hp | deskjet_ink_advantage_3545_a9t81a | - |
| hp | envy_photo_6200_k7s21b | - |
| hp | envy_4512_k9h49a | - |
| hp | deskjet_ink_advantage_4535_f0v64a | - |
| hp | hp_deskjet_ink_advantage_4675_f1h97a | - |
| hp | hp_officejet_4650_f1h96b | - |
| hp | hp_envy_4521_k9t10b | - |
| debian | debian_linux | 9.0 |
| hp | envy_5640_b9s56a | - |
| fedoraproject | fedora | 32 |
| hp | envy_4520_e6g67a | - |
| hp | envy_5000_m2u91a | - |
| hp | envy_photo_6232_k7g26b | - |
| epson | xp-970 | - |
| hp | deskjet_ink_advantage_4675_f1h97b | - |
| hp | envy_120_cz022a | - |
| hp | officejet_4652_f1j05b | - |
| hp | hp_envy_4520_f0v63a | - |
| hp | officejet_4650_f1h96b | - |
| hp | envy_114_cq811a | - |
| hp | hp_deskjet_ink_advantage_4676_f1h98a | - |
| hp | envy_pro_6420_5se45b | - |
| hp | envy_4502_a9t85a | - |
| hp | envy_5534 | - |
| hp | deskjet_ink_advantage_4535_f0v64b | - |
| hp | hp_envy_4516_k9h52a | - |
| hp | envy_photo_6200_y0k13d_ | - |
| hp | envy_5532 | - |
| epson | xp-100 | - |
| hp | envy_4504_c8d04a | - |
| hp | envy_photo_6200_k7g18a | - |
| hp | envy_5547_j6u64a | - |
| hp | officejet_4655_k9v82b | - |
| hp | envy_5546_k7c90a | - |
| hp | hp_envy_4527_j6u61b | - |
| hp | envy_4520_f0v69a | - |
| hp | envy_pro_6455_5se45a | - |
| hp | hp_officejet_4652_k9v84b | - |
| hp | envy_4516_k9h52a | - |
| hp | hp_officejet_4655_k9v82b | - |
| hp | officejet_4650_e6g87a | - |
| huawei | hg255s | - |
| hp | deskjet_ink_advantage_4515 | - |
| hp | envy_5544_k7c93a | - |
| hp | envy_photo_6222_y0k13d | - |
| epson | xp-8600 | - |
| hp | envy_4500_d3p93a | - |
| hp | envy_120_cz022b | - |
| hp | envy_5665_f8b06a | - |
| hp | deskjet_ink_advantage_4518 | - |
| epson | xp-241 | - |
| cisco | wap150 | - |
| hp | envy_6020_6wd35a | - |
| epson | ep-101 | - |
| hp | deskjet_ink_advantage_5575_g0v48b | - |
| hp | hp_officejet_4656_k9v81b | - |
| hp | envy_100_cn517a | - |
| hp | envy_4526_k9t05b | - |
| hp | envy_5539 | - |
| hp | hp_deskjet_ink_advantage_4678_f1h99b | - |
| hp | envy_5000_m2u94b | - |
| hp | envy_4500_a9t80b | - |
| hp | hp_officejet_4652_f1j02a | - |
| hp | hp_deskjet_ink_advantage_4536_f0v65a | - |
| hp | envy_4502_a9t87b | - |
| hp | envy_4507_e6g70b | - |
| hp | envy_4503_e6g71b | - |
| hp | envy_6020_5se16b | - |
| hp | hp_deskjet_ink_advantage_4535_f0v64a | - |
| hp | envy_5540_f2e72a | - |
| hp | envy_photo_7822_y0g42d | - |
| hp | envy_6020_7cz37a | - |
| hp | envy_4504_a9t88b | - |
| hp | 5034_z4a74a | - |
| hp | envy_photo_6234_k7s21b | - |
| hp | envy_photo_6230_k7g25b | - |
| epson | xp-8500 | - |
| hp | officejet_4650_f1h96a | - |
| hp | hp_officejet_4658_v6d30b | - |
| huawei | hg532e | - |
| broadcom | adsl | - |
| hp | envy_4513_k9h51a | - |
| hp | envy_5545_g0v50a | - |
| hp | deskjet_ink_advantage_4535_f0v64c | - |
| hp | envy_5540_g0v51a | - |
| microsoft | xbox_one | 10.0.19041.2494 |
| hp | envy_6020_5se17a | - |
| hp | envy_100_cn517b | - |
| netgear | wnhde111 | - |
| hp | envy_110_cq809b | - |
| hp | envy_photo_7100_k7g93a | - |
| hp | hp_envy_4524_k9t01a | - |
| hp | envy_photo_6220_k7g20d | - |
| hp | envy_photo_7830_y0g50b | - |
| hp | envy_114_cq811b | - |
| hp | envy_6540_b9s59a | - |
The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pro_x2_612_g2_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | elitebook_revolve_810_g3_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | elitebook_folio_1040_g3_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | elitebook_revolve_810_g2_firmware | * |
A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote operatoronlinelist_content privilege escalation vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote accessmgrservlet classname input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A accessmgrservlet classname deserialization of untrusted data remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A remote bytemessageresource transformentity" input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A legend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A syslogtempletselectwin expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A addvsiinterfaceinfo expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pagewide_pro_477dn_d3q19b_firmware | * |
| hp | officejet_4656_k9v81b_firmware | * |
| hp | pagewide_pro_577dw_d3q21b_firmware | * |
| hp | officejet_pro_8716_j6x81a_firmware | * |
| hp | officejet_pro_6970_t0f34a_firmware | * |
| hp | officejet_pro_8710_j6x79a_firmware | * |
| hp | officejet_pro_6830c_l3l04a_firmware | * |
| hp | officejet_pro_8715_k7s37a_firmware | * |
| hp | officejet_6960_j7k39a_firmware | * |
| hp | pagewide_pro_477dw_d3q20a_firmware | * |
| hp | officejet_pro_6960_j7k35a_firmware | * |
| hp | pagewide_managed_p52750dw_j9v78b_firmware | * |
| hp | officejet_6960_t0f32a_firmware | * |
| hp | officejet_pro_8725_j7a31a_firmware | * |
| hp | officejet_pro_8717_m9l65a_firmware | * |
| hp | officejet_pro_8744_k7s39a_firmware | * |
| hp | officejet_5742_f8b11a_firmware | * |
| hp | officejet_4658_v6d30b_firmware | * |
| hp | officejet_pro_6960_j7k39a_firmware | * |
| hp | pagewide_managed_p57750dw_9v82a_firmware | * |
| hp | officejet_6835_t6t84a_firmware | * |
| hp | officejet_6960_j7k33a_firmware | * |
| hp | officejet_pro_8718_t0g48a_firmware | * |
| hp | officejet_6960_j7k38a_firmware | * |
| hp | officejet_4650_f1h96a_firmware | * |
| hp | officejet_7510_g3j47a_firmware | * |
| hp | officejet_pro_8746_k7s40a_firmware | * |
| hp | officejet_5740_b9s78a_firmware | * |
| hp | officejet_5742_b9s84a_firmware | * |
| hp | officejet_5745_b9s80a_firmware | * |
| hp | officejet_pro_6960_t0f31a_firmware | * |
| hp | officejet_4654_f1j06b_firmware | * |
| hp | officejet_pro_6960_t0f28a_firmware | * |
| hp | officejet_4655_f1j00a_firmware | * |
| hp | officejet_pro_6970_t0f37a_firmware | * |
| hp | officejet_pro_8715_j6x78a_firmware | * |
| hp | officejet_pro_8728_t0g54a_firmware | * |
| hp | pagewide_pro_477dw_d3q20c_firmware | * |
| hp | officejet_6950_p4c81a_firmware | * |
| hp | officejet_5740_b9s79a_firmware | * |
| hp | officejet_4652_k9v84b_firmware | * |
| hp | officejet_pro_6960_t0g26a_firmware | * |
| hp | officejet_6950_p4c84a_firmware | * |
| hp | officejet_pro_8732m_t0g58a_firmware | * |
| hp | officejet_6960_j7k35a_firmware | * |
| hp | pagewide_pro_577dw_d3q21d_firmware | * |
| hp | officejet_6960_t0f30a_firmware | * |
| hp | officejet_5743_f8b10a_firmware | * |
| hp | pagewide_managed_p57750dw_j9v82b_firmware | * |
| hp | officejet_pro_6960_j7k37a_firmware | * |
| hp | officejet_6960_t0g25a_firmware | * |
| hp | officejet_pro_8710_d9l18a_firmware | * |
| hp | officejet_4657_v6d27b_firmware | * |
| hp | officejet_5744_b9s85a_firmware | * |
| hp | officejet_250c_l9d57a_firmware | * |
| hp | officejet_6960_t0g26a_firmware | * |
| hp | officejet_pro_873_d9l20a_firmware | * |
| hp | officejet_pro_6960_j7k33a_firmware | * |
| hp | officejet_4657_v6d29b_firmware | * |
| hp | pagewide_managed_p57750dw_j9v82c_firmware | * |
| hp | officejet_4652_f1j02a_firmware | * |
| hp | officejet_4652_f1j05b_firmware | * |
| hp | officejet_4654_f1j07b_firmware | * |
| hp | officejet_5742_b9s81a_firmware | * |
| hp | officejet_pro_8718_t0g47a_firmware | * |
| hp | officejet_pro_7745_t1p99a_firmware | * |
| hp | pagewide_pro_477dw_w2z53b_firmware | * |
| hp | officejet_6950_p4c86a_firmware | * |
| hp | officejet_pro_8710_m9l66a_firmware | * |
| hp | officejet_pro_6960_t0f32a_firmware | * |
| hp | officejet_258_n4l17a_firmware | * |
| hp | officejet_pro_8715_j6x76a_firmware | * |
| hp | pagewide_pro_477dn_d3q19a_firmware | * |
| hp | officejet_pro_6960_t0f38a_firmware | * |
| hp | officejet_pro_6960_j7k38a_firmware | * |
| hp | officejet_4650_e6g87a_firmware | * |
| hp | officejet_6960_t0f38a_firmware | * |
| hp | officejet_pro_8720_k7s35a_firmware | * |
| hp | officejet_4650_f9d37a_firmware | * |
| hp | pagewide_pro_477dw_d3q20d_firmware | * |
| hp | officejet_5741_b9s83a_firmware | * |
| hp | officejet_pro_8732m_t0g59a_firmware | * |
| hp | officejet_6960_t0f36a_firmware | * |
| hp | officejet_pro_6960_t0f30a_firmware | * |
| hp | officejet_pro_8725_m9l80a_firmware | * |
| hp | officejet_6950_p4c82a_firmware | * |
| hp | officejet_pro_8717_k7s38a_firmware | * |
| hp | officejet_pro_6970_t0f39a_firmware | * |
| hp | officejet_5746_t1p36a_firmware | * |
| hp | officejet_pro_6970_j7k41a_firmware | * |
| hp | officejet_5740_b9s76a_firmware | * |
| hp | officejet_4650_f1j03a_firmware | * |
| hp | officejet_4658_v6d28b_firmware | * |
| hp | officejet_pro_6970_t0f40a_firmware | * |
| hp | officejet_pro_6960_t0f36a_firmware | * |
| hp | officejet_pro_8732m_t0g56a_firmware | * |
| hp | officejet_pro_8720_d9l19a_firmware | * |
| hp | pagewide_pro_577dw_d3q21a_firmware | * |
| hp | officejet_6950_p4c85a_firmware | * |
| hp | officejet_pro_8720_k7s36a_firmware | * |
| hp | officejet_pro_8715_m9l70a_firmware | * |
| hp | pagewide_377dw_j9v80b_firmware | * |
| hp | officejet_pro_8732m_t0g57a_firmware | * |
| hp | pagewide_pro_577dw_d3q21c_firmware | * |
| hp | pagewide_pro_477dw_d3q20b_firmware | * |
| hp | officejet_pro_6970_t0f33a_firmware | * |
| hp | officejet_pro_8715_j6x80a_firmware | * |
| hp | officejet_250_cz992a_firmware | * |
| hp | officejet_pro_8719_t0g49a_firmware | * |
| hp | officejet_6950_t3p03a_firmware | * |
| hp | officejet_pro_8727_j7a29a_firmware | * |
| hp | officejet_pro_8740_d9l21a_firmware | * |
| hp | officejet_pro_8720_m9l74a_firmware | * |
| hp | pagewide_377dw_j9v80a_firmware | * |
| hp | officejet_252c_n4l18c_firmware | * |
| hp | officejet_pro_8725_k7s34a_firmware | * |
| hp | officejet_pro_8725_j7a28a_firmware | * |
| hp | officejet_pro_8747_k7s41a_firmware | * |
| hp | officejet_pro_6960_t0g25a_firmware | * |
| hp | officejet_252_n4l16c_firmware | * |
| hp | officejet_4654_k9v76a_firmware | * |
| hp | officejet_6950_p4c78a_firmware | * |
| hp | officejet_7512_k1z44a_firmware | * |
| hp | officejet_pro_8720_m9l75a_firmware | * |
| hp | pagewide_pro_477dn_d3q19d_firmware | * |
| hp | officejet_pro_6970_j7k36a_firmware | * |
| hp | officejet_pro_6835_j2d37a_firmware | * |
| hp | officejet_pro_6830_e3e02a_firmware | * |
| hp | officejet_pro_8710_m9l67a_firmware | * |
| hp | officejet_pro_6970_j7k34a_firmware | * |
| hp | officejet_pro_6970_j7k40a_firmware | * |
| hp | officejet_pro_8745_k7s43a_firmware | * |
| hp | officejet_pro_8716_j6x77a_firmware | * |
| hp | officejet_pro_8740_k7s42a_firmware | * |
| hp | officejet_pro_8712_t0g46a_firmware | * |
| hp | officejet_6960_t0f31a_firmware | * |
| hp | officejet_pro_6970_t0f29a_firmware | * |
| hp | officejet_pro_6830_m0f56a_firmware | * |
| hp | officejet_pro_8745_j6x83a_firmware | * |
| hp | officejet_4650_k9v85b_firmware | * |
| hp | officejet_4655_k9v82b_firmware | * |
| hp | officejet_4650_f1h96b_firmware | * |
| hp | officejet_4650_f1j04a_firmware | * |
| hp | officejet_5746_f8b09a_firmware | * |
| hp | officejet_6960_t0f28a_firmware | * |
| hp | officejet_6960_j7k37a_firmware | * |
| hp | officejet_pro_7740_g5j38a_firmware | * |
| hp | officejet_pro_6970_t0f35a_firmware | * |
| hp | officejet_pro_6970_j7k42a_firmware | * |
| hp | officejet_4650_k9v77a_firmware | * |
| hp | officejet_pro_8720_m9l76a_firmware | * |
| hp | officejet_4651_k9v83b_firmware | * |
| hp | officejet_pro_8743_t0g65a_firmware | * |
| hp | officejet_5744_b9s82a_firmware | * |
| hp | pagewide_managed_p57750dw_j9v82d_firmware | * |
During installation with certain driver software or application packages an arbitrary code execution could occur.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | color_laserjet_pro_m255_firmware | * |
| hp | laserjet_p1600_firmware | * |
| hp | pagewide_color_755_firmware | * |
| hp | laserjet_managed_m605_firmware | * |
| hp | color_laserjet_enterprise_m552_firmware | * |
| hp | laserjet_pro_cm1415_mfp_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e58650z_firmware | * |
| hp | laserjet_enterprise_m4555_mfp_firmware | * |
| hp | color_laserjet_pro_mfp_m176_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e62675_firmware | * |
| hp | color_laserjet_managed_mfp_e67650_firmware | * |
| hp | pagewide_managed_color_p75250_firmware | * |
| hp | laserjet_enterprise_m606_firmware | * |
| hp | officejet_pro_7720_wide_format_firmware | * |
| hp | color_laserjet_pro_mfp_m282_firmware | * |
| hp | color_laserjet_enterprise_m855_firmware | * |
| hp | deskjet_3790_firmware | * |
| hp | laserjet_pro_300_color_mfp_m375_firmware | * |
| hp | officejet_managed_color_mfp_x585_firmware | * |
| hp | color_laserjet_pro_mfp_m477_firmware | * |
| hp | color_laserjet_pro_mfp_m183_firmware | - |
| hp | laserjet_pro_400_m401_firmware | * |
| hp | pagewide_managed_color_e55650_firmware | * |
| hp | deskjet_3630_firmware | * |
| hp | laserjet_pro_cp1525_firmware | * |
| hp | laserjet_enterprise_mfp_m527_firmware | * |
| hp | laserjet_pro_mfp_m126_firmware | * |
| hp | laserjet_managed_flow_mfp_m527z_firmware | * |
| hp | laserjet_pro_m118_firmware | * |
| hp | color_laserjet_pro_m156_firmware | * |
| hp | officejet_enterprise_color_mfp_x585_firmware | * |
| hp | laserjet_pro_300_color_mfp_printer_m351_firmware | * |
| hp | color_laserjet_managed_mfp_m775_firmware | * |
| hp | deskjet_3700_firmware | * |
| hp | laserjet_enterprise_600_m603 | * |
| hp | laserjet_managed_flow_mfp_m525_firmware | * |
| hp | color_laserjet_enterprise_m750_firmware | * |
| hp | color_laserjet_pro_mfp_m180_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m680_firmware | * |
| hp | color_laserjet_pro_m252dw_firmware | * |
| hp | smart_tank_plus_650_wireless_firmware | - |
| hp | neverstop_laser_1020_firmware | * |
| hp | laserjet_pro_m225_firmware | * |
| hp | pagewide_enterprise_color_flow_mfp_785_firmware | * |
| hp | smart_tank_plus_550_wireless_firmware | * |
| hp | color_laserjet_pro_mfp_m181_firmware | * |
| hp | color_laserjet_managed_m651_firmware | * |
| hp | laserjet_managed_mfp_m725_firmware | * |
| hp | laserjet_pro_400_color_mfp_m475_firmware | * |
| hp | color_laserjet_managed_flow_mfp_m680_firmware | * |
| hp | laserjet_pro_mfp_m426_firmware | * |
| hp | laserjet_pro_mfp_m149_firmware | * |
| hp | laserjet_pro_mfp_m127_firmware | * |
| hp | color_laserjet_enterprise_mfp_m480 | * |
| hp | laserjet_enterprise_color_flow_mfp_m575_firmware | * |
| hp | deskjet_plus_ink_advantage_6400_firmware | * |
| hp | laserjet_pro_mfp_m29_firmware | * |
| hp | envy_5000_firmware | * |
| hp | laserjet_enterprise_m604_firmware | * |
| hp | laserjet_pro_m435_mfp_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e67560_firmware | * |
| hp | deskjet_ink_advantage_3830_firmware | * |
| hp | laserjet_enterprise_700_color_mfp_m775_firmware | * |
| hp | deskjet_ink_advantage_2700_firmware | * |
| hp | laserjet_ultra_mfp_m230_firmware | * |
| hp | color_laserjet_pro_mfp_m277dw_firmware | * |
| hp | pagewide_managed_color_mfp_e58650dn_firmware | * |
| hp | color_laserjet_pro_mfp_m182_firmware | * |
| hp | color_laserjet_pro_mfp_m283_firmware | * |
| hp | laserjet_enterprise_mfp_m630_firmware | * |
| hp | envy_photo_7100_firmware | * |
| hp | color_laserjet_managed_mfp_e77422 | * |
| hp | laserjet_enterprise_flow_mfp_m525_firmware | * |
| hp | color_laserjet_pro_mfp_m281_firmware | * |
| hp | laserjet_pro_m403_firmware | * |
| hp | color_laserjet_managed_mfp_e67560_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m630_firmware | * |
| hp | officejet_8010_firmware | * |
| hp | deskjet_ink_advantage_3700_firmware | * |
| hp | laserjet_pro_mfp_m427_firmware | * |
| hp | officejet_pro_9020_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e67550_firmware | * |
| hp | color_laserjet_managed_mfp_e77428 | * |
| hp | color_laserjet_pro_mfp_m274n_firmware | * |
| hp | pagewide_managed_color_mfp_p77960_firmware | * |
| hp | laserjet_enterprise_mfp_m725_firmware | * |
| hp | laserjet_enterprise_m407_firmware | * |
| hp | deskjet_ink_advantage_ultra_5730_firmware | * |
| hp | laserjet_managed_flow_mfp_m830_firmware | * |
| hp | smart_tank_355_firmware | * |
| hp | color_laserjet_pro_m452nw_firmware | * |
| hp | laserjet_pro_400_n404dw_firmware | * |
| hp | laserjet_pro_m17_firmware | * |
| hp | ink_tank_wireless_410_firmware | * |
| hp | laserjet_pro_200_color_m251_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m830_firmware | * |
| hp | officejet_pro_8210_firmware | * |
| hp | color_laserjet_pro_mfp_m177_firmware | * |
| hp | laserjet_managed_flow_mfp_e52545c_firmware | * |
| hp | laserjet_enterprise_m605_firmware | * |
| hp | officejet_enterprise_color_x555_firmware | * |
| hp | laserjet_enterprise_m806_firmware | * |
| hp | laserjet_managed_mfp_e72425_firmware | * |
| hp | laserjet_pro_mfp_m132_firmware | * |
| hp | laserjet_enterprise_600_m601_firmware | * |
| hp | pagewide_enterprise_color_mpf_780dn_firmware | - |
| hp | laserjet_pro_m402_firmware | * |
| hp | _laserjet_managed_mfp_e62665_firmware | * |
| hp | laserjet_enterprise_500_color_m551_firmware | * |
| hp | laserjet_enterprise_flow_mfp_m527z_firmware | * |
| hp | color_laserjet_pro_mfp_m277n_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m577_firmware | * |
| hp | envy_6000_firmware | * |
| hp | laserjet_pro_m203_firmware | * |
| hp | color_laserjet_managed_flow_mfp_m880zm_firmware | * |
| hp | smart_tank_wireless_450_firmware | * |
| hp | color_laserjet_enterprise_m651_firmware | * |
| hp | color_laserjet_pro_m452dn_firmware | * |
| hp | laserjet_pro_m15_firmware | * |
| hp | laserjet_enterprise_500_mfp_m525f_firmware | * |
| hp | officejet_pro_7730_wide_format_firmware | * |
| hp | color_laserjet_enterprise_m856_firmware | * |
| hp | officejet_3830_firmware | * |
| hp | laserjet_managed_flow_mfp_e62575_firmware | * |
| hp | laserjet_enterprise_600_m601 | - |
| hp | laserjet_pro_m16_firmware | * |
| hp | deskjet_3755_firmware | * |
| hp | laserjet_managed_500_mfp_m525_firmware | * |
| hp | deskjet_2700_firmware | * |
| hp | laserjet_managed_mfp_m527_firmware | * |
| hp | officejet_8022_firmware | * |
| hp | color_laserjet_enterprise_m553_firmware | * |
| hp | deskjet_ink_advantage_2600_firmware | * |
| hp | laserjet_pro_m202_firmware | * |
| hp | laserjet_enterprise_managed_e42540_firmware | * |
| hp | deskjet_ink_advantage_5000_firmware | * |
| hp | color_laserjet_pro_mfp_m377_firmware | * |
| hp | color_laserjet_managed_e75245_firmware | * |
| hp | laserjet_pro_m206_firmware | * |
| hp | laserjet_pro_m1536_mfp_firmware | * |
| hp | laserjet_pro_mfp_m134_firmware | * |
| hp | deskjet_plus_ink_advantage_6000_firmware | * |
| hp | laserjet_managed_flow_mfp_m630_firmware | * |
| hp | laserjet_enterprise_m406_firmware | * |
| hp | envy_pro_6400_firmware | * |
| hp | color_laserjet_pro_m154_firmware | * |
| hp | laserjet_enterprise_700_m712_firmware | * |
| hp | officejet_pro_8020_firmware | * |
| hp | laserjet_pro_mfp_m226_firmware | * |
| hp | smart_tank_510_wireless_firmware | * |
| hp | laserjet_pro_mfp_m227_firmware | * |
| hp | laserjet_managed_mfp_e62555_firmware | * |
| hp | laserjet_pro_m201_firmware | * |
| hp | laserjet_managed_m506_firmware | * |
| hp | laserjet_pro_400_mfp_m425_firmware | * |
| hp | color_laserjet_managed_mfp_e67550_firmware | * |
| hp | laserjet_pro_400_color_m451_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m880z_firmware | * |
| hp | laserjet_enterprise_m609_firmware | * |
| hp | color_laserjet_managed_mfp_e62655_firmware | * |
| hp | laserjet_pro_mfp_m31 | * |
| hp | pagewide_enterprise_color_mfp_586_firmware | * |
| hp | laserjet_managed_flow_mfp_e62555_firmware | * |
| hp | pagewide_enterprise_color_flow_mfp_586z_firmware | * |
| hp | officejet_6960_firmware | * |
| hp | color_laserjet_pro_m155_firmware | * |
| hp | ink_tank_310_firmware | * |
| hp | color_laserjet_pro_mfp_m476_firmware | * |
| hp | pagewide_managed_color_mfp_p77940_firmware | * |
| hp | color_laserjet_enterprise_mfp_m577_firmware | * |
| hp | color_laserjet_pro_mfp_m280_firmware | * |
| hp | laserjet_enterprise_m506_firmware | * |
| hp | color_laserjet_cm4540_mfp_firmware | * |
| hp | color_laserjet_enterprise_m455_firmware | * |
| hp | laserjet_p1100_firmware | * |
| hp | smart_tank_610_wireless_firmware | * |
| hp | laserjet_managed_flow_mfp_e62565_firmware | * |
| hp | laserjet_enterprise_600_m602_firmware | * |
| hp | laserjet_managed_mfp_e62565_firmware | * |
| hp | color_laserjet_managed_mfp_m680_firmware | * |
| hp | color_laserjet_pro_m452dw_firmware | * |
| hp | pagewide_enterprise_color_556_firmware | * |
| hp | pagewide_managed_color_e75160_firmware | * |
| hp | color_laserjet_enterprise_mfp_m680_firmware | * |
| hp | laserjet_pro_m521_mfp_firmware | * |
| hp | neverstop_laser_1200a_firmware | * |
| hp | laserjet_pro_mfp_m128_firmware | * |
| hp | laserjet_enterprise_500_color_mfp_m575_firmware | * |
| hp | laserjet_p1560_firmware | * |
| hp | laserjet_pro_m226_firmware | * |
| hp | laserjet_pro_mfp_m225_firmware | * |
| hp | neverstop_laser_1000_firmware | * |
| hp | laserjet_pro_mfp_m148_firmware | * |
| hp | pagewide_enterprise_color_flow_mfp_780f_firmware | * |
| hp | laserjet_pro_200_color_m276_firmware | * |
| hp | color_laserjet_managed_e85055_firmware | * |
| hp | officejet_6950_firmware | * |
| hp | laserjet_pro_mfp_m125_firmware | * |
| hp | deskjet_2600_firmware | * |
| hp | laserjet_managed_mfp_m630_firmware | * |
| hp | laserjet_enterprise_m608_firmware | * |
| hp | color_laserjet_managed_e45028_firmware | * |
| hp | laserjet_100_color_mfp_m175nw_firmware | * |
| hp | laserjet_enterprise_mfp_m528_firmware | * |
| hp | laserjet_enterprise_m607_firmware | * |
| hp | pagewide_managed_color_mfp_p77950_firmware | * |
| hp | color_laserjet_managed_m553_firmware | * |
| hp | deskjet_plus_4100_firmware | * |
| hp | laserjet_managed_mfp_e52545_firmware | * |
| hp | laserjet_pro_m501_firmware | * |
| hp | color_laserjet_pro_m252n_firmware | * |
| hp | laserjet_pro_mfp_m130_firmware | * |
| hp | envy_photo_7800_firmware | * |
| hp | laserjet_pro_500_color_mfp_m570_firmware | * |
| hp | officejet_pro_9010_firmware | * |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
HP Print and Scan Doctor may potentially be vulnerable to local elevation of privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | print_and_scan_doctor | * |
HPE OneView Global Dashboard (OVGD) 1.9 has a remote information disclosure vulnerability. HPE OneView Global Dashboard - After Upgrade or Install of OVGD Version 1.9, Appliance Firewall May Leave Ports Open. This is resolved in OVGD 1.91 or later.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview_global_dashboard | 1.9 |
This document describes a security vulnerability in Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity products. All J/H-series NonStop systems have a security vulnerability associated with an open UDP port 17185 on the Maintenance LAN which could result in information disclosure, denial-of-service attacks or local memory corruption against the affected system and a complete control of the system may also be possible. This vulnerability exists only if one gains access to the Maintenance LAN to which Blade Maintenance Entity, Integrated Maintenance Entity or Maintenance Entity product is connected. **Workaround:** Block the UDP port 17185(In the Maintenance LAN Network Switch/Firewall). Fix: Install following SPRs, which are already available: * T1805A01^AAI (Integrated Maintenance Entity) * T4805A01^AAZ (Blade Maintenance Entity). These SPRs are also usable with the following RVUs: * J06.19.00 ? J06.23.01. No fix planned for the following RVUs: J06.04.00 ? J06.18.01. No fix planned for H-Series NonStop systems. No fix planned for the product T2805 (Maintenance Entity).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H | 2.3 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | maintenance_entity | * |
| hp | blade_maintenance_entity | * |
| hp | integrated_maintenance_entity | * |
A potential security vulnerability has been identified in HPE Onboard Administrator. The vulnerability could be remotely exploited to allow Reflected Cross Site Scripting. HPE has made the following software updates and mitigation information to resolve the vulnerability in HPE Onboard Administrator. * OA 4.95 (Linux and Windows).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | onboard_administrator | 4.85 |
A unauthorized remote access vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hpe_iot_+_gcp | 1.2.4.2 |
| hp | hpe_iot_+_gcp | 1.4.0 |
| hp | hpe_iot_+_gcp | 1.4.1 |
| hp | hpe_iot_+_gcp | 1.4.2 |
A remote access to sensitive data vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hpe_iot_+_gcp | 1.2.4.2 |
| hp | hpe_iot_+_gcp | 1.4.0 |
| hp | hpe_iot_+_gcp | 1.4.1 |
| hp | hpe_iot_+_gcp | 1.4.2 |
A potential security vulnerability has been identified in the disk drive firmware installers named Supplemental Update / Online ROM Flash Component on HPE servers running Linux. The vulnerable software is included in the HPE Service Pack for ProLiant (SPP) releases 2018.06.0, 2018.09.0, and 2018.11.0. The vulnerable software is the Supplemental Update / Online ROM Flash Component for Linux (x64) software. The installer in this software component could be locally exploited to execute arbitrary code. Drive Models can be found in the Vulnerability Resolution field of the security bulletin. The 2019_03 SPP and Supplemental update / Online ROM Flash Component for Linux (x64) after 2019.03.0 has fixed this issue.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | service_pack_for_proliant | 2018.09.0 |
| hp | service_pack_for_proliant | 2019.03.0 |
| hp | service_pack_for_proliant | 2018.11.0 |
| hp | service_pack_for_proliant | 2018.06.0 |
A security vulnerability in HPE IceWall SSO Dfw and Dgfw (Domain Gateway Option) could be exploited remotely to cause a remote cross-site scripting (XSS). HPE has provided the following information to resolve this vulnerability in HPE IceWall SSO DFW and Dgfw: https://www.hpe.com/jp/icewall_patchaccess
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_sso_dgfw | 11.0 |
| hp | icewall_sso_dfw | 11.0 |
A adddevicetoview expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A eventinfo_content expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A faultdevparasset expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A comparefilesresult expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A chooseperfview expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A devgroupselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A deployselectbootrom expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A deployselectsoftware expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A faultstatchoosefaulttype expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A faulttrapgroupselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A faultparasset expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A iccselectdevtype expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A ifviewselectpage expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A select expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A faultinfo_content expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A selviewnavcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A perfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A customtemplateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A iccselectdeviceseries expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A reporttaskselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A operatorgroupselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A navigationto expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A operationselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A iccselectcommand expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A operatorgrouptreeselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A quicktemplateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A selectusergroup expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A select expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A guidatadetail expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A templateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A actionselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A soapconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A iccselectdymicparam expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A viewtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A wmiconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A mediaforaction expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A thirdpartyperfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A ictexpertdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A smsrulesdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A sshconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A forwardredirect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A tvxlanlegend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A powershellconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A reportpage index expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A userselectpagingcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A faultflasheventselectfact expression language injectionremote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A deviceselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A devsoftsel expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A devicethresholdconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
A iccselectrules expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-917,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | intelligent_management_center | 7.3 |
| hp | intelligent_management_center | * |
The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the url "/bdswebui/assignusers/".
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | bluedata_epic | * |
| hp | ezmeral_container_platform | 5.0 |
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* Upgrade to HPE 3PAR StoreServ Management Console 3.7.1.1 or later.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storeserv_management_console | * |
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to version 5.5 of OneView, Composer, or Composer2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | 5.4 |
| hp | synergy_composer | 5.3 |
| hp | synergy_composer | 5.00.01 |
| hp | synergy_composer_2 | 5.0 |
| hp | synergy_composer_2 | 5.00.02 |
| hp | oneview | 5.3 |
| hp | synergy_composer | 5.4 |
| hp | synergy_composer | 5.0 |
| hp | synergy_composer_2 | 5.3 |
| hp | oneview | 5.2 |
| hp | oneview | 5.0 |
| hp | oneview | 5.00.02 |
| hp | synergy_composer | 5.00.02 |
| hp | synergy_composer_2 | 5.00.01 |
| hp | synergy_composer_2 | 5.2 |
| hp | synergy_composer | 5.2 |
| hp | oneview | 5.00.01 |
| hp | oneview | 5.20.01 |
| hp | synergy_composer_2 | 5.20.01 |
| hp | synergy_composer | 5.20.01 |
| hp | synergy_composer_2 | 5.4 |
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | edgeline_infrastructure_manager | * |
A potential security vulnerability has been identified in HPE Systems Insight Manager (SIM) version 7.6. The vulnerability could be exploited to allow remote code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | systems_insight_manager | 7.6 |
A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders. The vulnerability could be remotely exploited to allow Cross-site Request Forgery (CSRF).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storeever_msl2024_firmware | * |
| hp | storeever_1/8_g2_tape_autoloader_firmware | * |
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose the serial number and other information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
A potential security vulnerability has been identified in HPE iLO Amplifier Pack server version 1.70. The vulnerability could be exploited to allow remote code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ilo_amplifier_pack | 1.70 |
HP nagios plugin for iLO (nagios-plugins-hpilo v1.50 and earlier) has a php code injection vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nagios-plugins-hpilo | * |
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will not address this issue in the impacted Gen 10 servers listed. HPE recommends using appropriate physical security methods as a compensating control to disallow an attacker from having physical access to the server main circuit board.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | synergy_480_gen10_firmware | - |
| hp | synergy_660_gen10_firmware | - |
| hp | proliant_xl170r_gen10_firmware | - |
| hp | proliant_bl460c_gen10_firmware | - |
| hp | apollo_4500_firmware | - |
| hp | proliant_dl380_gen10_firmware | - |
| hp | proliant_dl580_gen10_firmware | - |
| hp | proliant_ml110_gen10_firmware | - |
| hp | proliant_e910_firmware | - |
| hp | apollo_4200_gen10_firmware | - |
| hp | proliant_dl360_gen10_firmware | - |
| hp | proliant_dl180_gen10_firmware | - |
| hp | proliant_dl560_gen10_firmware | - |
| hp | proliant_xl230k_gen10_firmware | - |
| hp | proliant_xl270d_gen10_firmware | - |
| hp | proliant_ml350_gen10_firmware | - |
| hp | apollo_2000_firmware | - |
| hp | proliant_dl120_gen10_firmware | - |
| hp | proliant_dl160_gen10_firmware | - |
| hp | proliant_xl190r_gen10_firmware | - |
| hp | proliant_xl450_gen10_firmware | - |
LinuxKI v6.0-1 and earlier is vulnerable to an XSS which is resolved in release 6.0-2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linuxki | * |
LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linuxki | * |
A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500 chassis. This vulnerability could be remotely exploited by an unauthenticated user to cause a stack based buffer overflow using user supplied input to the `khuploadfile.cgi` CGI ELF. The stack based buffer overflow could lead to Remote Code Execution, Denial of Service, and/or compromise system integrity. **Note:** HPE recommends that customers discontinue the use of the HPE Moonshot Provisioning Manager. The HPE Moonshot Provisioning Manager application is discontinued, no longer supported, is not available to download from the HPE Support Center, and no patch is available.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | moonshot_provisioning_manager | 1.20 |
A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500 chassis. This vulnerability could be remotely exploited by an unauthenticated user to cause a directory traversal in user supplied input to the `khuploadfile.cgi` CGI ELF. The directory traversal could lead to Remote Code Execution, Denial of Service, and/or compromise system integrity. **Note:** HPE recommends that customers discontinue the use of the HPE Moonshot Provisioning Manager. The HPE Moonshot Provisioning Manager application is discontinued, no longer supported, is not available to download from the HPE Support Center, and no patch is available.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | moonshot_provisioning_manager | 1.20 |
A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | icewall_sso_dgfw | 11.0 |
| hp | icewall_sso_dgfw | 10.0 |
A potential security vulnerability was identified in HPE iLO Amplifier Pack. The vulnerabilities could be remotely exploited to allow remote code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ilo_amplifier_pack | * |
A security vulnerability in HPE OneView for VMware vCenter (OV4VC) could be exploited remotely to allow Cross-Site Scripting. HPE has released the following software update to resolve the vulnerability in HPE OneView for VMware vCenter (OV4VC).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview_for_vmware_vcenter | * |
A potential security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to disclose sensitive information. HPE has made software updates available to resolve the vulnerability in the HPE Edgeline Infrastructure Manager (EIM).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | edgeline_infrastructure_management | * |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration. HPE has released a software update to resolve the vulnerability in the HPE Edgeline Infrastructure Manager.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-306,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | edgeline_infrastructure_manager | * |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-74,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-74,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-74,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to allow an unauthenticated user to run arbitrary code leading complete impact to confidentiality, integrity, and availability of the iLO Amplifier Pack appliance.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ilo_amplifier_pack | 1.90 |
| hp | ilo_amplifier_pack | 1.95 |
| hp | ilo_amplifier_pack | 1.81 |
| hp | ilo_amplifier_pack | 1.80 |
A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). An authenticated SSMC administrator could exploit the vulnerability to inject code and elevate their privilege in SSMC. The scope of this vulnerability is limited to SSMC. Note: The arrays being managed are not impacted by this vulnerability. This vulnerability impacts SSMC versions 3.4 GA to 3.8.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | storeserv_management_console | * |
Multiple buffer overflow security vulnerabilities have been identified in HPE iLO Amplifier Pack version(s): Prior to 2.12. These vulnerabilities could be exploited by a highly privileged user to remotely execute code that could lead to a loss of confidentiality, integrity, and availability. HPE has provided a software update to resolve this vulnerability in HPE iLO Amplifier Pack.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | ilo_amplifier_pack | * |
Potential security vulnerabilities have been identified in an OMEN Gaming Hub SDK package which may allow escalation of privilege and/or denial of service. HP is releasing software updates to mitigate the potential vulnerabilities.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | omen_gaming_hub_sdk | * |
| hp | omen_gaming_hub | * |
A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | xpress_sl-m2876_ss356a | - |
| samsung | clx-3305_ss096a | - |
| samsung | proxpress_sl-m4020_4pt7b | - |
| samsung | proxpress_sl-c4010_ss216j | - |
| samsung | multixpress_scx-8230_ss021a | - |
| samsung | scx-4835_sw020a | - |
| samsung | proxpress_sl-c3060_ss211e | - |
| hp | color_laser_mfp_170_4zb97a | - |
| samsung | ml-4512_ss142a | - |
| samsung | proxpress_sl-m4020_ss383l | - |
| samsung | scx-5737_sw045a | - |
| samsung | xpress_sl-m2675_ss334a | - |
| samsung | ml-5510_ss149a | - |
| samsung | ml-5510_sv898a | - |
| samsung | proxpress_sl-c4010_ss216n | - |
| samsung | proxpress_sl-m4530_ss398d | - |
| samsung | scx-4655_sv988a | - |
| samsung | proxpress_sl-c4010_ss216e | - |
| samsung | proxpress_sl-m3820_ss373j | - |
| samsung | multixpress_sl-k7400_ss037a | - |
| samsung | sf-760_ss199a | - |
| hp | laserjet_mfp_m42625_8af49a | - |
| samsung | clp-680_ss075a | - |
| samsung | scx-3406_sv298a | - |
| hp | laserjet_mfp_m437_7zb19a | - |
| samsung | proxpress_sl-c4010_ss216c | - |
| samsung | clx-3305_ss094a | - |
| samsung | proxpress_sl-c3060_ss211g | - |
| samsung | ml-3750_ss138a | - |
| samsung | ml-5015_ss147a | - |
| samsung | proxpress_sl-c3060_ss211n | - |
| samsung | proxpress_sl-m3875_ss380a | - |
| samsung | multixpress_sl-m5370_sw121a | - |
| samsung | proxpress_sl-m4020_ss383c | - |
| samsung | multixpress_sl-k2200_ss025a | - |
| samsung | proxpress_sl-m3825_ss376a | - |
| hp | laser_mfp_130_4zb89a | - |
| samsung | multixpress_clx-9251_sv719a | - |
| samsung | proxpress_sl-c4010_ss216m | - |
| samsung | ml-5510_ss152a | - |
| samsung | multixpress_sl-k4300_ss032a | - |
| hp | laserjet_mfp_m42625_8af52a | - |
| hp | laserjet_mfp_m433_1vr14a | - |
| samsung | multixpress_scx-8128_sw172a | - |
| samsung | proxpress_sl-m3820_ss373v | - |
| samsung | proxpress_sl-m3870_ss377a | - |
| hp | laser_mfp_130_4zb82a | - |
| samsung | ml-6510_sv899c | - |
| samsung | proxpress_sl-m3375fd_ss369a | - |
| samsung | proxpress_sl-m3825_ss375a | - |
| samsung | proxpress_sl-c3060_ss211p | - |
| samsung | proxpress_sl-c4010_ss216h | - |
| samsung | proxpress_sl-c4010_ss216l | - |
| samsung | proxpress_sl-m3820_ss373d | - |
| samsung | proxpress_sl-c4010_ss216v | - |
| samsung | clp-365_sw139a | - |
| samsung | proxpress_sl-m3820_ss371d | - |
| samsung | clp-775_ss078a | - |
| samsung | proxpress_sl-m3820_ss373h | - |
| hp | laser_mfp_130_4zb87a | - |
| hp | laserjet_mfp_m439_7zb22a | - |
| samsung | ml-5010_ss145a | - |
| samsung | xpress_sl-m2875_ss352a | - |
| hp | laser_mfp_130_4zb93a | - |
| samsung | proxpress_sl-m3820_ss373s | - |
| hp | laserjet_mfp_m439_7zb23a | - |
| samsung | scx-4521_sv967a | - |
| samsung | proxpress_sl-c3060_s221b | - |
| samsung | xpress_sl-c480_ss257a | - |
| samsung | xpress_sl-m2626_ss329a | - |
| samsung | proxpress_sl-m3820_ss371a | - |
| samsung | scx-3406_sv945a | - |
| samsung | sf-760_ss197a | - |
| samsung | xpress_sl-m2670_ss331a | - |
| samsung | multixpress_sl-x3220nr_ss043e | - |
| samsung | proxpress_sl-m3875_ss381a | - |
| samsung | scx-5635_sw041a | - |
| samsung | xpress_sl-c480_ss254a | - |
| samsung | proxpress_sl-m4560_ss400a | - |
| samsung | multixpress_sl-k4250_ss030a | - |
| samsung | proxpress_sl-m3375fd_ss369e | - |
| samsung | multixpress_sl-x7500_ss056a | - |
| samsung | scx-3405_ss162a | - |
| samsung | xpress_sl-m2625_ss327a | - |
| hp | laserjet_mfp_m442_8af71a | - |
| samsung | ml-5510_ss150a | - |
| samsung | proxpress_sl-m4075_ss392a | - |
| samsung | clx-3305_ss095a | - |
| samsung | xpress_sl-m2835_ss346a | - |
| samsung | multixpress_scx-8240_ss022a | - |
| samsung | proxpress_sl-c4010_ss215a | - |
| samsung | multixpress_sl-k7400_ss038a | - |
| samsung | scx-3405_ss159a | - |
| hp | laserjet_mfp_m440_8af46a | - |
| samsung | scx-5639_st676a | - |
| samsung | proxpress_sl-m3375fd_ss368f | - |
| hp | laser_mfp_130_5ue15a | - |
| samsung | multixpress_sl-k7600_ss041a | - |
| samsung | scx-4833_ss181a | - |
| samsung | proxpress_sl-m3820_ss371b | - |
| samsung | scx-3405_ss163a | - |
| samsung | proxpress_sl-c3010_ss210h | - |
| samsung | proxpress_sl-m4020_ss383x | - |
| hp | laserjet_mfp_m42625_8af50a | - |
| samsung | multixpress_sl-m4370_sw117a | - |
| samsung | proxpress_sl-m3820_ss373u | - |
| samsung | xpress_sl-c1860_ss205a | - |
| samsung | xpress_sl-m2620_ss323a | - |
| hp | laser_100_4zb81a | - |
| samsung | sf-760_ss196a | - |
| hp | laser_100_4zb79a | - |
| samsung | proxpress_sl-m4530_ss397g | - |
| samsung | xpress_sl-m2620_ss324a | - |
| samsung | proxpress_sl-m3820_ss373l | - |
| samsung | scx-4521_sv966a | - |
| hp | laser_100_5ue14a | - |
| hp | laser_mfp_130_4zb92a | - |
| samsung | clp-365_ss067a | - |
| samsung | xpress_sl-m2070_ss293a | - |
| samsung | multixpress_sl-k3300_ss028a | - |
| samsung | proxpress_sl-m4080_ss395a | - |
| samsung | scx-4521_sv969a | - |
| samsung | ml-6510_ss154a | - |
| samsung | proxpress_sl-c3060_ss211q | - |
| samsung | xpress_sl-m2820_ss340a | - |
| samsung | ml-5510_ss151a | - |
| samsung | scx-3406_sw127a | - |
| hp | laserjet_mfp_m436_w7u01a | - |
| samsung | multixpress_clx-9301_sw179a | - |
| samsung | xpress_sl-m2675_ss336a | - |
| samsung | proxpress_sl-m4025_ss387a | - |
| samsung | multixpress_scx-8128_ss018a | - |
| samsung | proxpress_sl-m4020_4pt87a | - |
| samsung | scx-4650_ss172a | - |
| samsung | proxpress_sl-c4010_ss216q | - |
| hp | laser_mfp_130_9vv52a | - |
| samsung | ml-6510_sv900a | - |
| samsung | proxpress_sl-c4060_ss218a | - |
| samsung | scx-5635_sw093a | - |
| samsung | proxpress_sl-m4070_ss390c | - |
| samsung | multixpress_clx-9301_ss007a | - |
| samsung | clp-775_ss079a | - |
| samsung | ml-5012_ss146a | - |
| hp | laserjet_mfp_m440_8af48a | - |
| samsung | proxpress_sl-m3820_ss373p | - |
| samsung | scx-4650_sb983a | - |
| samsung | proxpress_sl-c4010_ss216f | - |
| samsung | xpress_sl-m2070_ss294a | - |
| samsung | proxpress_sl-m3820_ss373b | - |
| samsung | scx-4835_sw021a | - |
| hp | laserjet_mfp_m438_8af45a | - |
| hp | laserjet_mfp_m443_8af72a | - |
| samsung | scx-4521_sv968a | - |
| samsung | xpress_sl-m2825_ss342a | - |
| hp | laserjet_mfp_m42625_8af51a | - |
| samsung | xpress_sl-m2825_ss343a | - |
| samsung | scx-4521_ss167a | - |
| hp | laser_mfp_130_4zb83a | - |
| samsung | xpress_sl-m2626_ss328a | - |
| hp | laser_408_7uq75a | - |
| samsung | proxpress_sl-c3010_ss210j | - |
| samsung | proxpress_sl-c4010_ss216z | - |
| samsung | sf-760_ss198a | - |
| samsung | xpress_sl-m2070_ss298a | - |
| samsung | proxpress_sl-m3325_ss367a | - |
| samsung | proxpress_sl-c4010_ss216u | - |
| samsung | xpress_sl-m2870_ss349a | - |
| samsung | xpress_sl-m2875_ss354a | - |
| hp | color_laser_150_4zb94a | - |
| hp | laser_mfp_130_4zb85a | - |
| samsung | scx-3400_sv938a | - |
| samsung | xpress_sl-m2620_ss322a | - |
| samsung | scx-3401_ss157a | - |
| hp | laser_mfp_130_6hu12a | - |
| samsung | multixpress_sl-k2200_ss024a | - |
| samsung | ml-6510_ss153a | - |
| samsung | scx-3406_sv946a | - |
| samsung | clx-6260_ss107a | - |
| samsung | proxpress_sl-m3375fd_ss369d | - |
| samsung | xpress_sl-m2880_ss358a | - |
| samsung | xpress_sl-m2876_ss355a | - |
| samsung | proxpress_sl-c3060_ss211j | - |
| samsung | scx-5637_ss182a | - |
| hp | laserjet_mfp_m439_7zb24a | - |
| hp | laserjet_mfp_m42523_7zb72a | - |
| samsung | proxpress_sl-m3820_ss373g | - |
| hp | laser_100_4zb80a | - |
| samsung | proxpress_sl-m3875_ss379a | - |
| samsung | proxpress_sl-c4010_ss216d | - |
| hp | laserjet_mfp_m436_2ky38a | - |
| samsung | proxpress_sl-c4010_ss216b | - |
| samsung | proxpress_sl-c3060_ss211f | - |
| samsung | proxpress_sl-m3820_ss373m | - |
| samsung | scx-4655_ss174a | - |
| hp | laserjet_mfp_m72625-m72630_2zn49a | - |
| samsung | proxpress_sl-c3060_ss211d | - |
| samsung | proxpress_sl-c3010_ss201c | - |
| samsung | proxpress_sl-m3820_ss373w | - |
| hp | laserjet_mfp_m440_8af47a | - |
| samsung | proxpress_sl-m4020_ss383y | - |
| samsung | proxpress_sl-m4030_ss388a | - |
| samsung | xpress_sl-m2671_ss332a | - |
| samsung | xpress_sl-m2625_ss326a | - |
| samsung | clp-560_sv612a | - |
| samsung | proxpress_sl-c4062_ss219a | - |
| samsung | proxpress_sl-m4072_ss391a | - |
| samsung | xpress_sl-m2820_ss339a | - |
| hp | color_laser_mfp_170_6hu09a | - |
| samsung | proxpress_sl-c3010_ss210l | - |
| samsung | proxpress_sl-c4010_ss216p | - |
| samsung | proxpress_sl-m4560_ss399a | - |
| samsung | proxpress_sl-c3010_ss210m | - |
| samsung | proxpress_sl-m3870_ss378a | - |
| samsung | proxpress_sl-c4010_ss216t | - |
| samsung | scx-4655_sv989a | - |
| samsung | xpress_sl-c430_ss230a | - |
| samsung | multixpress_scx-8128_ss019a | - |
| samsung | scx-4650_ss171a | - |
| samsung | scx-3401_sv393a | - |
| samsung | multixpress_sl-x7500_ss055a | - |
| samsung | proxpress_sl-m3875_ss382a | - |
| samsung | clp-366_sv600a | - |
| samsung | multixpress_sl-m4370_ss396a | - |
| samsung | proxpress_sl-c3010_ss210e | - |
| samsung | xpress_sl-c480_ss255a | - |
| hp | laser_100_209u7a | - |
| samsung | clx-6260_sw177a | - |
| samsung | xpress_sl-m2070_ss296a | - |
| samsung | proxpress_sl-m3820_ss373k | - |
| samsung | clx-6260_ss105a | - |
| samsung | clp-366_ss068a | - |
| samsung | proxpress_sl-c4010_ss216g | - |
| samsung | proxpress_sl-m4020_ss383k | - |
| samsung | scx-5737_ss183a | - |
| samsung | multixpress_sl-k4350_ss033a | - |
| samsung | multixpress_sl-k7500_ss039a | - |
| samsung | proxpress_sl-m3370_ss378a | - |
| samsung | ml-5017_ss148a | - |
| samsung | multixpress_sl-k4250_ss031a | - |
| samsung | multixpress_sl-x4250_ss048a | - |
| samsung | xpress_sl-m2826_ss344a | - |
| samsung | clp-360_ss062a | - |
| samsung | multixpress_sl-x7600_ss058a | - |
| samsung | multixpress_sl-m5360_ss403a | - |
| samsung | proxpress_sl-m3820_ss373n | - |
| samsung | ml-4510_ss141a | - |
| hp | laser_mfp_130_4zb86a | - |
| samsung | scx-3406_ss164a | - |
| samsung | xpress_sl-m2885_ss359a | - |
| samsung | scx-3405_ss161a | - |
| samsung | clp-560_sv611a | - |
| samsung | xpress_sl-m2070_ss297a | - |
| samsung | multixpress_sl-x7600_ss059a | - |
| samsung | proxpress_sl-c3060_ss211a | - |
| samsung | clx-6260_ss106a | - |
| samsung | proxpress_sl-c3060_ss211c | - |
| samsung | proxpress_sl-c3060_ss213c | - |
| samsung | proxpress_sl-m3820_ss373z | - |
| hp | laserjet_mfp_m42523_7ab26a | - |
| samsung | xpress_sl-c430_ss229a | - |
| samsung | xpress_sl-m2621_ss325a | - |
| samsung | xpress_sl-m2676_ss338a | - |
| samsung | clx-3300_sv677a | - |
| samsung | proxpress_sl-c3060_ss213a | - |
| samsung | scx-4833_ss180a | - |
| samsung | proxpress_sl-m3820_ss373e | - |
| hp | laserjet_mfp_m72625-m72630_2zn50a | - |
| samsung | proxpress_sl-c3060_ss213g | - |
| samsung | xpress_sl-m2020_ss272a | - |
| samsung | clp-368_sv601a | - |
| samsung | xpress_sl-m2676_ss337a | - |
| samsung | multixpress_sl-k7500_ss040a | - |
| samsung | proxpress_sl-m4025_ss386a | - |
| samsung | multixpress_scx-8240_st717a | - |
| samsung | proxpress_sl-c3010_ss210a | - |
| samsung | proxpress_sl-c3060_ss213e | - |
| hp | laser_mfp_130_4zb90a | - |
| samsung | proxpress_sl-m3820_ss373c | - |
| samsung | xpress_sl-m2871_ss350a | - |
| samsung | scx-3405_sv943a | - |
| hp | laser_mfp_130_4zb91a | - |
| samsung | multixpress_sl-x3280_ss044a | - |
| samsung | scx-3405_sw314a | - |
| samsung | proxpress_sl-m3375fd_ss369c | - |
| samsung | proxpress_sl-c3010_ss210b | - |
| samsung | multixpress_sl-m5370_ss404a | - |
| samsung | multixpress_clx-9301_sw152a | - |
| samsung | proxpress_sl-m3825_ss374a | - |
| samsung | multixpress_scx-8128_ss020a | - |
| hp | laserjet_mfp_m437_7zb20a | - |
| samsung | multixpress_sl-k7600_ss042a | - |
| samsung | proxpress_sl-m4580_ss402a | - |
| samsung | xpress_sl-m2670_ss330a | - |
| samsung | xpress_sl-m2875_ss353a | - |
| samsung | scx-3405_ss160a | - |
| samsung | proxpress_sl-m3375fd_ss369b | - |
| samsung | proxpress_sl-c3060_ss213b | - |
| samsung | scx-5635_sw040a | - |
| samsung | scx-5637_sw043a | - |
| samsung | multixpress_sl-x4300_ss049a | - |
| samsung | proxpress_sl-c4010_ss216s | - |
| hp | color_laser_mfp_170_4zb96a | - |
| samsung | ml-6510_sv901a | - |
| samsung | proxpress_sl-c3010_ss210f | - |
| samsung | proxpress_sl-c3060_ss211h | - |
| samsung | clx-3305_ss093a | - |
| samsung | proxpress_sl-m4075_ss393a | - |
| samsung | proxpress_sl-c4010_ss216a | - |
| samsung | proxpress_sl-m3820_ss373a | - |
| samsung | scx-3401_ss158a | - |
| samsung | proxpress_sl-c3010_ss210p | - |
| samsung | xpress_sl-m2675_ss335a | - |
| samsung | scx-4021_ss165a | - |
| samsung | proxpress_sl-c3010_ss210k | - |
| samsung | proxpress_sl-m3820_ss372c | - |
| samsung | proxpress_sl-c3010_ss209a | - |
| hp | laserjet_mfp_m438_8af44a | - |
| samsung | clx-6260_ss108a | - |
| samsung | xpress_sl-m2675_sw112a | - |
| samsung | proxpress_sl-c3010_ss210g | - |
| samsung | proxpress_sl-m3320nd_ss365a | - |
| samsung | multixpress_scx-8240_sw185a | - |
| samsung | xpress_sl-m3015_ss360a | - |
| samsung | scx-4521_ss168a | - |
| samsung | xpress_sl-m2875_ss351a | - |
| samsung | multixpress_clx-9251_ss005a | - |
| hp | laser_mfp_130_6hu11a | - |
| samsung | proxpress_sl-m4530_ss397e | - |
| samsung | proxpress_sl-m4024_ss385a | - |
| samsung | scx-5737_sw046a | - |
| samsung | xpress_sl-m2070_ss295a | - |
| samsung | proxpress_sl-m3820_ss371c | - |
| hp | laserjet_mfp_m437_7zb21a | - |
| samsung | proxpress_sl-m3820_ss373t | - |
| samsung | scx-4833_sw019a | - |
| samsung | clp-365_ss066a | - |
| hp | laserjet_mfp_m42523_7zb25a | - |
| samsung | proxpress_sl-c3060_ss213f | - |
| samsung | scx-3406_sv947a | - |
| hp | laser_mfp_130_4zb88a | - |
| samsung | proxpress_sl-c3060_ss211m | - |
| samsung | proxpress_sl-m3321_ss366a | - |
| samsung | proxpress_sl-c3010_ss210d | - |
| samsung | xpress_sl-m2870_ss348a | - |
| samsung | xpress_sl-m2821_ss341a | - |
| hp | color_laser_mfp_170_6hu08a | - |
| hp | laserjet_mfp_m438_8af43a | - |
| samsung | proxpress_sl-m3820_ss373f | - |
| samsung | proxpress_sl-m3820_ss373q | - |
| samsung | scx-3405_sw313a | - |
| samsung | proxpress_sl-c3060_ss211k | - |
| hp | color_laser_150_4zb95a | - |
| hp | laser_mfp_130_6hu10a | - |
| samsung | scx-3400_ss156a | - |
| samsung | clx-3300_ss088a | - |
| samsung | ml-5510_sv897a | - |
| samsung | sf-760_ss195a | - |
| samsung | xpress_sl-c480_ss256a | - |
| samsung | multixpress_sl-k3250_ss027e | - |
| samsung | proxpress_sl-c4012_ss217a | - |
| samsung | proxpress_sl-m4580_ss401a | - |
| samsung | xpress_sl-m2676_sw113a | - |
| samsung | proxpress_sl-c3060_ss213d | - |
| samsung | multixpress_sl-x7400_ss054a | - |
| samsung | scx-3400_ss155a | - |
| hp | laser_mfp_130_4zb84a | - |
| samsung | proxpress_sl-c3060_ss211l | - |
| samsung | proxpress_sl-c3060_ss213h | - |
| samsung | scx-4521_sv530a | - |
| samsung | multixpress_sl-x7400_ss053a | - |
| samsung | proxpress_sl-m3820_ss375b | - |
| hp | laserjet_mfp_m436_w7u02a | - |
| samsung | xpress_sl-m2876_ss357a | - |
| samsung | clp-680_ss076a | - |
| samsung | scx-4521_sw129a | - |
| hp | laser_mfp_432_7uq76a | - |
| samsung | proxpress_sl-m4070_ss389j | - |
| samsung | multixpress_sl-x4220_ss047a | - |
| samsung | proxpress_sl-c4010_ss216k | - |
| samsung | xpress_sl-m2671_ss333a | - |
| samsung | proxpress_sl-m4075_ss394a | - |
| samsung | xpress_sl-m2020_ss271a | - |
HP has identified a potential vulnerability in BIOS firmware of some Workstation products. Firmware updates are being released to mitigate these potential vulnerabilities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_fury_17_g7_firmware | * |
| hp | elitedesk_880_g2_tower_pc_firmware | - |
| hp | probook_470_g4_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | - |
| hp | z_vr_backpack_g1_firmware | - |
| hp | 282_pro_g3_microtower_pc_firmware | - |
| hp | 280_pro_g6_microtower_(rom_family_ssid_8948)_firmware | - |
| hp | elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmware | - |
| hp | 290_g1_small_form_factor_(rom_family_ssid_843f)_firmware | - |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | - |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | - |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | probook_440_g4_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | - |
| hp | mp9_g2_retail_system_firmware | - |
| hp | probook_470_g3_firmware | * |
| hp | 250_g7_firmware | * |
| hp | 406_microtower_pc_firmware | - |
| hp | prodesk_400_g6_microtower_pc_firmware | - |
| hp | 280_g4_small_form_factor_(rom_family_ssid_8768)_firmware | - |
| hp | probook_450_g3_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | - |
| hp | 288_pro_g6_microtower_(rom_family_ssid_877e)_firmware | - |
| hp | z2_small_form_factor_g4_firmware | - |
| hp | 280_pro_g4_microtower_(rom_family_ssid_843c)_firmware | - |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | elitedesk_800_g2_tower_pc_firmware | - |
| hp | probook_x360_11_g5_education_edition_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | elite_slice_g2_with_microsoft_teams_rooms_firmware | - |
| hp | prodesk_680_g2_microtower_pc_firmware | - |
| hp | proone_440_g6_24_all-in-one_pc_firmware | - |
| hp | elitebook_836_g6_firmware | * |
| hp | 260_g4_desktop_mini_pc_firmware | - |
| hp | elitebook_1040_g4_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | - |
| hp | zhan_86_pro_g1_microtower_pc_firmware | - |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | - |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | 348_g7_firmware | * |
| hp | mt21_thin_client_firmware | - |
| hp | elite_x2_1012_g1_tablet_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | - |
| hp | prodesk_680_g4_microtower_pc_(with_pci_slot)_firmware | - |
| hp | 280_g3_small_form_factor_(rom_family_ssid_843f)_firmware | - |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | 290_g1_microtower_pc_firmware | - |
| hp | mt22_thin_client_firmware | - |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | - |
| hp | probook_x360_440_g1_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmware | - |
| hp | 290_g2_small_form_factor_(rom_family_ssid_86e9)_firmware | - |
| hp | t638_thin_client_firmware | - |
| hp | elitebook_840r_g4_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | probook_430_g4_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | 200_pro_g4_22_all-in-one_pc_(rom_family_ssid_86f0)_firmware | - |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | 288_pro_g4_microtower_(rom_family_ssid_843c)_firmware | - |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | - |
| hp | z2_tower_g4_firmware | - |
| hp | elitebook_folio_g1_firmware | * |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware | - |
| hp | prodesk_480_g5_microtower_pc_firmware | - |
| hp | 290_g4_microtower_(rom_family_ssid_8948)_firmware | - |
| hp | elitebook_850_g7_firmware | * |
| hp | engage_flex_pro-c_retail_system_firmware | - |
| hp | elitebook_840_g7_firmware | * |
| hp | 240_g7_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | - |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_business_pc_firmware | - |
| hp | proone_440_g3_(rom_family_ssid_81b7)_firmware | - |
| hp | probook_650_g7_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | 346_g3_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | - |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_pc_firmware | - |
| hp | z840_workstation_firmware | - |
| hp | 250_g4_firmware | - |
| hp | 250_g6_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | - |
| hp | z4_g4_workstation_(core-x)_firmware | - |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | - |
| hp | elite_slice_g2_-_audio_ready_with_zoom_rooms_firmware | - |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | - |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | - |
| hp | z2_mini_g5_firmware | - |
| hp | zbook_17_g3_firmware | * |
| hp | 200_g4_22_all-in-one_pc_(rom_family_ssid_86f8)_firmware | - |
| hp | elitedesk_800_g5_tower_pc_firmware | - |
| hp | z2_small_form_factor_g5_firmware | - |
| hp | 258_g6_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | - |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | - |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | - |
| hp | mp9_g4_retail_system_firmware | - |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | - |
| hp | probook_640_g5_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | - |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | z440_workstation_firmware | - |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | 280_g3_microtower_pc_firmware | - |
| hp | prodesk_400_g5_microtower_pc_firmware | - |
| hp | zbook_15_g6_firmware | * |
| hp | proone_490_g3_(rom_family_ssid_82dc)_firmware | - |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | - |
| hp | probook_430_g6_firmware | * |
| hp | 348_g4_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | - |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_pc_firmware | - |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | 340_g7_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | - |
| hp | elitebook_840_g3_firmware | * |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | - |
| hp | 288_pro_g3_microtower_firmware | - |
| hp | z1_entry_tower_g6_firmware | - |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | - |
| hp | probook_450_g5_firmware | * |
| hp | 250_g5_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | - |
| hp | z1_entry_tower_g5_firmware | - |
| hp | elite_x2_g4_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmware | - |
| hp | proone_490_g3_(rom_family_ssid_81b7)_firmware | - |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | - |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | - |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | - |
| hp | probook_440_g8_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | - |
| hp | elitedesk_880_g4_tower_pc_firmware | - |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | z238_microtower_firmware | - |
| hp | z8_g4_workstation_firmware | - |
| hp | z240_small_form_factor_firmware | - |
| hp | desktop_pro_300_g3_firmware | - |
| hp | 280_pro_g3_small_form_factor_(rom_family_ssid_843f)_firmware | - |
| hp | zbook_17_g5_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | - |
| hp | t430_thin_client_firmware | - |
| hp | 240_g6_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | - |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | - |
| hp | probook_x360_11_g6_education_edition_firmware | * |
| hp | sprout_pro_by_g2_firmware | - |
| hp | elite_dragonfly_max_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_x360_11_g4_education_edition_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | - |
| hp | zbook_create_g7_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | - |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_pc_firmware | - |
| hp | probook_640_g3_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | - |
| hp | prodesk_680_g3_microtower_pc_firmware | - |
| hp | z2_tower_g5_firmware | - |
| hp | elitebook_828_g3_firmware | * |
| hp | 205_g4_22_all-in-one_pc_(rom_family_ssid_86f8)_firmware | - |
| hp | prodesk_680_g4_microtower_pc_firmware | - |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | - |
| hp | z2_mini_g4_firmware | - |
| hp | elitebook_840_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | - |
| hp | prodesk_600_g2_small_form_factor_pc_firmware | - |
| hp | 200_g4_22_all-in-one_pc_(rom_family_ssid_86f0)_firmware | - |
| hp | 288_pro_g6_microtower_(rom_family_ssid_8948)_firmware | - |
| hp | zbook_15u_g4_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | zhan_86_pro_g2_microtower_(rom_family_ssid_843c)_firmware | - |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | - |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | - |
| hp | 205_pro_g4_22_all-in-one_pc_(rom_family_ssid_86f8)_firmware | - |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | - |
| hp | 282_pro_g6_microtower_(rom_family_ssid_8948)_firmware | - |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | - |
| hp | zbook_17_g6_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | 256_g4_firmware | - |
| hp | 340_g5_firmware | * |
| hp | desktop_pro_g1_microtower_(rom_family_ssid_843c)_firmware | - |
| hp | 282_pro_g5_microtower_(rom_family_ssid_86e9)_firmware | - |
| hp | probook_x360_11_g2_education_edition_firmware | * |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | - |
| hp | zcentral_4r_firmware | - |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | - |
| hp | zbook_14u_g5_firmware | * |
| hp | 246_g5_firmware | - |
| hp | 290_g2_small_form_factor_(rom_family_ssid_8768)_firmware | - |
| hp | 348_g3_firmware | * |
| hp | desktop_pro_microtower_pc_firmware | - |
| hp | prodesk_600_g6_microtower_pc_firmware | - |
| hp | engage_one_pro_aio_system_firmware | - |
| hp | 246_g7_firmware | * |
| hp | elite_slice_firmware | - |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | - |
| hp | proone_400_g6_24_all-in-one_pc_firmware | - |
| hp | zhan_99_pro_g1_microtower_(rom_family_ssid_843c)_firmware | - |
| hp | elitebook_846_g5_firmware | * |
| hp | stream_11_pro_g4_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | - |
| hp | 290_g4_microtower_(rom_family_ssid_877e)_firmware | - |
| hp | probook_640_g4_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | - |
| hp | probook_630_g8_firmware | * |
| hp | 200_pro_g4_22_all-in-one_pc_(rom_family_ssid_86f8)_firmware | - |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | z640_workstation_firmware | - |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmware | - |
| hp | probook_440_g5_firmware | * |
| hp | 256_g6_firmware | * |
| hp | 348_g5_firmware | * |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_pc_firmware | - |
| hp | 340_g3_firmware | * |
| hp | elitedesk_800_g2_small_form_factor_pc_firmware | - |
| hp | 280_g4_microtower_(rom_family_ssid_843c)_firmware | - |
| hp | probook_650_g3_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | - |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | - |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | elite_slice_g2_with_intel_unite_firmware | - |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | - |
| hp | elitebook_850_g6_firmware | * |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_pc_firmware | - |
| hp | 280_g4_small_form_factor_(rom_family_ssid_86e9)_firmware | - |
| hp | 280_g5_microtower_(rom_family_ssid_877e)_firmware | - |
| hp | probook_440_g6_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | 258_g7_firmware | * |
| hp | 280_g3_pci_microtower_pc_firmware | - |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | - |
| hp | 240_g5_firmware | - |
| hp | elitedesk_800_g3_tower_pc_firmware | - |
| hp | prodesk_400_g4_microtower_pc_firmware | - |
| hp | prodesk_600_g2_desktop_mini_pc_firmware | - |
| hp | rp9_g1_retail_system_firmware | - |
| hp | probook_470_g5_firmware | * |
| hp | 470_g7_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | zhan_66_pro_g1_microtower_pc_firmware | - |
| hp | probook_650_g5_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | zhan_66_pro_14_g4_firmware | * |
| hp | prodesk_400_g2_desktop_mini_pc_firmware | - |
| hp | elite_dragonfly_firmware | * |
| hp | desktop_pro_g3_firmware | - |
| hp | probook_650_g8_firmware | * |
| hp | engage_one_all-in-one_system_firmware | - |
| hp | 280_pro_g3_microtower_pc_firmware | - |
| hp | probook_450_g4_firmware | * |
| hp | 246_g4_firmware | - |
| hp | proone_400_g2_20-inch_touch_all-in-one_pc_firmware | - |
| hp | z240_tower_firmware | - |
| hp | elitebook_830_g7_firmware | * |
| hp | 218_pro_g5_microtower_pc_firmware | * |
| hp | 200_g3_all-in-one_(rom_family_ssid_84de)_firmware | - |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | spectre_pro_x360_g2_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | - |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | - |
| hp | 260_g3_desktop_mini_pc_firmware | - |
| hp | probook_650_g4_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | - |
| hp | desktop_pro_g2_firmware | - |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | - |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | - |
| hp | pro_x2_612_g2_firmware | * |
| hp | mt20_thin_client_firmware | - |
| hp | zhan_x_13_g2_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | - |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | - |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | - |
| hp | mt31_thin_client_firmware | - |
| hp | probook_446_g3_firmware | * |
| hp | z6_g4_workstation_firmware | - |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmware | - |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | 290_g2_microtower_(rom_family_ssid_843c)_firmware | - |
| hp | z1_all-in-one_g3_firmware | - |
| hp | elite_slice_g2_with_zoom_rooms_firmware | - |
| hp | proone_440_g3_(rom_family_ssid_82dc)_firmware | - |
| hp | prodesk_600_g5_microtower_pc_(with_pci_slot)_firmware | - |
| hp | desktop_pro_g2_microtower_pc_firmware | - |
| hp | 200_g3_all-in-one_(rom_family_ssid_8431)_firmware | - |
| hp | 256_g5_firmware | * |
| hp | 205_pro_g4_22_all-in-one_pc_(rom_family_ssid_86f0)_firmware | - |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | - |
| hp | prodesk_600_g4_microtower_pc_firmware | - |
| hp | probook_650_g2_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | - |
| hp | spectre_pro_13_g1_firmware | * |
| hp | 340s_g7_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | - |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | - |
| hp | zbook_17_g4_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | - |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | - |
| hp | probook_430_g5_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | - |
| hp | probook_640_g8_firmware | * |
| hp | probook_x360_11_g3_education_edition_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | stream_11_pro_g5_firmware | * |
| hp | 205_g4_22_all-in-one_pc_(rom_family_ssid_86f0)_firmware | - |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | - |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | - |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | - |
| hp | prodesk_600_g2_microtower_pc_firmware | - |
| hp | 340_g4_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | - |
| hp | elitebook_830_g6_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | - |
| hp | 346_g4_firmware | * |
| hp | 240_g4_firmware | - |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | z2_mini_g3_firmware | - |
| hp | 282_pro_g4_microtower_(rom_family_ssid_843c)_firmware | - |
| hp | probook_11_g2_education_edition_firmware | * |
| hp | 280_g5_small_form_factor_(rom_family_ssid_86e9)_firmware | - |
| hp | 290_g3_(rom_family_ssid_86e9)_firmware | - |
| hp | zbook_15v_g5_mobile_workstation_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | - |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware | - |
| hp | prodesk_480_g6_microtower_pc_firmware | - |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | desktop_pro_g3_microtower_firmware | - |
| hp | 256_g7_firmware | * |
| hp | engage_flex_pro_retail_system_firmware | - |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | - |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | - |
| hp | probook_430_g7_firmware | * |
| hp | 246_g6_firmware | * |
| hp | zhan_66_pro_g1_r_microtower_pc_firmware | - |
| hp | 288_pro_g5_microtower_(rom_family_ssid_86e9)_firmware | - |
| hp | 260_g2_desktop_mini_firmware | - |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | engage_gomobile_system_firmware | - |
HP Print and Scan Doctor, an application within the HP Smart App for Windows, is potentially vulnerable to local elevation of privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp_smart | * |
A potential security vulnerability has been identified for the HP OfficeJet 7110 Wide Format ePrinter that enables Cross-Site Scripting (XSS).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | officejet_7110_firmware | * |
A potential security vulnerability has been identified in certain HP Workstation BIOS (UEFI firmware) which may allow arbitrary code execution. HP is releasing firmware mitigations for the potential vulnerability.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | z2_mini_g5_firmware | 01.03.00_rev_a |
| hp | z2_mini_g3_firmware | 01.83 |
| hp | z2_small_form_factor_g4_firmware | 01.08.01 |
| hp | z2_tower_g4_firmware | 01.08.01 |
| hp | z2_tower_g5_firmware | 01.03.00_rev_a |
| hp | z240_tower_firmware | 01.83 |
| hp | z2_mini_g4_firmware | 01.08.01 |
| hp | zcentral_4r_firmware | 01.18 |
| hp | z2_tower_g8_firmware | 01.03.00_rev_a |
| hp | z240_small_form_factor_firmware | 01.83 |
| hp | z6_g4_firmware | 02.75 |
| hp | z640_firmware | 2.58 |
| hp | z440_firmware | 2.58 |
| hp | z2_small_form_factor_g8_firmware | 01.03.00_rev_a |
| hp | z8_g4_firmware | 02.75 |
| hp | z238_microtower_firmware | 01.83 |
| hp | z840_firmware | 2.58 |
| hp | z4_g4_firmware | 02.75 |
| hp | z1_all-in-one_g3_firmware | 01.31 |
| hp | z2_small_form_factor_g5_firmware | 01.03.00_rev_a |
Certain HP Enterprise LaserJet and PageWide MFPs may be vulnerable to stored cross site scripting (XSS).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_5 | * |
| hp | futuresmart_4 | * |
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_j8h60a_firmware | * |
| hp | laserjet_pro_j8h61a_firmware | * |
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_j8h60a_firmware | * |
| hp | laserjet_pro_j8h61a_firmware | * |
Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | elitebook_1050_g1_firmware | 01.19.00 |
| hp | elitebook_850_g5_firmware | 01.19.00 |
| hp | hp_mt21_mobile_thin_client_firmware | 01.21.01 |
| hp | zbook_studio_g5_firmware | 01.19.00 |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | 2.4 |
| hp | elite_x2_g4_firmware | 01.12.00 |
| hp | probook_470_g4_firmware | 1.41 |
| hp | probook_430_g6_firmware | 01.19.00 |
| hp | elitebook_x360_1030_g2_firmware | 1.41 |
| hp | pro_x2_612_g2_firmware | 1.41 |
| hp | elitebook_x360_830_g6_firmware | 01.12.00 |
| hp | elitebook_850_g4_firmware | 1.41 |
| hp | elitedesk_800_g4_workstation_firmware | 02.17.00 |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | 2.4 |
| hp | probook_650_g5_firmware | 01.12.00 |
| hp | hp_z2_mini_g4_firmware | 01.08.01 |
| hp | eliteone_800_g3_23.8_non-touch_all-in-one_business_pc_firmware | 2.4 |
| hp | elitebook_850_g6_firmware | 01.12.00 |
| hp | probook_11_ee_g2_firmware | 1.55 |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | 02.12.00 |
| hp | hp_z2_tower_g5_firmware | 01.04.02 |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | 02.11.00 |
| hp | elitebook_735_g5_firmware | 01.20.00 |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | 02.17.00 |
| hp | hp_mt44_mobile_thin_client_firmware | 01.21.01 |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | 02.18.00 |
| hp | probook_655_g3_firmware | 1.4 |
| hp | zbook_17_g6_firmware | 01.12.00 |
| hp | eliteone_800_g4_23.8-in_all-in-one_business_pc_firmware | 02.18.00 |
| hp | elitebook_836_g5_firmware | 01.19.00 |
| hp | elitebook_840r_g4_firmware | 01.19.00 |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | 02.17.00 |
| hp | probook_445_g6_firmware | 01.19.00 |
| hp | elitebook_840_g4_firmware | 1.41 |
| hp | engage_flex_pro-c_retail_system_firmware | 02.17.00 |
| hp | zhan_66_pro_14_g2_firmware | 01.19.00 |
| hp | elitebook_735_g6_firmware | 01.19.00 |
| hp | elitebook_1040_g4_firmware | 1.41 |
| hp | elitebook_828_g4_firmware | 1.41 |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | 02.17.00 |
| hp | zbook_x2_g4_firmware | 1.41 |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | 02.18.00 |
| hp | engage_go_mobile_system_firmware | 01.19.00 |
| hp | elite_slice_g2_firmware | 2.55 |
| hp | probook_x360_11_g2_ee_firmware | 1.43 |
| hp | elitedesk_705_g4_microtower_pc_firmware | 02.17.00 |
| hp | elitebook_x360_1030_g4_firmware | 01.12.00 |
| hp | probook_450_g4_firmware | 1.41 |
| hp | elitedesk_705_g4_workstation_firmware | 02.17.00 |
| hp | zbook_14u_g6_firmware | 01.12.00 |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | 02.17.00 |
| hp | prodesk_480_g4_microtower_pc_firmware | 2.4 |
| hp | elitebook_820_g4_firmware | 1.41 |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | 02.18.00 |
| hp | elitebook_x360_1040_g6_firmware | 01.12.00 |
| hp | engage_flex_pro_retail_system_firmware | 02.17.00 |
| hp | zhan_x_13_g2_firmware | 01.12.00 |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | 02.18.00 |
| hp | mp9_g4_retail_system_firmware | 02.17.00 |
| hp | hp_mt31_mobile_thin_client_firmware | 01.21.01 |
| hp | elitebook_836_g6_firmware | 01.12.00 |
| hp | elitedesk_880_g4_tower_pc_firmware | 02.17.00 |
| hp | zbook_studio_x360_g5_firmware | 01.19.00 |
| hp | elitebook_745_g4_firmware | 1.4 |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | 2.4 |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | 02.11.01 |
| hp | eliteone_800_g5_23.8-in_all-in-one_firmware | 2.11.01 |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | 2.4 |
| hp | probook_445r_g6_firmware | 01.19.00 |
| hp | prodesk_405_g4_small_form_factor_pc_firmware | 02.12.00 |
| hp | probook_455_g4_firmware | 1.4 |
| hp | elite_slice_firmware | 2.55 |
| hp | elite_x2_1012_g2_firmware | 1.41 |
| hp | zbook_17_g4_firmware | 1.41 |
| hp | prodesk_480_g6_microtower_pc_firmware | 02.11.00 |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | 02.11.00 |
| hp | hp_z238_microtower_firmware | 1.83 |
| hp | prodesk_480_g5_microtower_pc_firmware | 02.17.00 |
| hp | elitebook_725_g4_firmware | 1.4 |
| hp | elitebook_x360_1040_g5_firmware | 01.19.00 |
| hp | probook_470_g5_firmware | 01.20.00 |
| hp | zbook_14u_g4_firmware | 1.41 |
| hp | probook_440_g5_firmware | 01.20.00 |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | 2.4 |
| hp | elite_x2_1013_g3_firmware | 01.19.00 |
| hp | probook_640_g5_firmware | 01.12.00 |
| hp | probook_x360_11_g3_ee_firmware | 01.17.00 |
| hp | engage_one_aio_system_firmware | 02.40.00 |
| hp | zbook_15u_g5_firmware | 01.19.00 |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | 02.11.01 |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | 02.11.00 |
| hp | prodesk_600_g3_microtower_pc_firmware | 2.4 |
| hp | probook_645_g4_firmware | 01.20.00 |
| hp | elitebook_840_g6_firmware | 01.12.00 |
| hp | elitedesk_800_g4_tower_pc_firmware | 02.17.00 |
| hp | elitebook_830_g6_firmware | 01.12.00 |
| hp | elitebook_x360_830_g5_firmware | 01.19.00 |
| hp | elitedesk_800_g5_tower_pc_firmware | 02.11.00 |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | 02.18.00 |
| hp | elitedesk_705_g3_small_form_factor_pc_firmware | 2.38 |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | 02.17.00 |
| hp | zbook_17_g5_firmware | 01.19.00 |
| hp | elitedesk_705_g3_microtower_pc_firmware | 2.38 |
| hp | zhan_66_pro_15_g2_firmware | 01.19.00 |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | 2.4 |
| hp | probook_450_g6_firmware | 01.19.00 |
| hp | probook_455_g5_firmware | 01.20.00 |
| hp | hp_z2_mini_g5_firmware | 01.04.02 |
| hp | probook_645_g3_firmware | 1.4 |
| hp | probook_x360_440_g1_firmware | 01.19.00 |
| hp | zbook_studio_g4_firmware | 1.41 |
| hp | prodesk_400_g6_microtower_pc_firmware | 02.11.00 |
| hp | zhan_66_pro_g1_firmware | 01.20.00 |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | 02.18.00 |
| hp | zbook_15_g4_firmware | 1.41 |
| hp | hp_z240_small_form_factor_firmware | 1.83 |
| hp | probook_450_g5_firmware | 01.20.00 |
| hp | hp_z2_small_form_factor_g5_firmware | 01.04.02 |
| hp | elitebook_x360_1020_g2_firmware | 1.41 |
| hp | probook_640_g4_firmware | 01.20.00 |
| hp | prodesk_400_g5_microtower_pc_firmware | 02.17.00 |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | 02.11.00 |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | 2.4 |
| hp | probook_650_g3_firmware | 1.41 |
| hp | probook_455_g6_firmware | 01.19.00 |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | 02.11.00 |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | 02.17.00 |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | 02.17.00 |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | 02.11.01 |
| hp | elitebook_840_g5_firmware | 01.19.00 |
| hp | probook_650_g4_firmware | 01.20.00 |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | 2.17 |
| hp | zbook_15u_g4_firmware | 1.41 |
| hp | probook_440_g6_firmware | 01.19.00 |
| hp | elitedesk_705_g3_desktop_mini_pc_firmware | 2.38 |
| hp | prodesk_680_g3_microtower_pc_firmware | 2.4 |
| hp | prodesk_600_g5_microtower_pc_firmware | 02.11.00 |
| hp | probook_455r_g6_firmware | 01.19.00 |
| hp | probook_640_g3_firmware | 1.41 |
| hp | zbook_14u_g5_firmware | 01.19.00 |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | 2.4 |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | 02.11.01 |
| hp | elitebook_x360_1030_g3_firmware | 01.19.00 |
| hp | probook_430_g5_firmware | 01.20.00 |
| hp | zbook_15_g5_firmware | 01.19.00 |
| hp | elitebook_755_g4_firmware | 1.4 |
| hp | prodesk_600_g4_microtower_pc_firmware | 02.17.00 |
| hp | elitebook_848_g4_firmware | 1.41 |
| hp | probook_430_g4_firmware | 1.41 |
| hp | hp_mt45_mobile_thin_client_firmware | 01.21.01 |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | 02.11.00 |
| hp | elitedesk_880_g5_tower_pc_firmware | 02.11.00 |
| hp | hp_z2_tower_g4_firmware | 01.08.01 |
| hp | elitebook_755_g5_firmware | 01.20.00 |
| hp | elitebook_745_g5_firmware | 01.20.00 |
| hp | zbook_15_g6_firmware | 01.12.00 |
| hp | zhan_66_pro_13_g2_firmware | 01.19.00 |
| hp | elitedesk_800_g3_tower_pc_firmware | 2.4 |
| hp | hp_z1_entry_tower_g5_firmware | 02.11.00 |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | 2.4 |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | 02.11.00 |
| hp | prodesk_680_g4_microtower_pc_firmware | 02.17.00 |
| hp | hp_z1_all-in-one_g3_firmware | 1.31 |
| hp | hp_z2_mini_g3_firmware | 1.83 |
| hp | hp_z240_tower_firmware | 1.83 |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | 02.18.00 |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | 2.4 |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | 2.4 |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | 02.11.00 |
| hp | hp_z2_small_form_factor_g4_firmware | 01.08.01 |
| hp | engage_go_10_mobile_system_firmware | 01.08.00 |
| hp | elite_dragonfly_firmware | 01.12.00 |
| hp | elitedesk_880_g3_tower_pc_firmware | 2.4 |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | 2.4 |
| hp | prodesk_400_g4_microtower_pc_firmware | 2.4 |
| hp | probook_x360_11_g4_ee_firmware | 01.13.00 |
| hp | elitebook_846_g5_firmware | 01.19.00 |
| hp | probook_440_g4_firmware | 1.41 |
| hp | zbook_15u_g6_firmware | 01.12.00 |
| hp | elitebook_745_g6_firmware | 01.19.00 |
| hp | elitebook_830_g5_firmware | 01.19.00 |
Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | elitebook_1050_g1_firmware | 01.19.00 |
| hp | elitebook_850_g5_firmware | 01.19.00 |
| hp | hp_mt21_mobile_thin_client_firmware | 01.21.01 |
| hp | zbook_studio_g5_firmware | 01.19.00 |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | 2.4 |
| hp | elite_x2_g4_firmware | 01.12.00 |
| hp | probook_470_g4_firmware | 1.41 |
| hp | probook_430_g6_firmware | 01.19.00 |
| hp | elitebook_x360_1030_g2_firmware | 1.41 |
| hp | pro_x2_612_g2_firmware | 1.41 |
| hp | elitebook_x360_830_g6_firmware | 01.12.00 |
| hp | elitebook_850_g4_firmware | 1.41 |
| hp | elitedesk_800_g4_workstation_firmware | 02.17.00 |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | 2.4 |
| hp | probook_650_g5_firmware | 01.12.00 |
| hp | hp_z2_mini_g4_firmware | 01.08.01 |
| hp | eliteone_800_g3_23.8_non-touch_all-in-one_business_pc_firmware | 2.4 |
| hp | elitebook_850_g6_firmware | 01.12.00 |
| hp | probook_11_ee_g2_firmware | 1.55 |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | 02.12.00 |
| hp | hp_z2_tower_g5_firmware | 01.04.02 |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | 02.11.00 |
| hp | elitebook_735_g5_firmware | 01.20.00 |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | 02.17.00 |
| hp | hp_mt44_mobile_thin_client_firmware | 01.21.01 |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | 02.18.00 |
| hp | probook_655_g3_firmware | 1.4 |
| hp | zbook_17_g6_firmware | 01.12.00 |
| hp | eliteone_800_g4_23.8-in_all-in-one_business_pc_firmware | 02.18.00 |
| hp | elitebook_836_g5_firmware | 01.19.00 |
| hp | elitebook_840r_g4_firmware | 01.19.00 |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | 02.17.00 |
| hp | probook_445_g6_firmware | 01.19.00 |
| hp | elitebook_840_g4_firmware | 1.41 |
| hp | engage_flex_pro-c_retail_system_firmware | 02.17.00 |
| hp | zhan_66_pro_14_g2_firmware | 01.19.00 |
| hp | elitebook_735_g6_firmware | 01.19.00 |
| hp | elitebook_1040_g4_firmware | 1.41 |
| hp | elitebook_828_g4_firmware | 1.41 |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | 02.17.00 |
| hp | zbook_x2_g4_firmware | 1.41 |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | 02.18.00 |
| hp | engage_go_mobile_system_firmware | 01.19.00 |
| hp | elite_slice_g2_firmware | 2.55 |
| hp | probook_x360_11_g2_ee_firmware | 1.43 |
| hp | elitedesk_705_g4_microtower_pc_firmware | 02.17.00 |
| hp | elitebook_x360_1030_g4_firmware | 01.12.00 |
| hp | probook_450_g4_firmware | 1.41 |
| hp | elitedesk_705_g4_workstation_firmware | 02.17.00 |
| hp | zbook_14u_g6_firmware | 01.12.00 |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | 02.17.00 |
| hp | prodesk_480_g4_microtower_pc_firmware | 2.4 |
| hp | elitebook_820_g4_firmware | 1.41 |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | 02.18.00 |
| hp | elitebook_x360_1040_g6_firmware | 01.12.00 |
| hp | engage_flex_pro_retail_system_firmware | 02.17.00 |
| hp | zhan_x_13_g2_firmware | 01.12.00 |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | 02.18.00 |
| hp | mp9_g4_retail_system_firmware | 02.17.00 |
| hp | hp_mt31_mobile_thin_client_firmware | 01.21.01 |
| hp | elitebook_836_g6_firmware | 01.12.00 |
| hp | elitedesk_880_g4_tower_pc_firmware | 02.17.00 |
| hp | zbook_studio_x360_g5_firmware | 01.19.00 |
| hp | elitebook_745_g4_firmware | 1.4 |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | 2.4 |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | 02.11.01 |
| hp | eliteone_800_g5_23.8-in_all-in-one_firmware | 2.11.01 |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | 2.4 |
| hp | probook_445r_g6_firmware | 01.19.00 |
| hp | prodesk_405_g4_small_form_factor_pc_firmware | 02.12.00 |
| hp | probook_455_g4_firmware | 1.4 |
| hp | elite_slice_firmware | 2.55 |
| hp | elite_x2_1012_g2_firmware | 1.41 |
| hp | zbook_17_g4_firmware | 1.41 |
| hp | prodesk_480_g6_microtower_pc_firmware | 02.11.00 |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | 02.11.00 |
| hp | hp_z238_microtower_firmware | 1.83 |
| hp | prodesk_480_g5_microtower_pc_firmware | 02.17.00 |
| hp | elitebook_725_g4_firmware | 1.4 |
| hp | elitebook_x360_1040_g5_firmware | 01.19.00 |
| hp | probook_470_g5_firmware | 01.20.00 |
| hp | zbook_14u_g4_firmware | 1.41 |
| hp | probook_440_g5_firmware | 01.20.00 |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | 2.4 |
| hp | elite_x2_1013_g3_firmware | 01.19.00 |
| hp | probook_640_g5_firmware | 01.12.00 |
| hp | probook_x360_11_g3_ee_firmware | 01.17.00 |
| hp | engage_one_aio_system_firmware | 02.40.00 |
| hp | zbook_15u_g5_firmware | 01.19.00 |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | 02.11.01 |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | 02.11.00 |
| hp | prodesk_600_g3_microtower_pc_firmware | 2.4 |
| hp | probook_645_g4_firmware | 01.20.00 |
| hp | elitebook_840_g6_firmware | 01.12.00 |
| hp | elitedesk_800_g4_tower_pc_firmware | 02.17.00 |
| hp | elitebook_830_g6_firmware | 01.12.00 |
| hp | elitebook_x360_830_g5_firmware | 01.19.00 |
| hp | elitedesk_800_g5_tower_pc_firmware | 02.11.00 |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | 02.18.00 |
| hp | elitedesk_705_g3_small_form_factor_pc_firmware | 2.38 |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | 02.17.00 |
| hp | zbook_17_g5_firmware | 01.19.00 |
| hp | elitedesk_705_g3_microtower_pc_firmware | 2.38 |
| hp | zhan_66_pro_15_g2_firmware | 01.19.00 |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | 2.4 |
| hp | probook_450_g6_firmware | 01.19.00 |
| hp | probook_455_g5_firmware | 01.20.00 |
| hp | hp_z2_mini_g5_firmware | 01.04.02 |
| hp | probook_645_g3_firmware | 1.4 |
| hp | probook_x360_440_g1_firmware | 01.19.00 |
| hp | zbook_studio_g4_firmware | 1.41 |
| hp | prodesk_400_g6_microtower_pc_firmware | 02.11.00 |
| hp | zhan_66_pro_g1_firmware | 01.20.00 |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | 02.18.00 |
| hp | zbook_15_g4_firmware | 1.41 |
| hp | hp_z240_small_form_factor_firmware | 1.83 |
| hp | probook_450_g5_firmware | 01.20.00 |
| hp | hp_z2_small_form_factor_g5_firmware | 01.04.02 |
| hp | elitebook_x360_1020_g2_firmware | 1.41 |
| hp | probook_640_g4_firmware | 01.20.00 |
| hp | prodesk_400_g5_microtower_pc_firmware | 02.17.00 |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | 02.11.00 |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | 2.4 |
| hp | probook_650_g3_firmware | 1.41 |
| hp | probook_455_g6_firmware | 01.19.00 |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | 02.11.00 |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | 02.17.00 |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | 02.17.00 |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | 02.11.01 |
| hp | elitebook_840_g5_firmware | 01.19.00 |
| hp | probook_650_g4_firmware | 01.20.00 |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | 2.17 |
| hp | zbook_15u_g4_firmware | 1.41 |
| hp | probook_440_g6_firmware | 01.19.00 |
| hp | elitedesk_705_g3_desktop_mini_pc_firmware | 2.38 |
| hp | prodesk_680_g3_microtower_pc_firmware | 2.4 |
| hp | prodesk_600_g5_microtower_pc_firmware | 02.11.00 |
| hp | probook_455r_g6_firmware | 01.19.00 |
| hp | probook_640_g3_firmware | 1.41 |
| hp | zbook_14u_g5_firmware | 01.19.00 |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | 2.4 |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | 02.11.01 |
| hp | elitebook_x360_1030_g3_firmware | 01.19.00 |
| hp | probook_430_g5_firmware | 01.20.00 |
| hp | zbook_15_g5_firmware | 01.19.00 |
| hp | elitebook_755_g4_firmware | 1.4 |
| hp | prodesk_600_g4_microtower_pc_firmware | 02.17.00 |
| hp | elitebook_848_g4_firmware | 1.41 |
| hp | probook_430_g4_firmware | 1.41 |
| hp | hp_mt45_mobile_thin_client_firmware | 01.21.01 |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | 02.11.00 |
| hp | elitedesk_880_g5_tower_pc_firmware | 02.11.00 |
| hp | hp_z2_tower_g4_firmware | 01.08.01 |
| hp | elitebook_755_g5_firmware | 01.20.00 |
| hp | elitebook_745_g5_firmware | 01.20.00 |
| hp | zbook_15_g6_firmware | 01.12.00 |
| hp | zhan_66_pro_13_g2_firmware | 01.19.00 |
| hp | elitedesk_800_g3_tower_pc_firmware | 2.4 |
| hp | hp_z1_entry_tower_g5_firmware | 02.11.00 |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | 2.4 |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | 02.11.00 |
| hp | prodesk_680_g4_microtower_pc_firmware | 02.17.00 |
| hp | hp_z1_all-in-one_g3_firmware | 1.31 |
| hp | hp_z2_mini_g3_firmware | 1.83 |
| hp | hp_z240_tower_firmware | 1.83 |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | 02.18.00 |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | 2.4 |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | 2.4 |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | 02.11.00 |
| hp | hp_z2_small_form_factor_g4_firmware | 01.08.01 |
| hp | engage_go_10_mobile_system_firmware | 01.08.00 |
| hp | elite_dragonfly_firmware | 01.12.00 |
| hp | elitedesk_880_g3_tower_pc_firmware | 2.4 |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | 2.4 |
| hp | prodesk_400_g4_microtower_pc_firmware | 2.4 |
| hp | probook_x360_11_g4_ee_firmware | 01.13.00 |
| hp | elitebook_846_g5_firmware | 01.19.00 |
| hp | probook_440_g4_firmware | 1.41 |
| hp | zbook_15u_g6_firmware | 01.12.00 |
| hp | elitebook_745_g6_firmware | 01.19.00 |
| hp | elitebook_830_g5_firmware | 01.19.00 |
A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Denial of Service when running HP Workpath solutions on potentially affected products.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_5 | * |
A potential security vulnerability has been identified in OMEN Gaming Hub and in HP Command Center which may allow escalation of privilege and/or denial of service. HP has released software updates to mitigate the potential vulnerability.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | omen_gaming_hub | * |
| hp | command_center | * |
Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers may be vulnerable to potential information disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_5 | * |
| hp | futuresmart_4 | * |
| hp | futuresmart_3 | * |
Certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, HP PageWide Managed products may be vulnerable to potential buffer overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_5 | * |
| hp | futuresmart_4 | * |
| hp | futuresmart_3 | * |
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_fury_17_g7_firmware | * |
| hp | mp9_g4_retail_system_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | z6_g4_workstation_firmware | * |
| hp | probook_x360_11_g5_education_edition_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | 260_g3_desktop_mini_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zhan_66_pro_14_g4_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | zbook_studio_15_g8_firmware | * |
| hp | engage_flex_mini_retail_system_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g4_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_power_15_g8_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | zbook_firefly_14_g8_firmware | * |
| hp | zbook_firefly_15_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | z1_entry_tower_g6_workstation_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | z1_entry_tower_g5_workstation_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_x360_11_g7_education_edition_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | probook_x360_11_g3_education_edition_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_600_g5_microtower_pc(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | probook_x360_11_g6_education_edition_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_x360_11_g4_education_edition_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | zbook_fury_17_g8_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | zbook_fury_15_g8_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
A potential vulnerability in AMD System Management Mode (SMM) interrupt handler may allow an attacker with high privileges to access the SMM resulting in arbitrary code execution which could be used by malicious actors to bypass security mechanisms provided in the UEFI firmware.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_fury_17_g7_firmware | * |
| hp | mp9_g4_retail_system_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | z6_g4_workstation_firmware | * |
| hp | probook_x360_11_g5_education_edition_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | 260_g3_desktop_mini_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zhan_66_pro_14_g4_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | zbook_studio_15_g8_firmware | * |
| hp | engage_flex_mini_retail_system_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g4_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_power_15_g8_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | zbook_firefly_14_g8_firmware | * |
| hp | zbook_firefly_15_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | z1_entry_tower_g6_workstation_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | z1_entry_tower_g5_workstation_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_x360_11_g7_education_edition_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | probook_x360_11_g3_education_edition_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_600_g5_microtower_pc(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | probook_x360_11_g6_education_edition_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_x360_11_g4_education_edition_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | zbook_fury_17_g8_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | zbook_fury_15_g8_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_fury_17_g7_firmware | * |
| hp | mp9_g4_retail_system_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | z6_g4_workstation_firmware | * |
| hp | probook_x360_11_g5_education_edition_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | 260_g3_desktop_mini_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zhan_66_pro_14_g4_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | zbook_studio_15_g8_firmware | * |
| hp | engage_flex_mini_retail_system_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g4_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_power_15_g8_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | zbook_firefly_14_g8_firmware | * |
| hp | zbook_firefly_15_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | z1_entry_tower_g6_workstation_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | z1_entry_tower_g5_workstation_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_x360_11_g7_education_edition_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | probook_x360_11_g3_education_edition_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_600_g5_microtower_pc(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | probook_x360_11_g6_education_edition_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_x360_11_g4_education_edition_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | zbook_fury_17_g8_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | zbook_fury_15_g8_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_fury_17_g7_firmware | * |
| hp | mp9_g4_retail_system_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | z6_g4_workstation_firmware | * |
| hp | probook_x360_11_g5_education_edition_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | 260_g3_desktop_mini_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zhan_66_pro_14_g4_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | zbook_studio_15_g8_firmware | * |
| hp | engage_flex_mini_retail_system_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g4_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_power_15_g8_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | zbook_firefly_14_g8_firmware | * |
| hp | zbook_firefly_15_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | z1_entry_tower_g6_workstation_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | z1_entry_tower_g5_workstation_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_x360_11_g7_education_edition_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | probook_x360_11_g3_education_edition_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_600_g5_microtower_pc(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | probook_x360_11_g6_education_edition_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_x360_11_g4_education_edition_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | zbook_fury_17_g8_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | zbook_fury_15_g8_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_fury_17_g7_firmware | * |
| hp | mp9_g4_retail_system_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | z6_g4_workstation_firmware | * |
| hp | probook_x360_11_g5_education_edition_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | 260_g3_desktop_mini_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zhan_66_pro_14_g4_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | zbook_studio_15_g8_firmware | * |
| hp | engage_flex_mini_retail_system_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g4_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_power_15_g8_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | zbook_firefly_14_g8_firmware | * |
| hp | zbook_firefly_15_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | z1_entry_tower_g6_workstation_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | z1_entry_tower_g5_workstation_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_x360_11_g7_education_edition_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | probook_x360_11_g3_education_edition_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_600_g5_microtower_pc(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | probook_x360_11_g6_education_edition_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_x360_11_g4_education_edition_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | zbook_fury_17_g8_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | zbook_fury_15_g8_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | designjet_z6_t8w18a_firmware | * |
| hp | deskjet_2700_7fr61a_firmware | - |
| hp | color_laserjet_managed_mfp_e67550_l3u69a_firmware | - |
| hp | color_laserjet_managed_mfp_e77426_5cm75a_firmware | - |
| hp | designjet_z9_w3z71a_firmware | * |
| hp | laserjet_tank_mfp_2603_381u5a_firmware | - |
| hp | laserjet_managed_mfp_m725_cf068a_firmware | - |
| hp | laserjet_mfp_m237_6gx05a_firmware | - |
| hp | laserjet_tank_1503_2r3e1a_firmware | - |
| hp | laserjet_m207_9yf85a_firmware | - |
| hp | laserjet_pro_mfp_m29_y5s50a_firmware | - |
| hp | laserjet_managed_mfp_e62665_3gy18a_firmware | - |
| hp | scanjet_enterprise_8500_fn1_l2717a_firmware | - |
| hp | laserjet_mfp_m237_9yg09a_firmware | - |
| hp | laserjet_mfp_m141_7md70a_firmware | - |
| hp | laserjet_mfp_m131_g3q58a_firmware | - |
| hp | envy_6000_8qq97a_firmware | - |
| hp | laserjet_mfp_m233_9yf92a_firmware | - |
| hp | color_laserjet_pro_mfp_m183_7kw55a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a71a_firmware | - |
| hp | laserjet_mfp_m233e_6gx00e_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a80a_firmware | - |
| hp | deskjet_3700_2fy93a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr97a_firmware | - |
| hp | smart_tank_7000_28b54a_firmware | - |
| hp | color_laserjet_pro_mfp_m377_cf378a_firmware | - |
| hp | designjet_t1708_1vd86a_firmware | - |
| hp | smart_tank_670_28c13a_firmware | - |
| hp | deskjet_2700_7fr57a_firmware | - |
| hp | pagewide_xl_4700_4vw15f_firmware | - |
| hp | laserjet_managed_mfp_e82550_az8z20a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5cm63a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_z8z19_firmware | - |
| hp | designjet_z6_t8w16d_firmware | * |
| hp | deskjet_plus_4100_7fs87d_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87660_z8z13a_firmware | - |
| hp | officejet_pro_8030e_4kj65a_firmware | - |
| hp | color_laserjet_pro_mfp_m277_b3q10a_firmware | - |
| hp | pagewide_color_mfp_779_4pz45a_firmware | - |
| hp | laserjet_tank_1020_381v5a_firmware | - |
| hp | color_laserjet_pro_mfp_m285_7kw73a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd26h_firmware | - |
| hp | laserjet_mfp_m132_g3q62a_firmware | - |
| hp | laserjet_mfp_m236_9yf91a_firmware | - |
| hp | laserjet_m208_6gw62a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a80a_firmware | - |
| hp | laserjet_managed_mfp_e62555_j8j67a_firmware | - |
| hp | color_laserjet_pro_mfp_m280_t6b81a_firmware | - |
| hp | laserjet_m110_2u587a_firmware | - |
| hp | designjet_z9+_pro_2rm82f_firmware | - |
| hp | laserjet_pro_m403_f6j41a_firmware | - |
| hp | color_laserjet_managed_e65050_l3u57a_firmware | - |
| hp | laserjet_pro_m706_k9g91a_firmware | - |
| hp | laserjet_mfp_m234_6gx00a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z60a_firmware | - |
| hp | color_laserjet_managed_mfp_e77427_5rc91a_firmware | - |
| hp | laserjet_pro_mfp_m148_4pa41a_firmware | - |
| hp | laserjet_mfp_m139_7md74a_firmware | - |
| hp | color_laserjet_pro_mfp_m274_b3q11a_firmware | - |
| hp | laserjet_enterprise_m605_e6b69a_firmware | - |
| hp | laserjet_pro_m304_w1a46a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a75a_firmware | - |
| hp | designjet_t1700_w6b56c_firmware | * |
| hp | laserjet_mfp_m237_6gx00a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a75a_firmware | - |
| hp | color_laserjet_pro_m254_t6b63a_firmware | - |
| hp | laserjet_mfp_m232e_9yg02e_firmware | - |
| hp | laserjet_enterprise_mfp_m521pv49a_firmware | - |
| hp | laserjet_managed_mfp_e82550_z8z23a_firmware | - |
| hp | laserjet_tank_mfp_2604_381u5a_firmware | - |
| hp | color_laserjet_pro_mfp_m183_7kw57a_firmware | - |
| hp | officejet_3830_k7v37a_firmware | - |
| hp | laserjet_m207_9yf83a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs29a_firmware | - |
| hp | laserjet_enterprise_700_color_mfp_m775_l3u50a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z07a_firmware | - |
| hp | laserjet_mfp_m228_q3q75a_firmware | - |
| hp | color_laserjet_enterprise_m652_j7z99a_firmware | - |
| hp | laserjet_m204_g3q47a_firmware | - |
| hp | laserjet_mfp_m233_6gx00a_firmware | - |
| hp | color_laserjet_managed_mfp_e78224_8gs50a_firmware | - |
| hp | laserjet_m104_g3q36a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a62a_firmware | - |
| hp | laserjet_pro_mfp_m427_f6w15a_firmware | - |
| hp | deskjet_plus_4100_3xv14c_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8pe95a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd25g_firmware | - |
| hp | laserjet_m111_2u587a_firmware | - |
| hp | designjet_t1700_w6b55a_firmware | - |
| hp | laserjet_mfp_m235_6gx00a_firmware | - |
| hp | laserjet_pro_mfp_m148_4pa44a_firmware | - |
| hp | color_laserjet_enterprise_m553_b5l38a_firmware | * |
| hp | laserjet_mfp_m234_9yf97a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87650_z8z13a_firmware | - |
| hp | laserjet_mfp_m129_g3q57a_firmware | - |
| hp | laserjet_mfp_m237_9yf91a_firmware | - |
| hp | color_laserjet_m455_39z95a_firmware | * |
| hp | designjet_xl_3600_mfp_6kd25l_firmware | - |
| hp | laserjet_tank_2506_2r3e3a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_z8z22a_firmware | - |
| hp | laserjet_tank_2504_2r3e3a_firmware | - |
| hp | pagewide_xl_5200_4vw16a_firmware | - |
| hp | laserjet_managed_mfp_e82540_z8z19_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87640_z8z17a_firmware | - |
| hp | deskjet_ink_advantage_3700_t8w37a_firmware | - |
| hp | laserjet_pro_mfp_m28_y5s54a_firmware | - |
| hp | pagewide_pro_772dw_w1b31a_firmware | - |
| hp | envy_6400e_223r3a_firmware | - |
| hp | laserjet_m110e_2u584e_firmware | - |
| hp | laserjet_tank_mfp_2602_2r7f5a_firmware | - |
| hp | designjet_t1700_w6b55g_firmware | - |
| hp | laserjet_m208e_6gw62er_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5fm82a_firmware | - |
| hp | color_laserjet_managed_e65150_3gy04a_firmware | - |
| hp | laserjet_managed_mfp_e62665_3gy16a_firmware | - |
| hp | officejet_pro_9010e_257g3a_firmware | - |
| hp | laserjet_m110e_2u587e_firmware | - |
| hp | officejet_pro_6960_t0f31a_firmware | - |
| hp | designjet_z6_t8w15b_firmware | * |
| hp | laserjet_mfp_m141_7md72a_firmware | - |
| hp | laserjet_tank_mfp_1603_2r3e8a_firmware | - |
| hp | laserjet_m211e_6gw62er_firmware | - |
| hp | laserjet_mfp_m235e_6gx00e_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z010a_firmware | - |
| hp | smart_tank_790_28b97a_firmware | - |
| hp | laserjet_enterprise_m506_f2a71a_firmware | - |
| hp | laserjet_mfp_m139_7md70f_firmware | - |
| hp | laserjet_enterprise_700_color_mfp_m775_cc522a_firmware | - |
| hp | pagewide_xl_4200_4vw13a_firmware | - |
| hp | laserjet_enterprise_mfp_m527_f2a76a_firmware | - |
| hp | color_laserjet_pro_mfp_m284_7kw77a_firmware | - |
| hp | officejet_pro_8740_k7s41a_firmware | - |
| hp | laserjet_managed_mfp_m725_l3u63a_firmware | - |
| hp | color_laserjet_pro_m155_7kw50a_firmware | - |
| hp | color_laserjet_pro_mfp_m185_7kw58a_firmware | - |
| hp | pagewide_managed_p75050dn_w1b29a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67560_l3u69a_firmware | - |
| hp | color_laserjet_pro_m153_t6b54a_firmware | - |
| hp | pagewide_xl_8200_4vw18fb_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_z8z04a_firmware | - |
| hp | smart_tank_7000_2h0a6a_firmware | - |
| hp | laserjet_m111_7md68a_firmware | - |
| hp | color_laserjet_managed_mfp_e78227_8gs37a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs44a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m632_j8j70a_firmware | - |
| hp | laserjet_managed_m506_f2a67a_firmware | - |
| hp | officejet_pro_6960_t0f32a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_2gp26a_firmware | - |
| hp | officejet_pro_8710_d9l18a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5cm79a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a72a_firmware | - |
| hp | smart_tank_plus_550_3yw71a_firmware | - |
| hp | color_laserjet_pro_mfp_m185_7kw55a_firmware | - |
| hp | laserjet_tank_mfp_2603_381u1a_firmware | - |
| hp | laserjet_m212_6gw61a_firmware | - |
| hp | laserjet_m102_g3q35a_firmware | - |
| hp | laserjet_tank_2502_381v4a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd23m_firmware | - |
| hp | color_laserjet_pro_mfp_m280_t6b80a_firmware | - |
| hp | deskjet_ink_advantage_ultra_4800_25r63a_firmware | - |
| hp | envy_inspire_7900e_31k15d_firmware | - |
| hp | laserjet_mfp_m133_g3q59a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd25a_firmware | - |
| hp | laserjet_mfp_m236e_9yg05e_firmware | - |
| hp | laserjet_mfp_m237_9yf88a_firmware | - |
| hp | laserjet_managed_m605_e6b71a_firmware | - |
| hp | color_laserjet_pro_m154_t6b51a_firmware | - |
| hp | officejet_pro_8710_j6x79a_firmware | - |
| hp | laserjet_mfp_m235e_9yf91e_firmware | - |
| hp | color_laserjet_pro_m256_7kw66a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z09a_firmware | - |
| hp | laserjet_pro_200_color_mfp_m276_cf144a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_z8z00a_firmware | - |
| hp | laserjet_pro_mfp_m149_4pa41a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z09a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a72a_firmware | - |
| hp | laserjet_mfp_m229_q3q75a_firmware | - |
| hp | laserjet_mfp_m233e_6gx05e_firmware | - |
| hp | laserjet_mfp_m233_9yg02a_firmware | - |
| hp | officejet_250_l9d57a_firmware | - |
| hp | laserjet_mfp_m236e_6gx01a_firmware | - |
| hp | laserjet_mfp_m232_9yg09a_firmware | - |
| hp | color_laserjet_pro_mfp_m283_7kw76a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87660_x3a93a_firmware | - |
| hp | color_laserjet_managed_mfp_e78225_19gsaw_firmware | - |
| hp | laserjet_m111a_7md65a_firmware | - |
| hp | scanjet_enterprise_flow_n9120_fn2_l2763a_firmware | - |
| hp | color_laserjet_m552_b5l23a_firmware | * |
| hp | designjet_xl_3600_mfp_6kd26n_firmware | - |
| hp | designjet_z6_t8w18f_firmware | * |
| hp | officejet_pro_6970_j7k40a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_z8z01a_firmware | - |
| hp | color_laserjet_pro_m154_t6b46a_firmware | - |
| hp | pagewide_color_mfp_774_4pz43a_firmware | - |
| hp | color_laserjet_pro_mfp_m274_m6d61a_firmware | - |
| hp | officejet_pro_6960_t0f30a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_9rt92a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_z8z00a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a81a_firmware | - |
| hp | laserjet_tank_mfp_2604_381u6a_firmware | - |
| hp | color_laserjet_managed_flow_e77426_5rc91a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5cm66a_firmware | - |
| hp | officejet_pro_8030_3uc64a_firmware | - |
| hp | laserjet_m111e_2u587e_firmware | - |
| hp | color_laserjet_enterprise_m553_b5l27a_firmware | * |
| hp | laserjet_mfp_m237e_9yg05e_firmware | - |
| hp | laserjet_managed_e60055_m0p35a_firmware | - |
| hp | color_laserjet_pro_mfp_m281_t6b84a_firmware | - |
| hp | smart_tank_610_y0f72a_firmware | - |
| hp | color_laserjet_managed_e55040dw_3gx98a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5cm71a_firmware | - |
| hp | laserjet_m211_9yf83a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd25n_firmware | - |
| hp | laserjet_tank_2503_381v4a_firmware | - |
| hp | laserjet_enterprise_mfp_m632_j8j72a_firmware | - |
| hp | laserjet_m109_7md68a_firmware | - |
| hp | laserjet_mfp_m237e_6gx09a_firmware | - |
| hp | color_laserjet_enterprise_m553_b5l25a_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e77822_z8z0a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87650_x3a92a_firmware | - |
| hp | color_laserjet_pro_mfp_m478_w1a78a_firmware | - |
| hp | laserjet_mfp_m233_9yf89a_firmware | - |
| hp | laserjet_mfp_m232_9yf96a_firmware | - |
| hp | laserjet_mfp_m134_g3q57a_firmware | - |
| hp | pagewide_xl_3920_4vw11a_firmware | * |
| hp | laserjet_managed_mfp_e82560_x3a68a_firmware | - |
| hp | laserjet_tank_mfp_2602_381u7a_firmware | - |
| hp | laserjet_m106_g3q39a_firmware | - |
| hp | laserjet_m104_g3q37a_firmware | - |
| hp | designjet_z9_w3z71b_firmware | * |
| hp | laserjet_pro_m305_w1a46a_firmware | - |
| hp | designjet_z9_w3z71h_firmware | * |
| hp | color_laserjet_enterprise_mfp_m480_3qa55a_firmware | - |
| hp | officejet_pro_8030_5lj18a_firmware | - |
| hp | laserjet_tank_mfp_2603_381u8a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_z8z00a_firmware | - |
| hp | color_laserjet_managed_mfp_m775_cc523a_firmware | - |
| hp | laserjet_pro_m403_c5f96a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5fm81a_firmware | - |
| hp | laserjet_mfp_m235_9yf88a_firmware | - |
| hp | smart_tank_510_3yw73a_firmware | - |
| hp | laserjet_mfp_m141e_7md70e_firmware | - |
| hp | deskjet_3630_k4t96a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_2gp23a_firmware | - |
| hp | color_laserjet_managed_flow_e77425_5cm79a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62675_firmware | - |
| hp | laserjet_m110a_2u586a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd26g_firmware | - |
| hp | laserjet_managed_mfp_m725_l3u64a_firmware | - |
| hp | laserjet_enterprise_700_color_mfp_m775_cf304a_firmware | - |
| hp | laserjet_mfp_m236e_6gx00e_firmware | - |
| hp | color_laserjet_pro_m154_t6b54a_firmware | - |
| hp | laserjet_mfp_m142_7md76a_firmware | - |
| hp | laserjet_pro_m701_b6s02a_firmware | - |
| hp | laserjet_pro_m14_y5s47a_firmware | - |
| hp | smart_tank_720_28y90a_firmware | - |
| hp | color_laserjet_m578_mfp_7zu86a_firmware | * |
| hp | smart_tank_6000_2h1w1a_firmware | - |
| hp | officejet_pro_8030e_5lj15a_firmware | - |
| hp | laserjet_enterprise_m406_3pz15a_firmware | - |
| hp | deskjet_2700_5ar84a_firmware | - |
| hp | color_laserjet_managed_mfp_e77424_5rc91a_firmware | - |
| hp | envy_6000e_2k4w2a_firmware | - |
| hp | laserjet_mfp_m233_6gw71a_firmware | - |
| hp | laserjet_mfp_m236_9yf92a_firmware | - |
| hp | color_laserjet_managed_m553_b5l25a_firmware | * |
| hp | envy_inspire_7900e_31k29d_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs43a_firmware | - |
| hp | color_laserjet_managed_m553_b5l26a_firmware | * |
| hp | color_laserjet_managed_mfp_e77822_z8z05a_firmware | - |
| hp | laserjet_managed_mfp_e82550_z8z22a_firmware | - |
| hp | laserjet_mfp_m133_g3q66a_firmware | - |
| hp | laserjet_tank_mfp_2605_381v1a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_z8z01a_firmware | - |
| hp | laserjet_pro_mfp_m31_y5s50a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z66a_firmware | - |
| hp | color_laserjet_pro_mfp_m281_t6b86a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5cm69a_firmware | - |
| hp | laserjet_pro_m225_cf497a_firmware | - |
| hp | color_laserjet_pro_mfp_m283_7kw74a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a71a_firmware | - |
| hp | laserjet_tank_mfp_2605_381u2a_firmware | - |
| hp | laserjet_mfp_m140_1y7d4a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650du_5cm64a_firmware | - |
| hp | laserjet_enterprise_mfp_m635_7ps97a_firmware | - |
| hp | smart_tank_7600_28b98a_firmware | - |
| hp | smart_tank_750_28b71a_firmware | - |
| hp | color_laserjet_managed_flow_ee77426_5rc92a_firmware | - |
| hp | laserjet_mfp_m233_6gx05a_firmware | - |
| hp | officejet_6950_p4c86a_firmware | - |
| hp | laserjet_pro_m501_j8h60a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a84a_firmware | - |
| hp | deskjet_ink_advantage_3630_k4u07a_firmware | - |
| hp | officejet_pro_9020_1mr75a_firmware | - |
| hp | designjet_t1700_w6b56h_firmware | - |
| hp | laserjet_pro_m226_cf497a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87660_z8z14a_firmware | - |
| hp | laserjet_mfp_m233_9yg09a_firmware | - |
| hp | laserjet_m208_9yf83a_firmware | - |
| hp | color_laserjet_pro_mfp_m282_7kw76a_firmware | - |
| hp | laserjet_tank_mfp_2606_381u5a_firmware | - |
| hp | color_laserjet_enterprise_m751_t3u43a_firmware | - |
| hp | deskjet_2700_7fr52a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd26f_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a63a_firmware | - |
| hp | officejet_pro_6970_t0f40a_firmware | - |
| hp | laserjet_pro_m702_k9g90a_firmware | - |
| hp | smart_tank_720_28b49a_firmware | - |
| hp | color_laserjet_pro_m454_w1y40a_firmware | - |
| hp | smart_tank_7300_28b75a_firmware | - |
| hp | color_laserjet_managed_mfp_m775_cc524a_firmware | - |
| hp | deskjet_plus_4100_7fs83d_firmware | - |
| hp | officejet_pro_8020_1kr61a_firmware | - |
| hp | smart_tank_7600_2g9q9a_firmware | - |
| hp | laserjet_pro_mfp_m29_w2g57a_firmware | - |
| hp | officejet_pro_8020_5lj17a_firmware | - |
| hp | smart_tank_670_28c15a_firmware | - |
| hp | laserjet_m205_g3q46a_firmware | - |
| hp | laserjet_mfp_m236e_6gw99e_firmware | - |
| hp | smart_tank_790_4wf66a_firmware | - |
| hp | laserjet_mfp_m142_7md74a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650du_5fm80a_firmware | - |
| hp | deskjet_plus_ink_advantage_6000_5se522a_firmware | - |
| hp | designjet_z6+_pro_2qu25a_firmware | - |
| hp | officejet_pro_8020_1kr57a_firmware | - |
| hp | color_laserjet_enterprise_m855_d7p73a_firmware | - |
| hp | deskjet_ink_advantage_ultra_4800_25r65a_firmware | - |
| hp | color_laserjet_pro_m255_7kw63a_firmware | - |
| hp | color_laserjet_pro_mfp_m281_t6b83a_firmware | - |
| hp | officejet_pro_8210_d9l64a_firmware | - |
| hp | color_laserjet_managed_mfp_e67560_l3u67a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m635_7ps98a_firmware | - |
| hp | laserjet_mfp_m140_7md70a_firmware | - |
| hp | laserjet_m208_9yf82a_firmware | - |
| hp | designjet_t1700_w6b56a_firmware | - |
| hp | color_laserjet_pro_mfp_m182_7kw54a_firmware | - |
| hp | laserjet_tank_mfp_2603_381v1a_firmware | - |
| hp | laserjet_m203_g3q48a_firmware | - |
| hp | laserjet_managed_mfp_e62655_3gy15a_firmware | - |
| hp | laserjet_pro_m705_b6s02a_firmware | - |
| hp | laserjet_pro_m402_c5f93a_firmware | - |
| hp | laserjet_m207_9yf80a_firmware | - |
| hp | color_laserjet_pro_mfp_m285_7kw76a_firmware | - |
| hp | color_laserjet_managed_flow_e77423_5rc92a_firmware | - |
| hp | laserjet_mfp_m139e_7md72e_firmware | - |
| hp | laserjet_enterprise_m4555_mfp_ce738a_firmware | - |
| hp | laserjet_mfp_m228_g3q74a_firmware | - |
| hp | laserjet_pro_m403_c5f92a_firmware | - |
| hp | designjet_z9_w3z72h_firmware | * |
| hp | color_laserjet_enterprise_m856_t3u52a_firmware | - |
| hp | envy_6400e_2k5l5a_firmware | - |
| hp | color_laserjet_enterprise_m554_7zu78a_firmware | - |
| hp | laserjet_enterprise_700_color_mfp_m775_cc523a_firmware | - |
| hp | color_laserjet_managed_mfp_m775_l3u49a_firmware | - |
| hp | color_laserjet_enterprise_m554_7zu81a_firmware | - |
| hp | laserjet_enterprise_500_color_mfp_m575_cd644a_firmware | - |
| hp | designjet_xl_3600_mfp_6dh33a_firmware | - |
| hp | laserjet_m211_6gw62a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs28a_firmware | - |
| hp | laserjet_pro_m404_w1a53a_firmware | - |
| hp | color_laserjet_pro_mfp_m181_t6b71a_firmware | - |
| hp | laserjet_mfp_m134_g3q65a_firmware | - |
| hp | laserjet_mfp_m140_2u589a_firmware | - |
| hp | laserjet_mfp_m140_7md72a_firmware | - |
| hp | color_laserjet_managed_flow_e77424_5rc91a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87650_z8z17a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_2gp22a_firmware | - |
| hp | pagewide_xl_4700_4vw14h_firmware | - |
| hp | pagewide_pro_477dn_d3q19a_firmware | - |
| hp | laserjet_tank_2504_381v4a_firmware | - |
| hp | laserjet_pro_mfp_m427_1gp80a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5fm80a_firmware | - |
| hp | smart_tank_720_6uu46a_firmware | - |
| hp | pagewide_color_mfp_779_4pz46a_firmware | - |
| hp | color_laserjet_pro_m452_cf394v_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z09a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a66a_firmware | - |
| hp | designjet_z9_w3z71e_firmware | * |
| hp | deskjet_2600_y5h61a_firmware | - |
| hp | envy_6000e_223n6a_firmware | - |
| hp | envy_6400e_223r6a_firmware | - |
| hp | color_laserjet_pro_m253_t6b63a_firmware | - |
| hp | color_laserjet_pro_mfp_m180_t6b71a_firmware | - |
| hp | laserjet_pro_mfp_m429_w1a35a_firmware | - |
| hp | smart_tank_7000_28b49a_firmware | - |
| hp | deskjet_2600_6jy94a_firmware | - |
| hp | laserjet_managed_m605_e6b70a_firmware | - |
| hp | color_laserjet_pro_mfp_m274_b3q10a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a84a_firmware | - |
| hp | laserjet_managed_mfp_e52645_1ps55a_firmware | - |
| hp | laserjet_m101_g3q37a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m631_j8j65a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5fm76a_firmware | - |
| hp | laserjet_mfp_m229_g3q74a_firmware | - |
| hp | deskjet_ink_advantage_3630_k4u06a_firmware | - |
| hp | deskjet_3630_f5s48a_firmware | - |
| hp | color_laserjet_cm5525_mfp_ce707a_firmware | * |
| hp | laserjet_mfp_m234_6gw99a_firmware | - |
| hp | laserjet_mfp_m235_9yf94a_firmware | - |
| hp | laserjet_mfp_m130_g3q66a_firmware | - |
| hp | laserjet_tank_2505_2r7f4a_firmware | - |
| hp | officejet_3830_k7v38a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5cm78a_firmware | - |
| hp | color_laserjet_managed_mfp_e78224_8gs15a_firmware | - |
| hp | officejet_pro_9010_1kr48a_firmware | - |
| hp | pagewide_pro_552dw_d3q17a_firmware | - |
| hp | laserjet_tank_mfp_2606_381u0a_firmware | - |
| hp | laserjet_enterprise_mfp_m528_1pv65a_firmware | - |
| hp | laserjet_mfp_m232_6gx06a_firmware | - |
| hp | laserjet_mfp_m141_2u589f_firmware | - |
| hp | envy_6000_8qq98a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5rc88a_firmware | - |
| hp | laserjet_mfp_m234_6gx05a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z62a_firmware | - |
| hp | laserjet_tank_mfp_2605_381u1a_firmware | - |
| hp | smart_tank_plus_650_y0f72a_firmware | - |
| hp | laserjet_pro_m16_w2g53a_firmware | - |
| hp | color_laserjet_managed_mfp_e77424_5cm75a_firmware | - |
| hp | designjet_t1700_w6b56d_firmware | - |
| hp | laserjet_pro_m701_k9g90a_firmware | - |
| hp | color_laserjet_managed_mfp_e78227_17f27aw_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z011a_firmware | - |
| hp | laserjet_enterprise_500_mfp_m525f_cf118a_firmware | - |
| hp | color_laserjet_managed_e65050_l3u56a_firmware | - |
| hp | color_laserjet_pro_m453_w1y40a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd24a_firmware | - |
| hp | laserjet_m207e_6gw62e_firmware | - |
| hp | pagewide_xl_5200_4vw20h_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_x3a65a_firmware | - |
| hp | laserjet_mfp_m132_g3q65a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_7fs96b_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67550_l3u67a_firmware | - |
| hp | deskjet_3700_t8w57a_firmware | - |
| hp | smart_tank_610_3yw48a_firmware | - |
| hp | laserjet_pro_m703_b6s02a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd23h_firmware | - |
| hp | deskjet_2600_y5h59a_firmware | - |
| hp | designjet_z6_t8w16g_firmware | * |
| hp | laserjet_mfp_m232_6gx04a_firmware | - |
| hp | color_laserjet_pro_mfp_m180_t6b74a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_z8z02a_firmware | - |
| hp | color_laserjet_enterprise_m855_a2w77a_firmware | - |
| hp | color_laserjet_enterprise_m750_d3l09a_firmware | - |
| hp | laserjet_mfp_m133_g3q62a_firmware | - |
| hp | pagewide_xl_4700_4vw14g_firmware | - |
| hp | designjet_xl_3600_mfp_6kd24g_firmware | - |
| hp | pagewide_377dw_j9v80a_firmware | - |
| hp | officejet_252_n4l18c_firmware | - |
| hp | officejet_pro_8730_d9l20a_firmware | - |
| hp | officejet_pro_9010_1kr45a_firmware | - |
| hp | designjet_t1700_1vd87a_firmware | - |
| hp | color_laserjet_managed_mfp_e78226_19gsaw_firmware | - |
| hp | hp_color_laserjet_enterprise_m554_7zu79a_firmware | * |
| hp | color_laserjet_pro_m154_t6b49a_firmware | - |
| hp | laserjet_mfp_m130_g3q58a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a80a_firmware | - |
| hp | color_laserjet_managed_flow_e77426_5cm76a_firmware | - |
| hp | deskjet_ink_advantage_3630_k4u00a_firmware | - |
| hp | designjet_z9_w3z72g_firmware | * |
| hp | color_laserjet_pro_m155_7kw51a_firmware | - |
| hp | laserjet_m109a_7md67a_firmware | - |
| hp | pagewide_managed_p55250dw_j6u55b_firmware | - |
| hp | color_laserjet_enterprise_mfp_m776_t3u56a_firmware | - |
| hp | laserjet_m212e_6gw62e_firmware | - |
| hp | laserjet_enterprise_m506_f2a70a_firmware | - |
| hp | deskjet_2600_y5h65a_firmware | - |
| hp | envy_inspire_7900e_327a9a_firmware | - |
| hp | deskjet_4100e_26q91a_firmware | - |
| hp | officejet_202_n4k99c_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_19gsaw_firmware | - |
| hp | laserjet_managed_mfp_e82540du_5cm61a_firmware | - |
| hp | laserjet_mfp_m235_9yf92a_firmware | - |
| hp | laserjet_enterprise_m606_e6b73a_firmware | - |
| hp | laserjet_m103_g3q36a_firmware | - |
| hp | laserjet_m112_2u584a_firmware | - |
| hp | laserjet_tank_1502_2r7f3a_firmware | - |
| hp | laserjet_enterprise_mfp_m630_b3g86a_firmware | - |
| hp | laserjet_enterprise_600_m603_ce994a_firmware | - |
| hp | laserjet_managed_e60075_m0p33a_firmware | - |
| hp | laserjet_tank_mfp_2604_381u0a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m577_b5l46a_firmware | - |
| hp | pagewide_managed_p75050dw_w1b28a_firmware | - |
| hp | laserjet_mfp_m134_g3q68a_firmware | - |
| hp | deskjet_3630_k4t98a_firmware | - |
| hp | laserjet_mfp_m237_9yf89a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd23f_firmware | - |
| hp | laserjet_pro_m405_w1a58a_firmware | - |
| hp | deskjet_ink_advantage_3630_k4u08a_firmware | - |
| hp | deskjet_3630_v3f21a_firmware | - |
| hp | envy_6000e_2k4w1a_firmware | - |
| hp | color_laserjet_managed_mfp_e67550_l3u67a_firmware | - |
| hp | laserjet_managed_e60065_m0p40a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67560_l3u67a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_z8z05a_firmware | - |
| hp | laserjet_pro_m402_f6j43a_firmware | - |
| hp | laserjet_mfp_m132_g3q57a_firmware | - |
| hp | pagewide_xl_4200_4vw12a_firmware | * |
| hp | pagewide_managed_color_flow_mfp_e77660z_firmware | - |
| hp | color_laserjet_managed_mfp_e77423_5cm76a_firmware | - |
| hp | smart_tank_7000_28y90a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a77a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87640_x3a93a_firmware | - |
| hp | laserjet_mfp_m139_1y7d4a_firmware | - |
| hp | laserjet_m205_g3q48a_firmware | - |
| hp | officejet_pro_9020_1mr68a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_5zn99a_firmware | - |
| hp | designjet_t2600_36"_mfp_3xb77a_firmware | * |
| hp | laserjet_mfp_m141_7md69a_firmware | - |
| hp | laserjet_managed_e60175_3gy09a_firmware | - |
| hp | laserjet_mfp_m233e_6gw99e_firmware | - |
| hp | deskjet_ink_advantage_3630_k4u01a_firmware | - |
| hp | laserjet_enterprise_600_m601_ce990a_firmware | - |
| hp | pagewide_managed_color_mfp_e58650dn_l3u42a_firmware | - |
| hp | designjet_xl_3600_mfp_6dh33b_firmware | - |
| hp | laserjet_mfp_m132_g3q63a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a59a_firmware | - |
| hp | laserjet_m212_9yf83a_firmware | - |
| hp | color_laserjet_managed_mfp_e77426_5cm76a_firmware | - |
| hp | color_laserjet_pro_mfp_m182_7kw55a_firmware | - |
| hp | laserjet_tank_mfp_2605_381v0a_firmware | - |
| hp | deskjet_ink_advantage_3700_j9v87a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m681_j8a13a_firmware | - |
| hp | laserjet_m211_6gw61a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m880z_d7p70a_firmware | * |
| hp | laserjet_tank_mfp_2602_381u2a_firmware | - |
| hp | laserjet_m212_9yf84a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m682_j8a16a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_az8z20a_firmware | - |
| hp | laserjet_m106_g3q37a_firmware | - |
| hp | laserjet_mfp_m139_7md69a_firmware | - |
| hp | color_laserjet_managed_mfp_e77424_5cm78a_firmware | - |
| hp | laserjet_tank_mfp_2606_381v0a_firmware | - |
| hp | laserjet_mfp_m139_2u589a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5cm65a_firmware | - |
| hp | laserjet_mfp_m130_g3q64a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_z8z19_firmware | - |
| hp | laserjet_mfp_m130_g3q67a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5rc92a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z08a_firmware | - |
| hp | laserjet_mfp_m237e_9yf91e_firmware | - |
| hp | smart_tank_610_y0f73a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_5zn98a_firmware | - |
| hp | laserjet_mfp_m237e_9yg02e_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_7fs94b_firmware | - |
| hp | color_laserjet_managed_mfp_e78225_8gs14a_firmware | - |
| hp | color_laserjet_pro_mfp_m479_w1a80a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_x3a60a_firmware | - |
| hp | officejet_pro_8710_j6x80a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m880zm_d7p70a_firmware | * |
| hp | designjet_z6_t8w16f_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m681_j8a13a_firmware | - |
| hp | laserjet_mfp_m228_g3q78a_firmware | - |
| hp | laserjet_mfp_m141e_7md76e_firmware | - |
| hp | laserjet_managed_mfp_e82540du_5rc85a_firmware | - |
| hp | color_laserjet_pro_m153_t6b52a_firmware | - |
| hp | laserjet_mfp_m134_g3q62a_firmware | - |
| hp | color_laserjet_managed_mfp_e77427_5cm76a_firmware | - |
| hp | laserjet_mfp_m235_9yg05a_firmware | - |
| hp | laserjet_mfp_m236_9yg05a_firmware | - |
| hp | officejet_3830_k7v40a_firmware | - |
| hp | laserjet_tank_mfp_2604_2r7f5a_firmware | - |
| hp | color_laserjet_pro_mfp_m281_t6b81a_firmware | - |
| hp | laserjet_enterprise_mfp_m431_3pz56a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87650_x3a87a_firmware | - |
| hp | laserjet_mfp_m139_7md75a_firmware | - |
| hp | laserjet_pro_mfp_m31_y5s53a_firmware | - |
| hp | laserjet_mfp_m140_7md76a_firmware | - |
| hp | color_laserjet_managed_mfp_e78224_17f27aw_firmware | - |
| hp | laserjet_managed_mfp_m725_cf066a_firmware | - |
| hp | laserjet_tank_mfp_2603_381u6a_firmware | - |
| hp | laserjet_m106_g3q35a_firmware | - |
| hp | color_laserjet_managed_flow_e77425_5cm76a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs37a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a68a_firmware | - |
| hp | deskjet_ink_advantage_2700_7fr21a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a78a_firmware | - |
| hp | designjet_z9_w3z71g_firmware | * |
| hp | deskjet_2600_y5h63a_firmware | - |
| hp | laserjet_managed_m605_e6b69a_firmware | - |
| hp | laserjet_mfp_m142_7md72a_firmware | - |
| hp | laserjet_mfp_m236_9yg02a_firmware | - |
| hp | smart_tank_790_28b99a_firmware | - |
| hp | designjet_t1600_36"_3ek10a_firmware | * |
| hp | laserjet_managed_e60175_3gy10a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a72a_firmware | - |
| hp | laserjet_m109e_7md66e_firmware | - |
| hp | color_laserjet_enterprise_m855_a2w79a_firmware | - |
| hp | laserjet_pro_m14_y5s43a_firmware | - |
| hp | designjet_t1600_36"_3ek11a_firmware | * |
| hp | envy_inspire_7900e_349u4a_firmware | - |
| hp | laserjet_mfp_m232e_6gx00e_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_z8z0a_firmware | - |
| hp | smart_tank_7000_28b51a_firmware | - |
| hp | laserjet_pro_mfp_m30_y5s50a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs15a_firmware | - |
| hp | laserjet_mfp_m131_g3q62a_firmware | - |
| hp | laserjet_mfp_m235_9yf90a_firmware | - |
| hp | laserjet_mfp_m233_6gx04a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m776_t3u55a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z64a_firmware | - |
| hp | laserjet_m209e_6gw62er_firmware | - |
| hp | deskjet_ink_advantage_3700_t8w35a_firmware | - |
| hp | laserjet_pro_m405_w1a63a_firmware | - |
| hp | laserjet_enterprise_m610_7ps81a_firmware | - |
| hp | laserjet_mfp_m229_g3q76a_firmware | - |
| hp | laserjet_mfp_m140_7md71a_firmware | - |
| hp | smart_tank_plus_550_3yw70a_firmware | - |
| hp | laserjet_enterprise_m4555_mfp_ce503a_firmware | - |
| hp | deskjet_2600_v1n01a_firmware | - |
| hp | laserjet_mfp_m232_9yf92a_firmware | - |
| hp | smart_tank_790_28c03a_firmware | - |
| hp | laserjet_mfp_m235e_9yg05e_firmware | - |
| hp | laserjet_managed_mfp_e52545_3gy20a_firmware | - |
| hp | officejet_pro_6960_t0f36a_firmware | - |
| hp | laserjet_mfp_m130_g3q65a_firmware | - |
| hp | smart_tank_670_30s82a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z011a_firmware | - |
| hp | deskjet_4100e_26q96a_firmware | - |
| hp | envy_6400e_223r2a_firmware | - |
| hp | envy_inspire_7200e_349u9d_firmware | - |
| hp | color_laserjet_enterprise_m750_d3l08a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a59a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a75a_firmware | - |
| hp | laserjet_mfp_m130_g3q59a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a77a_firmware | - |
| hp | smart_tank_7000_28b55a_firmware | - |
| hp | color_laserjet_pro_mfp_m283_7kw77a_firmware | - |
| hp | laserjet_mfp_m232e_6gw99e_firmware | - |
| hp | laserjet_pro_m703_k9g90a_firmware | - |
| hp | deskjet_4100e_26q95a_firmware | - |
| hp | color_laserjet_enterprise_m555_7zu79a_firmware | - |
| hp | color_laserjet_pro_mfp_m183_7kw59a_firmware | - |
| hp | laserjet_pro_mfp_m30_y5s53a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650du_5cm65a_firmware | - |
| hp | deskjet_2600_y5h80a_firmware | - |
| hp | laserjet_enterprise_mfp_m725_cf067a_firmware | - |
| hp | laserjet_pro_m16_w2g52a_firmware | - |
| hp | laserjet_mfp_m141e_2u589e_firmware | - |
| hp | laserjet_managed_flow_mfp_m830_cf367a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_2gp23a_firmware | - |
| hp | laserjet_enterprise_m611_7ps84a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a82a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5rc90a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z07a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_2gp22a_firmware | - |
| hp | laserjet_m210_6gw62a_firmware | - |
| hp | laserjet_mfp_m232_9yf98a_firmware | - |
| hp | envy_inspire_7900e_242p9d_firmware | - |
| hp | laserjet_enterprise_m610_7ps82a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a74a_firmware | - |
| hp | laserjet_mfp_m141_7md70f_firmware | - |
| hp | laserjet_m110a_2u581a_firmware | - |
| hp | color_laserjet_pro_m255_7kw67a_firmware | - |
| hp | laserjet_pro_m16_y5s43a_firmware | - |
| hp | laserjet_pro_m17_w2g50a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62575_j8j73a_firmware | - |
| hp | color_laserjet_managed_mfp_e77423_5cm75a_firmware | - |
| hp | color_laserjet_managed_flow_e77422_5cm78a_firmware | - |
| hp | laserjet_m112e_2u587e_firmware | - |
| hp | laserjet_mfp_m141e_7md74e_firmware | - |
| hp | pagewide_managed_color_e75160_j7z06a_firmware | - |
| hp | color_laserjet_enterprise_m555_7zu81a_firmware | - |
| hp | color_laserjet_enterprise_m653_j8a04a_firmware | - |
| hp | laserjet_mfp_m235_9yg09a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_4ws36c_firmware | - |
| hp | laserjet_pro_m404_w1a56a_firmware | - |
| hp | laserjet_mfp_m140e_7md70e_firmware | - |
| hp | color_laserjet_pro_mfp_m180_t6b72a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5rc86a_firmware | - |
| hp | laserjet_m102_g3q34a_firmware | - |
| hp | laserjet_pro_mfp_m427_c5f99a_firmware | - |
| hp | laserjet_mfp_m133_g3q60a_firmware | - |
| hp | laserjet_pro_m403_c5f94a_firmware | - |
| hp | laserjet_mfp_m132_g3q66a_firmware | - |
| hp | laserjet_mfp_m233_9yg05a_firmware | - |
| hp | laserjet_pro_m405_w1a57a_firmware | - |
| hp | pagewide_xl_5200_4vw21h_firmware | - |
| hp | color_laserjet_pro_m254_t6b59a_firmware | - |
| hp | hp_color_laserjet_enterprise_m555_7zu78a_firmware | * |
| hp | envy_6400e_223r9a_firmware | - |
| hp | laserjet_mfp_m132_g3q59a_firmware | - |
| hp | laserjet_m203_g3q50a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5rc88a_firmware | - |
| hp | laserjet_enterprise_m506_f2a66a_firmware | - |
| hp | laserjet_mfp_m236e_6gx05e_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a78a_firmware | - |
| hp | color_laserjet_managed_mfp_e78224_8gs37a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a71a_firmware | - |
| hp | officejet_pro_8710_j6x77a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_z8z05a_firmware | - |
| hp | smart_tank_6000_6uu48a_firmware | - |
| hp | laserjet_pro_m17_y5s47a_firmware | - |
| hp | color_laserjet_managed_flow_e77422_5cm77a_firmware | - |
| hp | laserjet_m112_7md68a_firmware | - |
| hp | officejet_pro_6960_j7k37a_firmware | - |
| hp | laserjet_tank_mfp_2603_381u2a_firmware | - |
| hp | laserjet_pro_mfp_m30_w2g55a_firmware | - |
| hp | color_laserjet_pro_m453_w1y41a_firmware | - |
| hp | color_laserjet_pro_mfp_m282_7kw72a_firmware | - |
| hp | laserjet_pro_m403_c5j91a_firmware | - |
| hp | pagewide_xl_5200_4vw19a_firmware | - |
| hp | designjet_z9_x9d24a_firmware | * |
| hp | laserjet_managed_mfp_e82550_x3a68a_firmware | - |
| hp | deskjet_2600_y5h58a_firmware | - |
| hp | laserjet_mfp_m232_6gx05a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62575_j8j67a_firmware | - |
| hp | envy_6400e_223r1a_firmware | - |
| hp | laserjet_mfp_m132_g3q67a_firmware | - |
| hp | officejet_pro_8710_m9l70a_firmware | - |
| hp | color_laserjet_managed_m553_b5l27a_firmware | * |
| hp | color_laserjet_enterprise_m653_j8a06a_firmware | - |
| hp | color_laserjet_managed_mfp_e77427_5rc92a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650du_5cm63a_firmware | - |
| hp | color_laserjet_managed_flow_e77425_5rc91a_firmware | - |
| hp | laserjet_pro_m404_w1a60a_firmware | - |
| hp | laserjet_mfp_m236e_6gx09a_firmware | - |
| hp | laserjet_managed_mfp_e72425_5cm71a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a75a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5cm78a_firmware | - |
| hp | designjet_z6_t8w15g_firmware | * |
| hp | laserjet_m208_6gw63a_firmware | - |
| hp | laserjet_mfp_m141_2a130a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a74a_firmware | - |
| hp | officejet_pro_8030_1kr62a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z03a_firmware | - |
| hp | laserjet_mfp_m232_9yf95a_firmware | - |
| hp | designjet_z9+_pro_2rm82g_firmware | - |
| hp | laserjet_pro_m404_93m22a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z07a_firmware | - |
| hp | pagewide_managed_p75050dn_w1b28a_firmware | - |
| hp | laserjet_managed_mfp_e62655_3gy17a_firmware | - |
| hp | laserjet_mfp_m133_g3q58a_firmware | - |
| hp | officejet_pro_8710_m9l65a_firmware | - |
| hp | laserjet_pro_m16_w2g50a_firmware | - |
| hp | color_laserjet_managed_flow_e77424_5rc92a_firmware | - |
| hp | color_laserjet_pro_mfp_m479_w1a79a_firmware | - |
| hp | deskjet_plus_4100_7fs81b_firmware | - |
| hp | laserjet_mfp_m232_9yg02a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd24n_firmware | - |
| hp | officejet_managed_color_mfp_x585_b5l04a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a65a_firmware | - |
| hp | officejet_200_l9b95a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs25a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs36a_firmware | - |
| hp | color_laserjet_pro_mfp_m282_7kw75a_firmware | - |
| hp | color_laserjet_managed_mfp_e78224_8gs14a_firmware | - |
| hp | laserjet_mfp_m130_g3q57a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m880zm_d7p71a_firmware | * |
| hp | smart_tank_7300_28b76a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a68a_firmware | - |
| hp | color_laserjet_managed_mfp_e67660_3gy31a_firmware | - |
| hp | color_laserjet_pro_mfp_m180_t6b70a_firmware | - |
| hp | laserjet_pro_mfp_m426_f6w14a_firmware | - |
| hp | laserjet_enterprise_mfp_m725_cf068a_firmware | - |
| hp | laserjet_managed_mfp_m630_l3u62a_firmware | - |
| hp | officejet_pro_9010_1kr55a_firmware | - |
| hp | laserjet_mfp_m232_6gw99a_firmware | - |
| hp | laserjet_managed_e60065_m0p36a_firmware | - |
| hp | laserjet_enterprise_mfp_m636_7pt01a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87650_z8z12a_firmware | - |
| hp | laserjet_mfp_m139_2a129a_firmware | - |
| hp | color_laserjet_managed_mfp_e78226_8gs36a_firmware | - |
| hp | smart_tank_7000_28b52a_firmware | - |
| hp | officejet_250_n4l17a_firmware | - |
| hp | envy_inspire_7900e_242p7d_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87660_z8z16a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a82a_firmware | - |
| hp | laserjet_pro_m201_cf466a_firmware | - |
| hp | laserjet_mfp_m139_7md71a_firmware | - |
| hp | smart_tank_plus_550_3yw74a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd26a_firmware | - |
| hp | laserjet_managed_mfp_m527_f2a80a_firmware | - |
| hp | deskjet_ink_advantage_3630_k4t99a_firmware | - |
| hp | laserjet_mfp_m230_g3q76a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8pe98a_firmware | - |
| hp | color_laserjet_pro_mfp_m280_t6b84a_firmware | - |
| hp | laserjet_mfp_m140_2a129a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m681_j8a11a_firmware | - |
| hp | deskjet_2700_5ar83a_firmware | - |
| hp | laserjet_mfp_m230_g3q79a_firmware | - |
| hp | designjet_t1708_1vd84a_firmware | - |
| hp | color_laserjet_managed_mfp_e67560_l3u66a_firmware | - |
| hp | color_laserjet_pro_mfp_m181_t6b74a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5rc92a_firmware | - |
| hp | officejet_pro_8210_j3p68a_firmware | - |
| hp | deskjet_ink_advantage_2700_4ws04a_firmware | - |
| hp | officejet_pro_8710_k7s37a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a68a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_z8z06a_firmware | - |
| hp | designjet_t1708_1vd85a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr99a_firmware | - |
| hp | officejet_pro_8210_j3p65a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd24m_firmware | - |
| hp | color_laserjet_managed_mfp_e78224_19gsaw_firmware | - |
| hp | laserjet_managed_mfp_e82540_z8z18a_firmware | - |
| hp | laserjet_pro_mfp_m149_4pa43a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5cm72a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67550_l3u70a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a77a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_z8z01a_firmware | - |
| hp | smart_tank_plus_650_7xv38a_firmware | - |
| hp | laserjet_pro_m17_w2g51a_firmware | - |
| hp | deskjet_2600_y5h69a_firmware | - |
| hp | laserjet_mfp_m237_9yf95a_firmware | - |
| hp | deskjet_3700_t8w54a_firmware | - |
| hp | color_laserjet_managed_mfp_e78225_8gs37a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z66a_firmware | - |
| hp | color_laserjet_managed_flow_e77424_5cm77a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z09a_firmware | - |
| hp | laserjet_m109a_2u586a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650du_5rc86a_firmware | - |
| hp | pagewide_managed_color_p75250_y3z49a_firmware | * |
| hp | color_laserjet_pro_m254_t6b61a_firmware | - |
| hp | laserjet_enterprise_mfp_m527_f2a77a_firmware | - |
| hp | deskjet_3700_1lu12a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_9rt92a_firmware | - |
| hp | laserjet_managed_mfp_e62555_j8j66a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z011a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a83a_firmware | - |
| hp | laserjet_m211e_6gw62e_firmware | - |
| hp | laserjet_mfp_m237e_6gx09e_firmware | - |
| hp | color_laserjet_pro_m255_7kw68a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62555_j8j67a_firmware | - |
| hp | laserjet_m105_g3q34a_firmware | - |
| hp | laserjet_mfp_m131_g3q59a_firmware | - |
| hp | laserjet_mfp_m235_9yf91a_firmware | - |
| hp | laserjet_m112a_7md67a_firmware | - |
| hp | pagewide_pro_452dw_d3q16a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5cm79a_firmware | - |
| hp | laserjet_enterprise_m612_7ps86a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a77a_firmware | - |
| hp | laserjet_tank_mfp_2605_381u9a_firmware | - |
| hp | envy_6000_5se20a_firmware | - |
| hp | smart_tank_750_6uu47a_firmware | - |
| hp | laserjet_managed_flow_mfp_m525_l3u59a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a69a_firmware | - |
| hp | laserjet_m211_9yf85a_firmware | - |
| hp | laserjet_managed_mfp_m725_cf067a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m680_cz249a_firmware | - |
| hp | laserjet_enterprise_600_m602_ce992a_firmware | - |
| hp | laserjet_m209_9yf84a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m680_cz250a_firmware | - |
| hp | color_laserjet_managed_flow_e77424_5cm79a_firmware | - |
| hp | deskjet_ink_advantage_3700_4sc29a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a62a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z08a_firmware | - |
| hp | laserjet_enterprise_m608_k0q17a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62565_j8j73a_firmware | - |
| hp | laserjet_m111e_7md68e_firmware | - |
| hp | laserjet_managed_m506_f2a69a_firmware | - |
| hp | laserjet_enterprise_mfp_m631_j8j64a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z010a_firmware | - |
| hp | laserjet_m212_9yf85a_firmware | - |
| hp | deskjet_ink_advantage_3700_j9v88a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs12a_firmware | - |
| hp | designjet_t1700_w6b55c_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5rc86a_firmware | - |
| hp | color_laserjet_enterprise_m651_cz255a_firmware | * |
| hp | laserjet_m210_9yf83a_firmware | - |
| hp | color_laserjet_pro_mfp_m285_7kw78a_firmware | - |
| hp | laserjet_enterprise_m507_1pv87a_firmware | - |
| hp | laserjet_managed_mfp_e82550du_5cm59a_firmware | - |
| hp | laserjet_mfp_m236_9yf98a_firmware | - |
| hp | laserjet_m111a_2u586a_firmware | - |
| hp | deskjet_4100e_26q91b_firmware | - |
| hp | officejet_pro_9020_1mr67a_firmware | - |
| hp | smart_tank_7000_28b79a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a79a_firmware | - |
| hp | color_laserjet_managed_flow_e77426_5cm79a_firmware | - |
| hp | laserjet_mfp_m234_9yf88a_firmware | - |
| hp | color_laserjet_pro_mfp_m283_7kw72a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650du_5rc87a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_z8z02a_firmware | - |
| hp | laserjet_tank_mfp_2602_381u0a_firmware | - |
| hp | color_laserjet_managed_flow_e77426_5cm77a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd26m_firmware | - |
| hp | laserjet_tank_1502_2r3e1a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a79a_firmware | - |
| hp | laserjet_pro_200_m251_cf147a_firmware | - |
| hp | color_laserjet_pro_mfp_m285_7kw72a_firmware | - |
| hp | deskjet_ink_advantage_3830_f5r97a_firmware | - |
| hp | laserjet_pro_200_color_mfp_m276_cf145a_firmware | - |
| hp | color_laserjet_enterprise_m750_d3l10a_firmware | - |
| hp | laserjet_mfp_m237_6gx06a_firmware | - |
| hp | laserjet_managed_e60055_m0p36a_firmware | - |
| hp | laserjet_mfp_m233e_6gx09e_firmware | - |
| hp | laserjet_enterprise_mfp_m633_j8j76a_firmware | - |
| hp | laserjet_tank_1503_2r3e2a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5cm77a_firmware | - |
| hp | laserjet_m209e_6gw62e_firmware | - |
| hp | laserjet_m101_g3q35a_firmware | - |
| hp | laserjet_managed_mfp_m725_cf069a_firmware | - |
| hp | pagewide_enterprise_color_556_g1w47a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87640_z8z16a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a82a_firmware | - |
| hp | laserjet_mfp_m237_9yg11a_firmware | - |
| hp | laserjet_pro_mfp_m31_w2g54a_firmware | - |
| hp | laserjet_pro_m404_w1a57a_firmware | - |
| hp | deskjet_2700_5ar85a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a63a_firmware | - |
| hp | laserjet_mfp_m142_2a130a_firmware | - |
| hp | laserjet_mfp_m140e_7md76e_firmware | - |
| hp | color_laserjet_pro_mfp_m183_7kw56a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd24l_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z08a_firmware | - |
| hp | laserjet_pro_m402_g3v21a_firmware | - |
| hp | smart_tank_720_28b50a_firmware | - |
| hp | laserjet_tank_mfp_1603_381l0a_firmware | - |
| hp | color_laserjet_managed_mfp_e78225_17f27aw_firmware | - |
| hp | color_laserjet_managed_e65050_l3u55a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m634_7ps94a_firmware | - |
| hp | pagewide_color_755_4pz47a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_z8z00a_firmware | - |
| hp | laserjet_managed_e60155_3gy10a_firmware | - |
| hp | laserjet_pro_mfp_m28_w2g56a_firmware | - |
| hp | designjet_z6_t8w18c_firmware | * |
| hp | color_laserjet_pro_mfp_m277_m6d61a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_z8z18a_firmware | - |
| hp | laserjet_pro_m404_w1a58a_firmware | - |
| hp | smart_tank_plus_650_3yw51a_firmware | - |
| hp | designjet_z9_x9d24c_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e77830_z8z05a_firmware | - |
| hp | laserjet_m112a_7md65a_firmware | - |
| hp | deskjet_ink_advantage_2600_v1n02a_firmware | - |
| hp | laserjet_pro_m202_cf467a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr94a_firmware | - |
| hp | laserjet_enterprise_mfp_m528_1pv67a_firmware | - |
| hp | color_laserjet_cm5525_mfp_ce708a_firmware | * |
| hp | laserjet_tank_mfp_2602_381u9a_firmware | - |
| hp | laserjet_tank_mfp_2603_381u9a_firmware | - |
| hp | color_laserjet_pro_m252_b4a21a_firmware | - |
| hp | laserjet_mfp_m234e_6gx02e_firmware | - |
| hp | laserjet_enterprise_500_color_m551_cf082a_firmware | - |
| hp | laserjet_mfp_m235e_6gx09e_firmware | - |
| hp | laserjet_tank_mfp_1602_2r3e8a_firmware | - |
| hp | laserjet_tank_2505_2r3e3a_firmware | - |
| hp | laserjet_pro_m703_b6s01a_firmware | - |
| hp | smart_tank_610_y0f71a_firmware | - |
| hp | laserjet_managed_mfp_m527_f2a79a_firmware | - |
| hp | color_laserjet_enterprise_m651_cz257a_firmware | * |
| hp | color_laserjet_pro_mfp_m478_w1a75a_firmware | - |
| hp | color_laserjet_pro_mfp_m282_7kw79a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a69a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m830_l3u65a_firmware | - |
| hp | smart_tank_720_28b52a_firmware | - |
| hp | laserjet_mfp_m232_9yf90a_firmware | - |
| hp | color_laserjet_managed_e75245_t3u64a_firmware | - |
| hp | color_laserjet_managed_mfp_m680_firmware | - |
| hp | laserjet_m206_g3q47a_firmware | - |
| hp | laserjet_managed_mfp_e82550du_5cm61a_firmware | - |
| hp | laserjet_m109_2u587a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a59a_firmware | - |
| hp | designjet_t1700_1vd87f_firmware | * |
| hp | pagewide_xl_5200_4vw20f_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m880z_d7p71a_firmware | * |
| hp | color_laserjet_managed_mfp_e78226_8gs14a_firmware | - |
| hp | laserjet_mfp_m234_9yf96a_firmware | - |
| hp | color_laserjet_pro_m254_t6b64a_firmware | - |
| hp | officejet_pro_8030_5lj19a_firmware | - |
| hp | color_laserjet_pro_mfp_m185_7kw59a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs36a_firmware | - |
| hp | laserjet_pro_m703_k9g91a_firmware | - |
| hp | smart_tank_790_28b98a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87660_x3a87a_firmware | - |
| hp | laserjet_enterprise_m507_1pv89a_firmware | - |
| hp | laserjet_mfp_m132_g3q68a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr96a_firmware | - |
| hp | laserjet_managed_e60075_m0p39a_firmware | - |
| hp | officejet_6950_p4c85a_firmware | - |
| hp | laserjet_pro_mfp_m428_w1a35a_firmware | - |
| hp | laserjet_mfp_m140_7md75a_firmware | - |
| hp | laserjet_pro_mfp_m428_w1a32a_firmware | - |
| hp | deskjet_4100e_26q92b_firmware | - |
| hp | color_laserjet_managed_mfp_e78227_8gs12a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs29a_firmware | - |
| hp | laserjet_mfp_m236_9yf89a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_z8z00a_firmware | - |
| hp | laserjet_pro_mfp_m29_y5s55a_firmware | - |
| hp | laserjet_mfp_m142_1y7d4a_firmware | - |
| hp | color_laserjet_managed_mfp_e78227_8gs50a_firmware | - |
| hp | designjet_t1700_1vd88f_firmware | * |
| hp | laserjet_pro_m304_w1a66a_firmware | - |
| hp | envy_inspire_7900e_2h2p0d_firmware | - |
| hp | color_laserjet_pro_mfp_m185_7kw54a_firmware | - |
| hp | laserjet_mfp_m237_9yf97a_firmware | - |
| hp | laserjet_mfp_m129_g3q67a_firmware | - |
| hp | color_laserjet_managed_flow_e77422_5rc92a_firmware | - |
| hp | laserjet_m111a_2u581a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a83a_firmware | - |
| hp | color_laserjet_m578_mfp_7zu85a_firmware | * |
| hp | laserjet_managed_mfp_e82560_x3a69a_firmware | - |
| hp | designjet_z9+_pro_2rm82a_firmware | - |
| hp | laserjet_m103_g3q39a_firmware | - |
| hp | laserjet_pro_m402_c5f96a_firmware | - |
| hp | laserjet_m110e_2u582e_firmware | - |
| hp | pagewide_xl_5200_4vw17a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd25f_firmware | - |
| hp | laserjet_m110e_7md68e_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m880z_l3u51a_firmware | * |
| hp | color_laserjet_managed_mfp_flow_e87640_x3a92a_firmware | - |
| hp | deskjet_ink_advantage_3630_k4u02a_firmware | - |
| hp | laserjet_mfp_m232e_6gx09e_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a83a_firmware | - |
| hp | color_laserjet_managed_flow_e77422_5rc91a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_z8z23a_firmware | - |
| hp | deskjet_3630_v3f22a_firmware | - |
| hp | color_laserjet_managed_mfp_e77423_5rc92a_firmware | - |
| hp | laserjet_pro_m704_k9g90a_firmware | - |
| hp | deskjet_plus_4100_7mr23a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z63a_firmware | - |
| hp | officejet_pro_9020_1mr76a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z13a_firmware | - |
| hp | officejet_enterprise_color_mfp_x585_b5l04a_firmware | - |
| hp | deskjet_ink_advantage_ultra_4800_25r67a_firmware | - |
| hp | laserjet_mfp_m234e_6gx01a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs13a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m680_ca251a_firmware | - |
| hp | laserjet_m104_g3q35a_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_586z_g1w41a_firmware | - |
| hp | laserjet_managed_mfp_e72530_x3a62a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a63a_firmware | - |
| hp | laserjet_tank_mfp_2604_381u2a_firmware | - |
| hp | laserjet_mfp_m233_9yf91a_firmware | - |
| hp | smart_tank_7300_28b71a_firmware | - |
| hp | laserjet_mfp_m234e_9yg05e_firmware | - |
| hp | designjet_t1700_w6b56e_firmware | - |
| hp | color_laserjet_pro_mfp_m285_7kw77a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62575_j8j79a_firmware | - |
| hp | laserjet_mfp_m237_9yg05a_firmware | - |
| hp | laserjet_m208_9yf84a_firmware | - |
| hp | designjet_t2600_36"_mfp_3ek15a_firmware | * |
| hp | color_laserjet_managed_e65060_l3u57a_firmware | - |
| hp | smart_tank_510_1tj11a_firmware | - |
| hp | smart_tank_6000_28c12a_firmware | - |
| hp | laserjet_enterprise_mfp_m632_j8j71a_firmware | - |
| hp | laserjet_mfp_m232_9yf88a_firmware | - |
| hp | deskjet_4100e_26q93b_firmware | - |
| hp | smart_tank_670_2h5s3a_firmware | - |
| hp | laserjet_managed_flow_mfp_m630_p7z48a_firmware | - |
| hp | laserjet_pro_mfp_m149_4pa44a_firmware | - |
| hp | color_laserjet_pro_m256_7kw63a_firmware | - |
| hp | designjet_z9_w3z72a_firmware | * |
| hp | laserjet_managed_mfp_flow_e62575_j8j80a_firmware | - |
| hp | deskjet_2700_7fr53a_firmware | - |
| hp | laserjet_enterprise_500_color_mfp_m575_cd645a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a82a_firmware | - |
| hp | officejet_pro_8035e_1l0h8a_firmware | - |
| hp | color_laserjet_pro_m253_t6b60a_firmware | - |
| hp | laserjet_managed_color_flow_mfp_m575_l3u46a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a65a_firmware | - |
| hp | officejet_7110_h812a_firmware | - |
| hp | laserjet_mfp_m133_g3q67a_firmware | - |
| hp | color_laserjet_pro_mfp_m182_7kw57a_firmware | - |
| hp | designjet_z6_t8w15h_firmware | * |
| hp | laserjet_managed_mfp_e82560du_5rc85a_firmware | - |
| hp | deskjet_plus_4100_7fs74d_firmware | - |
| hp | laserjet_managed_mfp_e72425_5rc90a_firmware | - |
| hp | laserjet_m209_6gw63a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_7fs97b_firmware | - |
| hp | color_laserjet_managed_flow_e77423_5cm76a_firmware | - |
| hp | designjet_t1700_w6b55f_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e77825_z8z04a_firmware | - |
| hp | laserjet_mfp_m132_g3q58a_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z07a_firmware | - |
| hp | laserjet_managed_e60075_m0p36a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_z8z07a_firmware | - |
| hp | laserjet_mfp_m234e_9yg02e_firmware | - |
| hp | officejet_pro_8030e_3uc66a_firmware | - |
| hp | pagewide_managed_p55250dw_j6u51b_firmware | - |
| hp | laserjet_enterprise_m608_k0q18a_firmware | - |
| hp | laserjet_m212_9yf80a_firmware | - |
| hp | envy_6000_8qq99a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m776_t3u55a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m682_j8a17a_firmware | - |
| hp | laserjet_mfp_m234_6gx03a_firmware | - |
| hp | color_laserjet_pro_mfp_m377_cf379a_firmware | - |
| hp | laserjet_pro_mfp_m28_w2g54a_firmware | - |
| hp | laserjet_mfp_m140_7md74a_firmware | - |
| hp | laserjet_tank_mfp_2606_2r3f0a_firmware | - |
| hp | laserjet_mfp_m232e_6gx02e_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a77a_firmware | - |
| hp | envy_6000e_2k4v8a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m527z_firmware | - |
| hp | deskjet_4100e_26q93a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_z5g77a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_z8z02a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd24h_firmware | - |
| hp | color_laserjet_pro_mfp_m181_t6b75a_firmware | - |
| hp | laserjet_managed_mfp_e42540_3pz75a_firmware | - |
| hp | color_laserjet_pro_m256_7kw67a_firmware | - |
| hp | officejet_pro_8035e_1l0h7a_firmware | - |
| hp | pagewide_managed_p77740dw_w1b33a_firmware | - |
| hp | laserjet_m210_6gw63a_firmware | - |
| hp | laserjet_tank_mfp_2606_381u2a_firmware | - |
| hp | smart_tank_750_28b75a_firmware | - |
| hp | color_laserjet_managed_mfp_e78226_8gs43a_firmware | - |
| hp | smart_tank_7000_28b72a_firmware | - |
| hp | laserjet_m209_9yf80a_firmware | - |
| hp | deskjet_2700e_26k67a_firmware | - |
| hp | laserjet_m210_9yf80a_firmware | - |
| hp | officejet_pro_9020_1mr66a_firmware | - |
| hp | laserjet_mfp_m141e_7md72e_firmware | - |
| hp | deskjet_2600_5sf02a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8pe95a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_19gsaw_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z010a_firmware | - |
| hp | envy_inspire_7900e_31k30d_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs14a_firmware | - |
| hp | deskjet_2600_y5h67a_firmware | - |
| hp | laserjet_m103_g3q34a_firmware | - |
| hp | smart_tank_670_6uu48a_firmware | - |
| hp | smart_tank_plus_550_4sb23a_firmware | - |
| hp | laserjet_pro_m701_k9g91a_firmware | - |
| hp | laserjet_tank_1504_2r3e1a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a81a_firmware | - |
| hp | laserjet_pro_m16_y5s47a_firmware | - |
| hp | laserjet_tank_1504_2r7f3a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z06a_firmware | - |
| hp | laserjet_pro_m305_w1a66a_firmware | - |
| hp | laserjet_managed_e60155_3gy09a_firmware | - |
| hp | laserjet_mfp_m232_9yf91a_firmware | - |
| hp | laserjet_pro_mfp_m29_w2g56a_firmware | - |
| hp | laserjet_m210_9yf82a_firmware | - |
| hp | laserjet_enterprise_600_m602_ce991a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a66a_firmware | - |
| hp | deskjet_3700_t8w92a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87640_z8z12a_firmware | - |
| hp | officejet_pro_8710_t0g48a_firmware | - |
| hp | color_laserjet_pro_mfp_m183_7kw54a_firmware | - |
| hp | color_laserjet_pro_m255_7kw65a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_9rt91a_firmware | - |
| hp | color_laserjet_pro_mfp_m183_7kw58a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m577_b5l48a_firmware | - |
| hp | designjet_xl_3600_mfp_2yb64a_firmware | - |
| hp | pagewide_xl_5200_4vw19h_firmware | - |
| hp | laserjet_m101_g3q34a_firmware | - |
| hp | designjet_z6_t8w15c_firmware | * |
| hp | laserjet_pro_m701_b6s00a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_z8z23a_firmware | - |
| hp | laserjet_m102_g3q36a_firmware | - |
| hp | color_laserjet_pro_m154_t6b47a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j79a_firmware | - |
| hp | envy_inspire_7200e_349u8d_firmware | - |
| hp | laserjet_managed_e60165_3gy10a_firmware | - |
| hp | color_laserjet_pro_m153_t6b51a_firmware | - |
| hp | designjet_z6_t8w18e_firmware | * |
| hp | laserjet_tank_2503_2r7f4a_firmware | - |
| hp | laserjet_pro_m201_cf456a_firmware | - |
| hp | smart_tank_7600_28c02a_firmware | - |
| hp | officejet_pro_8740_d9l21a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z68a_firmware | - |
| hp | laserjet_managed_e60075_m0p35a_firmware | - |
| hp | laserjet_mfp_m139_7md70a_firmware | - |
| hp | laserjet_enterprise_m806_cz244a_firmware | - |
| hp | laserjet_pro_m14_w2g53a_firmware | - |
| hp | smart_tank_790_28c02a_firmware | - |
| hp | designjet_z9_x9d24f_firmware | * |
| hp | laserjet_m106_g3q36a_firmware | - |
| hp | laserjet_mfp_m234_9yg09a_firmware | - |
| hp | deskjet_ink_advantage_3700_t8w36a_firmware | - |
| hp | designjet_t1600_36"_3ek08a_firmware | * |
| hp | deskjet_plus_4100_7fs76a_firmware | - |
| hp | laserjet_pro_m402_c5f94a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_5zn99a_firmware | - |
| hp | smart_tank_610_y0f74a_firmware | - |
| hp | pagewide_xl_4700_4vw15a_firmware | - |
| hp | smart_tank_670_2h0b9a_firmware | - |
| hp | laserjet_mfp_m233_9yf88a_firmware | - |
| hp | pagewide_managed_color_mfp_p77440_y3z60a_firmware | - |
| hp | officejet_pro_8710_m9l67a_firmware | - |
| hp | laserjet_enterprise_m4555_mfp_ce502a_firmware | - |
| hp | laserjet_pro_mfp_m29_y5s54a_firmware | - |
| hp | laserjet_m207_6gw63a_firmware | - |
| hp | laserjet_tank_mfp_2604_381u7a_firmware | - |
| hp | laserjet_tank_mfp_2602_381v1a_firmware | - |
| hp | laserjet_pro_mfp_m427_f6w14a_firmware | - |
| hp | laserjet_tank_2505_381v4a_firmware | - |
| hp | deskjet_3700_t8w59a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87640_x3a90a_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z08a_firmware | - |
| hp | deskjet_plus_4100_7fs88d_firmware | - |
| hp | deskjet_plus_4100_3xv14b_firmware | - |
| hp | laserjet_pro_mfp_m428_w1a30a_firmware | - |
| hp | laserjet_managed_flow_mfp_m630_l3u61a_firmware | - |
| hp | laserjet_pro_mfp_m149_4pa42a_firmware | - |
| hp | smart_tank_7600_28b96a_firmware | - |
| hp | laserjet_mfp_m234_6gw71a_firmware | - |
| hp | laserjet_m109a_7md65a_firmware | - |
| hp | officejet_pro_8740_k7s39a_firmware | - |
| hp | laserjet_mfp_m235e_9yg02e_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr99a_firmware | - |
| hp | color_laserjet_enterprise_m856_t3u51a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a78a_firmware | - |
| hp | deskjet_3700_t8w88a_firmware | - |
| hp | color_laserjet_managed_flow_e67650_3gy32a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr97a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_x3a66a_firmware | - |
| hp | laserjet_mfp_m129_g3q59a_firmware | - |
| hp | laserjet_pro_mfp_m148_4pa43a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m680_cz248a_firmware | - |
| hp | color_laserjet_pro_m154_t6b50a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_17f27aw_firmware | - |
| hp | laserjet_mfp_m232e_9yf91e_firmware | - |
| hp | laserjet_mfp_m139e_7md74e_firmware | - |
| hp | laserjet_m209_9yf83a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87660_z8z15a_firmware | - |
| hp | color_laserjet_pro_m452_cf394a_firmware | - |
| hp | officejet_pro_9020_1mr72a_firmware | - |
| hp | color_laserjet_pro_m252_b4a22a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87660_z8z17a_firmware | - |
| hp | officejet_pro_9010_3uk83a_firmware | - |
| hp | laserjet_tank_mfp_2605_2r7f5a_firmware | - |
| hp | designjet_xl_3600_mfp_2yb64c_firmware | - |
| hp | laserjet_managed_mfp_e62655_3gy16a_firmware | - |
| hp | color_laserjet_pro_m453_w1y46a_firmware | - |
| hp | laserjet_m109e_2u582e_firmware | - |
| hp | color_laserjet_managed_flow_e67650_3gy31a_firmware | - |
| hp | color_laserjet_managed_flow_e77422_5cm76a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs01a_firmware | - |
| hp | laserjet_m112a_2u586a_firmware | - |
| hp | color_laserjet_managed_mfp_e78225_8gs12a_firmware | - |
| hp | color_laserjet_pro_mfp_m182_7kw58a_firmware | - |
| hp | designjet_z6_t8w18g_firmware | * |
| hp | laserjet_managed_mfp_e82550_z8z19_firmware | - |
| hp | officejet_8010e_228f5a_firmware | - |
| hp | deskjet_ink_advantage_3700_dt61a_firmware | - |
| hp | laserjet_pro_m14_w2g50a_firmware | - |
| hp | color_laserjet_managed_m651_cz257a_firmware | * |
| hp | pagewide_managed_color_mfp_p77940_y3z62a_firmware | - |
| hp | laserjet_pro_mfp_m426_f6w19a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_5zn01a_firmware | - |
| hp | laserjet_tank_mfp_1604_2r3e8a_firmware | - |
| hp | laserjet_pro_m521_a8p79a_firmware | - |
| hp | designjet_t1700_1vd88a_firmware | * |
| hp | pagewide_managed_color_mfp_p77940_2gp25a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a81a_firmware | - |
| hp | laserjet_mfp_m129_g3q63a_firmware | - |
| hp | color_laserjet_managed_m651_h0dc9a_firmware | * |
| hp | laserjet_managed_flow_mfp_e72530_z8z010a_firmware | - |
| hp | laserjet_mfp_m235e_6gx01a_firmware | - |
| hp | laserjet_mfp_m232e_6gx05e_firmware | - |
| hp | color_laserjet_enterprise_mfp_m681_j8a12a_firmware | - |
| hp | laserjet_mfp_m234_9yf94a_firmware | - |
| hp | laserjet_mfp_m233e_6gx01a_firmware | - |
| hp | laserjet_mfp_m130_g3q60a_firmware | - |
| hp | laserjet_pro_m402_c5f95a_firmware | - |
| hp | color_laserjet_pro_m153_t6b48a_firmware | - |
| hp | laserjet_mfp_m134_g3q64a_firmware | - |
| hp | color_laserjet_pro_mfp_m281_t6b80a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_z8z18a_firmware | - |
| hp | laserjet_mfp_m234e_6gw99e_firmware | - |
| hp | deskjet_2600_4uj28a_firmware | - |
| hp | color_laserjet_managed_mfp_e77425_5rc91a_firmware | - |
| hp | laserjet_mfp_m233_9yf90a_firmware | - |
| hp | laserjet_mfp_m141_2u589a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z06a_firmware | - |
| hp | laserjet_m209_6gw62a_firmware | - |
| hp | laserjet_mfp_m142_7md71a_firmware | - |
| hp | laserjet_mfp_m235_9yf97a_firmware | - |
| hp | laserjet_m109a_2u581a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8pe94a_firmware | - |
| hp | smart_tank_670_2h1w2a_firmware | - |
| hp | laserjet_pro_m402_f6j44a_firmware | - |
| hp | laserjet_pro_mfp_m429_w1a29a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a83a_firmware | - |
| hp | designjet_t1600_36"_3ek11f_firmware | * |
| hp | laserjet_managed_mfp_e62555_j8j80a_firmware | - |
| hp | smart_tank_510_4sb23a_firmware | - |
| hp | color_laserjet_managed_mfp_m775_cc522a_firmware | - |
| hp | color_laserjet_enterprise_m555_7zu78a_firmware | - |
| hp | laserjet_mfp_m235_6gx06a_firmware | - |
| hp | officejet_8010_1kr69a_firmware | - |
| hp | laserjet_m111_2u582a_firmware | - |
| hp | laserjet_mfp_m131_g3q63a_firmware | - |
| hp | laserjet_m106_g3q34a_firmware | - |
| hp | laserjet_mfp_m233_9yf96a_firmware | - |
| hp | laserjet_pro_m225_c6n23a_firmware | - |
| hp | laserjet_managed_mfp_m630_p7z48a_firmware | - |
| hp | laserjet_pro_m16_w2g51a_firmware | - |
| hp | laserjet_enterprise_m608_m0p32a_firmware | - |
| hp | laserjet_mfp_m237_9yf98a_firmware | - |
| hp | laserjet_pro_m405_w1a59a_firmware | - |
| hp | laserjet_mfp_m142_7md70a_firmware | - |
| hp | color_laserjet_managed_m651_l8z07a_firmware | * |
| hp | color_laserjet_pro_m253_t6b56a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m577_b5l54a_firmware | - |
| hp | laserjet_mfp_m237_6gw99a_firmware | - |
| hp | laserjet_mfp_m130_g3q68a_firmware | - |
| hp | smart_tank_plus_650_y0f74a_firmware | - |
| hp | smart_tank_7600_4wf66a_firmware | - |
| hp | pagewide_managed_p77760z_w1b38a_firmware | - |
| hp | laserjet_mfp_m236_6gx00a_firmware | - |
| hp | laserjet_managed_mfp_e82550du_5cm58a_firmware | - |
| hp | laserjet_mfp_m236_9yg08a_firmware | - |
| hp | laserjet_enterprise_m612_7ps88a_firmware | - |
| hp | color_laserjet_managed_mfp_e67650_3gy31a_firmware | - |
| hp | smart_tank_plus_550_1tj12a_firmware | - |
| hp | laserjet_pro_mfp_m31_w2g55a_firmware | - |
| hp | smart_tank_510_1tj09a_firmware | - |
| hp | color_laserjet_pro_mfp_m283_7kw78a_firmware | - |
| hp | color_laserjet_managed_flow_e77423_5rc91a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m634_7ps96a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5cm64a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs28a_firmware | - |
| hp | officejet_pro_6970_t0f39a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a60a_firmware | - |
| hp | laserjet_mfp_m131_g3q68a_firmware | - |
| hp | laserjet_mfp_m236e_9yg02e_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e57540_3gy26a_firmware | - |
| hp | officejet_pro_6230_e3e03a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a82a_firmware | - |
| hp | laserjet_enterprise_m507_1pv86a_firmware | - |
| hp | deskjet_3700_j9v86a_firmware | - |
| hp | laserjet_managed_e60055_m0p39a_firmware | - |
| hp | color_laserjet_managed_mfp_e77425_5cm77a_firmware | - |
| hp | laserjet_enterprise_mfp_m630_b3g84a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_7fs98b_firmware | - |
| hp | color_laserjet_managed_mfp_e77426_5rc91a_firmware | - |
| hp | pagewide_managed_p57750dw_multifunction_printer_j9v82a_firmware | * |
| hp | color_laserjet_pro_mfp_m181_t6b73a_firmware | - |
| hp | designjet_t1700_w6b55d_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5cm66a_firmware | - |
| hp | color_laserjet_pro_m254_t6b58a_firmware | - |
| hp | color_laserjet_pro_mfp_m181_t6b72a_firmware | - |
| hp | color_laserjet_pro_m154_t6b48a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a69a_firmware | - |
| hp | smart_tank_6000_28c13a_firmware | - |
| hp | color_laserjet_pro_m254_t6b60a_firmware | - |
| hp | color_laserjet_pro_m255_7kw66a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_2gp22a_firmware | - |
| hp | pagewide_managed_p75050dn_y3z47a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs50a_firmware | - |
| hp | color_laserjet_pro_mfp_m180_t6b73a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a62a_firmware | - |
| hp | laserjet_m109e_2u584e_firmware | - |
| hp | laserjet_pro_mfp_m427_f6w16a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87660_x3a92a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62565_j8j66a_firmware | - |
| hp | color_laserjet_managed_m651_cz256a_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e77830_z8z04a_firmware | - |
| hp | laserjet_m111e_2u584e_firmware | - |
| hp | laserjet_mfp_m134_g3q67a_firmware | - |
| hp | pagewide_pro_577dw_d3q21a_firmware | - |
| hp | officejet_pro_8710_t0g46a_firmware | - |
| hp | laserjet_pro_m201_cf455a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87650_z8z14a_firmware | - |
| hp | deskjet_ink_advantage_2600_y5z00a_firmware | - |
| hp | laserjet_mfp_m236_9yf94a_firmware | - |
| hp | designjet_z6_t8w18b_firmware | * |
| hp | color_laserjet_managed_mfp_e78227_8gs14a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_z8z18a_firmware | - |
| hp | color_laserjet_pro_mfp_m280_t6b85a_firmware | - |
| hp | laserjet_tank_mfp_2606_381u9a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m880zm_a2w75a_firmware | * |
| hp | laserjet_mfp_m237_6gw71a_firmware | - |
| hp | laserjet_tank_2503_2r3e3a_firmware | - |
| hp | laserjet_mfp_m235_9yg11a_firmware | - |
| hp | laserjet_pro_m402_f6j42a_firmware | - |
| hp | laserjet_mfp_m235e_6gx05e_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_17f27aw_firmware | - |
| hp | laserjet_tank_1504_2r3e2a_firmware | - |
| hp | envy_inspire_7900e_242p8d_firmware | - |
| hp | color_laserjet_pro_mfp_m281_t6b85a_firmware | - |
| hp | smart_tank_720_28b55a_firmware | - |
| hp | laserjet_mfp_m237_9yf92a_firmware | - |
| hp | color_laserjet_pro_mfp_m284_7kw79a_firmware | - |
| hp | hp_color_laserjet_enterprise_m554_7zu78a_firmware | * |
| hp | laserjet_tank_mfp_2603_2r3f0a_firmware | - |
| hp | laserjet_m101_g3q36a_firmware | - |
| hp | laserjet_enterprise_m605_e6b71a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_x3a62a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_7fs95b_firmware | - |
| hp | color_laserjet_managed_mfp_e77424_5cm77a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs13a_firmware | - |
| hp | laserjet_pro_m305_w1a48a_firmware | - |
| hp | laserjet_enterprise_m806_cz245a_firmware | - |
| hp | designjet_t1708_1vd83a_firmware | - |
| hp | laserjet_mfp_m236_9yf88a_firmware | - |
| hp | smart_tank_750_28b70a_firmware | - |
| hp | color_laserjet_enterprise_m651_cz256a_firmware | * |
| hp | designjet_xl_3600_mfp_6kd23a_firmware | - |
| hp | pagewide_managed_p77740dn_y3z57a_firmware | - |
| hp | laserjet_mfp_m232_6gx00a_firmware | - |
| hp | deskjet_ink_advantage_ultra_4800_25r64a_firmware | - |
| hp | deskjet_2700e_297w8a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr96a_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z06a_firmware | - |
| hp | deskjet_plus_4100_7fs86a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5rc87a_firmware | - |
| hp | deskjet_2700e_26k70a_firmware | - |
| hp | laserjet_managed_mfp_e82550du_5rc85a_firmware | - |
| hp | color_laserjet_pro_mfp_m180_t6b75a_firmware | - |
| hp | laserjet_mfp_m235_9yg08a_firmware | - |
| hp | color_laserjet_pro_mfp_m283_7kw75a_firmware | - |
| hp | laserjet_m109_2u582a_firmware | - |
| hp | laserjet_pro_m15_y5s47a_firmware | - |
| hp | laserjet_pro_m501_j8h61a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_7ft01b_firmware | - |
| hp | smart_tank_7300_28b70a_firmware | - |
| hp | deskjet_2700e_26k69a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd23n_firmware | - |
| hp | laserjet_mfp_m234e_6gx09a_firmware | - |
| hp | laserjet_managed_mfp_m630_l3u61a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m680_cz250a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5cm76a_firmware | - |
| hp | pagewide_xl_4700_4vw15g_firmware | - |
| hp | laserjet_tank_mfp_2604_381u1a_firmware | - |
| hp | laserjet_pro_m15_w2g52a_firmware | - |
| hp | laserjet_pro_m17_y5s43a_firmware | - |
| hp | officejet_200_cz993a_firmware | - |
| hp | laserjet_mfp_m227_g3q78a_firmware | - |
| hp | laserjet_enterprise_mfp_m634_7ps96a_firmware | - |
| hp | officejet_pro_9020_1mr79a_firmware | - |
| hp | pagewide_352dw_j6u57a_firmware | - |
| hp | deskjet_2600_5sf04a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_5zn01a_firmware | - |
| hp | deskjet_3700_j9v92a_firmware | - |
| hp | officejet_pro_8710_k7s38a_firmware | - |
| hp | laserjet_pro_mfp_m429_w1a33a_firmware | - |
| hp | laserjet_managed_e50145_1pu52a_firmware | - |
| hp | deskjet_3630_f5s47a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z60a_firmware | - |
| hp | laserjet_mfp_m232e_9yg05e_firmware | - |
| hp | laserjet_mfp_m140e_2u589e_firmware | - |
| hp | officejet_pro_9020_1mr78a_firmware | - |
| hp | laserjet_m111a_7md67a_firmware | - |
| hp | color_laserjet_managed_e65060_l3u56a_firmware | - |
| hp | designjet_t1700_1vd88a_firmware | - |
| hp | color_laserjet_enterprise_m553_b5l39a_firmware | * |
| hp | color_laserjet_managed_flow_e67660_3gy32a_firmware | - |
| hp | color_laserjet_pro_m454_w1y47a_firmware | - |
| hp | laserjet_mfp_m234_9yg11a_firmware | - |
| hp | color_laserjet_managed_mfp_e78224_8gs12a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_z8z22a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87660_z8z12a_firmware | - |
| hp | laserjet_pro_m405_w1a60a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m880zm_a2w76a_firmware | * |
| hp | laserjet_m206_g3q50a_firmware | - |
| hp | laserjet_mfp_m234_9yf95a_firmware | - |
| hp | laserjet_pro_m706_b6s02a_firmware | - |
| hp | pagewide_xl_4700_4vw15h_firmware | - |
| hp | laserjet_enterprise_mfp_m725_cf069a_firmware | - |
| hp | laserjet_managed_mfp_e82550du_5rc84a_firmware | - |
| hp | color_laserjet_managed_mfp_e77423_5cm79a_firmware | - |
| hp | laserjet_m118_4pa39a_firmware | - |
| hp | hp_color_laserjet_enterprise_m555_7zu81a_firmware | * |
| hp | designjet_t1700_w6b56g_firmware | * |
| hp | color_laserjet_pro_mfp_m184_7kw56a_firmware | - |
| hp | laserjet_mfp_m235_9yg10a_firmware | - |
| hp | smart_tank_7000_2h1t6a_firmware | - |
| hp | smart_tank_790_28b96a_firmware | - |
| hp | color_laserjet_managed_flow_e77424_5cm76a_firmware | - |
| hp | officejet_pro_9010_1kr54a_firmware | - |
| hp | laserjet_m101_g3q39a_firmware | - |
| hp | laserjet_mfp_m233e_9yg05e_firmware | - |
| hp | color_laserjet_pro_mfp_m479_w1a76a_firmware | - |
| hp | color_laserjet_pro_mfp_m478_w1a77a_firmware | - |
| hp | laserjet_tank_mfp_2606_381u7a_firmware | - |
| hp | laserjet_m210e_6gw62e_firmware | - |
| hp | color_laserjet_managed_mfp_e67650_3gy32a_firmware | - |
| hp | laserjet_pro_mfp_m28_y5s50a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z66a_firmware | - |
| hp | color_laserjet_pro_mfp_m477_m5h23a_firmware | - |
| hp | deskjet_ink_advantage_ultra_4800_25r76a_firmware | - |
| hp | pagewide_xl_4700_4vw14a_firmware | - |
| hp | designjet_xl_3600_mfp_2yb64b_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs30a_firmware | - |
| hp | officejet_pro_8740_k7s40a_firmware | - |
| hp | laserjet_mfp_m234_9yf90a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z14a_firmware | - |
| hp | laserjet_enterprise_500_color_m551_cf081a_firmware | - |
| hp | laserjet_pro_mfp_m28_y5s55a_firmware | - |
| hp | laserjet_tank_mfp_1005_381u3a_firmware | - |
| hp | laserjet_tank_mfp_2605_381u0a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m880zm_l3u51a_firmware | * |
| hp | laserjet_pro_m705_b6s01a_firmware | - |
| hp | color_laserjet_enterprise_m855_a2w78a_firmware | - |
| hp | laserjet_pro_mfp_m426_c5f98a_firmware | - |
| hp | laserjet_m209_6gw61a_firmware | - |
| hp | laserjet_managed_mfp_e82560_z8z23a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a65a_firmware | - |
| hp | officejet_6950_p4c82a_firmware | - |
| hp | laserjet_pro_m226_cf484a_firmware | - |
| hp | laserjet_enterprise_mfp_m630_p7z47a_firmware | - |
| hp | laserjet_enterprise_500_color_mfp_m575_cd646a_firmware | - |
| hp | designjet_t1700_w6b55b_firmware | - |
| hp | laserjet_pro_200_m251_cf146a_firmware | - |
| hp | officejet_pro_6970_j7k42a_firmware | - |
| hp | designjet_z9_x9d24d_firmware | * |
| hp | envy_inspire_7900e_2z1c2a_firmware | - |
| hp | officejet_pro_8035e_1l0h6a_firmware | - |
| hp | laserjet_tank_2506_2r7f4a_firmware | - |
| hp | pagewide_enterprise_color_556_g1w47v_firmware | - |
| hp | envy_inspire_7900e_2h2n7d_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a72a_firmware | - |
| hp | laserjet_mfp_m234_9yg10a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_4ws37b_firmware | - |
| hp | laserjet_managed_m506_f2a68a_firmware | - |
| hp | officejet_pro_9020_1mr69a_firmware | - |
| hp | color_laserjet_pro_mfp_m377_m5h23a_firmware | - |
| hp | laserjet_m103_g3q35a_firmware | - |
| hp | smart_tank_750_28b76a_firmware | - |
| hp | designjet_t1700_w6b55g_firmware | * |
| hp | laserjet_m203_g3q46a_firmware | - |
| hp | color_laserjet_pro_m454_w1y43a_firmware | - |
| hp | laserjet_mfp_m140e_7md72e_firmware | - |
| hp | laserjet_pro_m226_c6n23a_firmware | - |
| hp | laserjet_mfp_m234_9yf89a_firmware | - |
| hp | officejet_pro_9010_1kr49a_firmware | - |
| hp | laserjet_mfp_m233_9yg11a_firmware | - |
| hp | deskjet_3700_j9v91a_firmware | - |
| hp | laserjet_m207_9yf84a_firmware | - |
| hp | deskjet_2700e_26k68b_firmware | - |
| hp | laserjet_enterprise_700_color_mfp_m775_l3u49a_firmware | - |
| hp | smart_tank_510_3yw72a_firmware | - |
| hp | smart_tank_plus_550_1tj09a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m636_7pt00a_firmware | - |
| hp | color_laserjet_managed_mfp_e67560_l3u69a_firmware | - |
| hp | laserjet_enterprise_m605_e6b70a_firmware | - |
| hp | color_laserjet_pro_m253_t6b57a_firmware | - |
| hp | color_laserjet_pro_mfp_m479_w1a77a_firmware | - |
| hp | laserjet_mfp_m233_9yg08a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr98a_firmware | - |
| hp | laserjet_mfp_m235e_6gx09a_firmware | - |
| hp | color_laserjet_enterprise_m653_j8a05a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_z8z01a_firmware | - |
| hp | laserjet_m102_g3q39a_firmware | - |
| hp | color_laserjet_pro_mfp_m284_7kw75a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m681_j8a10a_firmware | - |
| hp | officejet_250_cz992a_firmware | - |
| hp | laserjet_mfp_m139e_2u589e_firmware | - |
| hp | envy_6000_7cz37a_firmware | - |
| hp | laserjet_managed_mfp_e62555_j8j74a_firmware | - |
| hp | color_laserjet_pro_mfp_m285_7kw79a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8pe96a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62575_j8j74a_firmware | - |
| hp | color_laserjet_pro_m256_7kw64a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5fm78a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd23l_firmware | - |
| hp | color_laserjet_managed_e65060_l3u55a_firmware | - |
| hp | laserjet_managed_mfp_e82560_z8z18a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_z8z02a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m680_l3u48a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m577_b5l50a_firmware | - |
| hp | laserjet_mfp_m232e_6gx09a_firmware | - |
| hp | color_laserjet_pro_m454_w1y45a_firmware | - |
| hp | laserjet_tank_mfp_2606_381u6a_firmware | - |
| hp | laserjet_mfp_m236_9yg11a_firmware | - |
| hp | laserjet_pro_m15_w2g53a_firmware | - |
| hp | laserjet_pro_mfp_m31_y5s55a_firmware | - |
| hp | laserjet_pro_m702_b6s01a_firmware | - |
| hp | color_laserjet_managed_mfp_e78226_17f27aw_firmware | - |
| hp | color_laserjet_managed_mfp_e77425_5cm78a_firmware | - |
| hp | laserjet_tank_mfp_2602_2r3f0a_firmware | - |
| hp | designjet_xl_3600_mfp_6dh33i_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr98a_firmware | - |
| hp | laserjet_enterprise_600_m602_ce993a_firmware | - |
| hp | color_laserjet_managed_e75245_t3u44a_firmware | - |
| hp | laserjet_pro_mfp_m426_c5f99a_firmware | - |
| hp | deskjet_3700_t8w56a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62555_j8j66a_firmware | - |
| hp | color_laserjet_managed_e85055_t3u66a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a84a_firmware | - |
| hp | color_laserjet_managed_mfp_e78226_8gs50a_firmware | - |
| hp | laserjet_pro_mfp_m427_c5f98a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m635_7ps99a_firmware | - |
| hp | officejet_202_n4l14c_firmware | - |
| hp | designjet_z9_x9d24h_firmware | * |
| hp | laserjet_mfp_m139_7md72a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a71a_firmware | - |
| hp | smart_tank_plus_650_y0f71a_firmware | - |
| hp | laserjet_pro_m305_w1a47a_firmware | - |
| hp | pagewide_pro_477dw_d3q20a_firmware | - |
| hp | designjet_t1700_w6b55e_firmware | - |
| hp | designjet_z9_x9d24b_firmware | * |
| hp | laserjet_m204_g3q46a_firmware | - |
| hp | laserjet_mfp_m233e_6gx09a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a83a_firmware | - |
| hp | laserjet_m209_9yf85a_firmware | - |
| hp | color_laserjet_managed_flow_e77426_5cm78a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z06a_firmware | - |
| hp | deskjet_ink_advantage_3700_3yz74a_firmware | - |
| hp | laserjet_mfp_m139e_7md70e_firmware | - |
| hp | laserjet_enterprise_mfp_m528_1pv64a_firmware | - |
| hp | laserjet_pro_m521_a8p80a_firmware | - |
| hp | color_laserjet_pro_mfp_m479_w1a81a_firmware | - |
| hp | laserjet_m112_2u582a_firmware | - |
| hp | laserjet_enterprise_m507_1pv88a_firmware | - |
| hp | color_laserjet_enterprise_m553_b5l26a_firmware | * |
| hp | officejet_pro_8710_j6x78a_firmware | - |
| hp | laserjet_tank_2504_2r7f4a_firmware | - |
| hp | laserjet_mfp_m233_6gw99a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z63a_firmware | - |
| hp | laserjet_mfp_m139_7md76a_firmware | - |
| hp | pagewide_enterprise_color_mfp_780_j7z10a_firmware | - |
| hp | laserjet_mfp_m139e_2a130e_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_5zn00a_firmware | - |
| hp | laserjet_pro_mfp_m428_w1a31a_firmware | - |
| hp | color_laserjet_managed_flow_e77423_5cm78a_firmware | - |
| hp | scanjet_enterprise_8500_fn1_l2719a_firmware | - |
| hp | pagewide_enterprise_color_556_g1w46a_firmware | - |
| hp | laserjet_enterprise_500_color_m551_cf083a_firmware | - |
| hp | laserjet_mfp_m131_g3q67a_firmware | - |
| hp | smart_tank_510_6hf11a_firmware | - |
| hp | designjet_t1700_w6b56d_firmware | * |
| hp | laserjet_enterprise_mfp_m633_j8j78a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z07a_firmware | - |
| hp | color_laserjet_managed_mfp_e77424_5cm79a_firmware | - |
| hp | laserjet_managed_mfp_e72425_5cm70a_firmware | - |
| hp | laserjet_pro_m225_c6n22a_firmware | - |
| hp | laserjet_mfp_m133_g3q57a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_z8z02a_firmware | - |
| hp | laserjet_pro_mfp_m28_w2g55a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a72a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a74a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs14a_firmware | - |
| hp | laserjet_enterprise_mfp_m527_f2a78a_firmware | - |
| hp | deskjet_2600_v1n04a_firmware | - |
| hp | laserjet_mfp_m133_g3q63a_firmware | - |
| hp | deskjet_2600_y5h62a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m681_j8a10a_firmware | - |
| hp | smart_tank_720_28b51a_firmware | - |
| hp | laserjet_mfp_m233_9yf94a_firmware | - |
| hp | deskjet_3630_f5s57a_firmware | - |
| hp | laserjet_pro_mfp_m428_w1a29a_firmware | - |
| hp | color_laserjet_managed_flow_e77423_5cm77a_firmware | - |
| hp | deskjet_3700_t8w94a_firmware | - |
| hp | laserjet_managed_500_color_mfp_m575_l3u45a_firmware | - |
| hp | officejet_pro_9020_1mr77a_firmware | - |
| hp | deskjet_ink_advantage_3700_4sc30a_firmware | - |
| hp | pagewide_managed_p75050dw_y3z47a_firmware | - |
| hp | smart_tank_670_2h1w1a_firmware | - |
| hp | designjet_t1700_w6b56a_firmware | * |
| hp | laserjet_enterprise_600_m603_ce995a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z65a_firmware | - |
| hp | laserjet_m103_g3q37a_firmware | - |
| hp | laserjet_tank_mfp_1602_2r3e7a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77650_firmware | - |
| hp | color_laserjet_managed_e65160_3gy04a_firmware | - |
| hp | color_laserjet_pro_mfp_m479_w1a78a_firmware | - |
| hp | pagewide_xl_8200_4vw18f_firmware | - |
| hp | color_laserjet_managed_mfp_e78225_8gs15a_firmware | - |
| hp | laserjet_mfp_m236e_6gx09e_firmware | - |
| hp | laserjet_m209_9yf82a_firmware | - |
| hp | designjet_t1700_w6b56b_firmware | * |
| hp | laserjet_managed_e60075_m0p40a_firmware | - |
| hp | color_laserjet_managed_mfp_e77426_5cm78a_firmware | - |
| hp | laserjet_enterprise_mfp_m527_f2a81a_firmware | - |
| hp | laserjet_mfp_m233e_6gx02e_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z05a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_z5g79a_firmware | - |
| hp | laserjet_enterprise_700_color_mfp_m775_cc524a_firmware | - |
| hp | laserjet_tank_mfp_2606_2r7f5a_firmware | - |
| hp | laserjet_mfp_m236e_6gx02e_firmware | - |
| hp | laserjet_mfp_m141_7md75a_firmware | - |
| hp | color_laserjet_managed_mfp_e77427_5cm75a_firmware | - |
| hp | officejet_6950_p4c84a_firmware | - |
| hp | color_laserjet_pro_m254_t6b56a_firmware | - |
| hp | laserjet_mfp_m129_g3q66a_firmware | - |
| hp | designjet_t1700_w6b55d_firmware | * |
| hp | color_laserjet_pro_mfp_m184_7kw58a_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_780f_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z62a_firmware | - |
| hp | smart_tank_720_28b54a_firmware | - |
| hp | smart_tank_610_3yw51a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs43a_firmware | - |
| hp | officejet_8022e_1k7k6a_firmware | - |
| hp | laserjet_tank_mfp_2604_381v0a_firmware | - |
| hp | color_laserjet_pro_m153_t6b47a_firmware | - |
| hp | envy_inspire_7900e_31k22d_firmware | - |
| hp | laserjet_managed_flow_mfp_m525_l3u60a_firmware | - |
| hp | color_laserjet_pro_mfp_m478_w1a79a_firmware | - |
| hp | color_laserjet_managed_mfp_e77427_5cm78a_firmware | - |
| hp | laserjet_mfp_m133_g3q61a_firmware | - |
| hp | laserjet_pro_m403_f6j43a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_z8z09a_firmware | - |
| hp | color_laserjet_managed_mfp_e77427_5cm79a_firmware | - |
| hp | color_laserjet_pro_m255_7kw64a_firmware | - |
| hp | color_laserjet_managed_flow_e77424_5cm78a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z68a_firmware | - |
| hp | designjet_z9_x9d24e_firmware | * |
| hp | designjet_t1600_36"_3ek13f_firmware | * |
| hp | deskjet_ink_advantage_ultra_5730_f5s60a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_z8z0a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a79a_firmware | - |
| hp | color_laserjet_pro_mfp_m283_7kw73a_firmware | - |
| hp | laserjet_mfp_m232_6gw71a_firmware | - |
| hp | pagewide_xl_8200_4vw18a_firmware | - |
| hp | deskjet_2700e_2a9q5a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5cm76a_firmware | - |
| hp | color_laserjet_managed_mfp_m577_b5l49a_firmware | - |
| hp | designjet_z9_w3z72d_firmware | * |
| hp | laserjet_mfp_m134_g3q61a_firmware | - |
| hp | laserjet_mfp_m134_g3q66a_firmware | - |
| hp | designjet_z6_t8w16e_firmware | * |
| hp | designjet_z6_t8w18h_firmware | * |
| hp | officejet_pro_6970_t0f33a_firmware | - |
| hp | laserjet_mfp_m131_g3q65a_firmware | - |
| hp | color_laserjet_pro_m453_w1y43a_firmware | - |
| hp | laserjet_mfp_m233_9yf97a_firmware | - |
| hp | laserjet_managed_mfp_e82540du_5rc84a_firmware | - |
| hp | pagewide_managed_color_e55650_l3u44a_firmware | - |
| hp | color_laserjet_pro_mfp_m285_7kw74a_firmware | - |
| hp | laserjet_managed_e60055_m0p40a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_5zn99a_firmware | - |
| hp | laserjet_managed_mfp_e82540_z8z23a_firmware | - |
| hp | officejet_managed_color_mfp_x585_l3u40a_firmware | - |
| hp | color_laserjet_pro_m154_t6b55a_firmware | - |
| hp | color_laserjet_managed_mfp_e78225_8gs50a_firmware | - |
| hp | color_laserjet_pro_mfp_m479_w1a82a_firmware | - |
| hp | laserjet_pro_m226_c6n22a_firmware | - |
| hp | laserjet_pro_m404_w1a59a_firmware | - |
| hp | laserjet_m109_2u584a_firmware | - |
| hp | laserjet_pro_m704_k9g91a_firmware | - |
| hp | laserjet_enterprise_mfp_m630_j7x28a_firmware | - |
| hp | laserjet_enterprise_m604_e6b67a_firmware | - |
| hp | laserjet_enterprise_m609_k0q21a_firmware | - |
| hp | laserjet_enterprise_m609_k0q20a_firmware | - |
| hp | laserjet_pro_mfp_m427_f6w18a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_z8z08a_firmware | - |
| hp | color_laserjet_pro_mfp_m181_t6b70a_firmware | - |
| hp | color_laserjet_pro_mfp_m184_7kw54a_firmware | - |
| hp | laserjet_pro_mfp_m426_f6w18a_firmware | - |
| hp | officejet_3830_f5r95a_firmware | - |
| hp | color_laserjet_managed_e65150_3gy03a_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_785_j7z12a_firmware | - |
| hp | laserjet_mfp_m134_g3q60a_firmware | - |
| hp | laserjet_mfp_m142_2a129a_firmware | - |
| hp | color_laserjet_pro_mfp_m282_7kw77a_firmware | - |
| hp | deskjet_2700e_26k67b_firmware | - |
| hp | designjet_z6_t8w15f_firmware | * |
| hp | laserjet_managed_flow_mfp_e72530_x3a63a_firmware | - |
| hp | color_laserjet_managed_mfp_e78224_8gs13a_firmware | - |
| hp | laserjet_mfp_m234_9yg02a_firmware | - |
| hp | laserjet_mfp_m232_9yg05a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr94a_firmware | - |
| hp | deskjet_plus_4100_7mr24a_firmware | - |
| hp | deskjet_3700_t8w96a_firmware | - |
| hp | laserjet_managed_mfp_e62655_3gy18a_firmware | - |
| hp | smart_tank_7000_2g9q2a_firmware | - |
| hp | laserjet_pro_m225_cf485a_firmware | - |
| hp | laserjet_pro_mfp_m28_w2g57a_firmware | - |
| hp | designjet_t1700_1vd88b_firmware | * |
| hp | color_laserjet_pro_mfp_m184_7kw59a_firmware | - |
| hp | laserjet_managed_mfp_e62655_3gy14a_firmware | - |
| hp | laserjet_mfp_m235_9yg02a_firmware | - |
| hp | laserjet_pro_m702_b6s02a_firmware | - |
| hp | color_laserjet_pro_mfp_m277_b3q11a_firmware | - |
| hp | color_laserjet_pro_mfp_m274_b3q17a_firmware | - |
| hp | laserjet_mfp_m237_9yf94a_firmware | - |
| hp | laserjet_m203_g3q47a_firmware | - |
| hp | laserjet_tank_mfp_2603_2r7f5a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z68a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m880z_l3u52a_firmware | * |
| hp | laserjet_m111_7md66a_firmware | - |
| hp | pagewide_pro_772dn_y3z54a_firmware | - |
| hp | smart_tank_670_28c12a_firmware | - |
| hp | laserjet_pro_m403_f6j42a_firmware | - |
| hp | laserjet_pro_m704_b6s01a_firmware | - |
| hp | digital_sender_flow_8500_fn2_l2762a_firmware | - |
| hp | color_laserjet_pro_m452_cf388v_firmware | - |
| hp | laserjet_pro_m14_w2g51a_firmware | - |
| hp | laserjet_mfp_m232_9yf89a_firmware | - |
| hp | laserjet_managed_mfp_e52545_3gy19a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a65a_firmware | - |
| hp | laserjet_mfp_m236_9yg09a_firmware | - |
| hp | laserjet_mfp_m141_2a129a_firmware | - |
| hp | laserjet_pro_m435_a3e42a_firmware | - |
| hp | color_laserjet_managed_flow_e77425_5cm77a_firmware | - |
| hp | color_laserjet_enterprise_m651_h0dc9a_firmware | * |
| hp | laserjet_managed_mfp_e82540du_5fm76a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a78a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_z8z0a_firmware | - |
| hp | designjet_z6+_pro_2qu25a_firmware | * |
| hp | color_laserjet_pro_mfp_m282_7kw73a_firmware | - |
| hp | laserjet_managed_500_mfp_m525_l3u60a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_z8z04a_firmware | - |
| hp | envy_inspire_7900e_31k21d_firmware | - |
| hp | laserjet_managed_e60165_3gy12a_firmware | - |
| hp | laserjet_pro_m15_w2g50a_firmware | - |
| hp | laserjet_mfp_m129_g3q60a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5rc91a_firmware | - |
| hp | color_laserjet_pro_mfp_m479_w1a75a_firmware | - |
| hp | deskjet_plus_4100_7fs88a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a78a_firmware | - |
| hp | color_laserjet_pro_mfp_m478_w1a76a_firmware | - |
| hp | laserjet_managed_500_mfp_m525_l3u59a_firmware | - |
| hp | laserjet_pro_mfp_m426_1gp80a_firmware | - |
| hp | color_laserjet_pro_m254_t6b62a_firmware | - |
| hp | laserjet_mfp_m142_7md75a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_z8z04a_firmware | - |
| hp | deskjet_2600_y5h64a_firmware | - |
| hp | deskjet_3700_t8w52a_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z07a_firmware | - |
| hp | envy_6000e_223n2a_firmware | - |
| hp | deskjet_ink_advantage_3700_t8w38a1_firmware | - |
| hp | officejet_pro_8210_d9l63a_firmware | - |
| hp | laserjet_m207_6gw62a_firmware | - |
| hp | deskjet_3630_k4t94a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m880z_a2w75a_firmware | * |
| hp | color_laserjet_managed_mfp_e87640du_5rc87a_firmware | - |
| hp | laserjet_pro_m706_k9g90a_firmware | - |
| hp | laserjet_tank_mfp_2602_381v0a_firmware | - |
| hp | officejet_pro_8030e_5lj14a_firmware | - |
| hp | laserjet_mfp_m140_7md70f_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z08a_firmware | - |
| hp | pagewide_managed_p75050dn_y3z45a_firmware | - |
| hp | smart_tank_7600_28b99a_firmware | - |
| hp | laserjet_pro_m14_w2g52a_firmware | - |
| hp | laserjet_m211_9yf84a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8pe98a_firmware | - |
| hp | officejet_enterprise_color_mfp_x585_b5l05a_firmware | - |
| hp | designjet_t2600_36"_mfp_3xb78a_firmware | * |
| hp | laserjet_managed_mfp_e72530_x3a66a_firmware | - |
| hp | laserjet_managed_m506_f2a66a_firmware | - |
| hp | pagewide_xl_5200_4vw17f_firmware | - |
| hp | laserjet_managed_mfp_flow_e62565_j8j79a_firmware | - |
| hp | envy_6000_5se19a_firmware | - |
| hp | laserjet_mfp_m141_7md73a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j67a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a80a_firmware | - |
| hp | laserjet_mfp_m234e_6gx00e_firmware | - |
| hp | laserjet_managed_mfp_e82540du_5cm59a_firmware | - |
| hp | smart_tank_6000_30s82a_firmware | - |
| hp | laserjet_m105_g3q39a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_4ws36b_firmware | - |
| hp | smart_tank_510_3yw71a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a60a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z61a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5cm63a_firmware | - |
| hp | designjet_t1700_w6b55h_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8pe97a_firmware | - |
| hp | laserjet_mfp_m232_9yg11a_firmware | - |
| hp | pagewide_managed_p77740z_w1b39a_firmware | - |
| hp | smart_tank_6000_2h1w2a_firmware | - |
| hp | laserjet_m206_g3q46a_firmware | - |
| hp | color_laserjet_pro_m253_t6b62a_firmware | - |
| hp | deskjet_3630_f5s43a_firmware | - |
| hp | color_laserjet_managed_flow_e77425_5rc92a_firmware | - |
| hp | laserjet_pro_m705_k9g91a_firmware | - |
| hp | laserjet_tank_2506_381v4a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62555_j8j74a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8pe94a_firmware | - |
| hp | laserjet_mfp_m142_2u589a_firmware | - |
| hp | laserjet_pro_m706_b6s01a_firmware | - |
| hp | laserjet_mfp_m229_g3q78a_firmware | - |
| hp | color_laserjet_managed_m553_b5l24a_firmware | * |
| hp | laserjet_pro_mfp_m30_w2g54a_firmware | - |
| hp | laserjet_managed_e60065_m0p35a_firmware | - |
| hp | officejet_pro_8020e_1k7k7a_firmware | - |
| hp | deskjet_plus_4100_7fs79a_firmware | - |
| hp | officejet_pro_8740_k7s42a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m525_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m636_7pt01a_firmware | - |
| hp | color_laserjet_pro_m454_w1y44a_firmware | - |
| hp | smart_tank_720_28b79a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_7fs99b_firmware | - |
| hp | color_laserjet_pro_m153_t6b46a_firmware | - |
| hp | deskjet_3630_k4t97a_firmware | - |
| hp | deskjet_ink_advantage_3830_f5r96a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m681_j8a11a_firmware | - |
| hp | laserjet_mfp_m227_q3q75a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_az8z20a_firmware | - |
| hp | color_laserjet_pro_m155_7kw48a_firmware | - |
| hp | laserjet_m104_g3q39a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a84a_firmware | - |
| hp | color_laserjet_managed_m553_b5l38a_firmware | * |
| hp | officejet_enterprise_color_x555_l1h45a_firmware | - |
| hp | officejet_3830_k7v36a_firmware | - |
| hp | laserjet_m119_4pa39a_firmware | - |
| hp | designjet_z9_w3z71c_firmware | * |
| hp | laserjet_enterprise_m604_e6b68a_firmware | - |
| hp | laserjet_managed_mfp_e82540du_5rc83a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87640_z8z13a_firmware | - |
| hp | laserjet_m105_g3q36a_firmware | - |
| hp | laserjet_m111_2u584a_firmware | - |
| hp | designjet_xl_3600_mfp_6dh33c_firmware | - |
| hp | pagewide_enterprise_color_556_g1w46v_firmware | - |
| hp | designjet_t1700_w6b56h_firmware | * |
| hp | officejet_pro_6970_t0f34a_firmware | - |
| hp | laserjet_managed_flow_mfp_m527z_f2a80a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd26l_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87640_z8z15a_firmware | - |
| hp | designjet_t1700_w6b55b_firmware | * |
| hp | laserjet_enterprise_600_m603_ce996a_firmware | - |
| hp | color_laserjet_pro_mfp_m284_7kw78a_firmware | - |
| hp | color_laserjet_pro_mfp_m477_cf379a_firmware | - |
| hp | laserjet_mfp_m236_6gw71a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5fm77a_firmware | - |
| hp | laserjet_m207_9yf82a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650du_5fm81a_firmware | - |
| hp | deskjet_2600_y5h60a_firmware | - |
| hp | deskjet_3700_j9v90a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j80a_firmware | - |
| hp | laserjet_mfp_m234e_6gx09e_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_z8z01a_firmware | - |
| hp | laserjet_enterprise_m611_7ps85a_firmware | - |
| hp | color_laserjet_managed_mfp_e57540_3gy25a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd23g_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs27a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m632_j8j71a_firmware | - |
| hp | laserjet_pro_m403_g3v21a_firmware | - |
| hp | color_laserjet_pro_mfp_m280_t6b86a_firmware | - |
| hp | officejet_pro_8020_5lj18a_firmware | - |
| hp | laserjet_pro_m702_b6s00a_firmware | - |
| hp | envy_inspire_7900e_349v2b_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_586z_g1w39a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5rc91a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a82a_firmware | - |
| hp | officejet_pro_8030e_5lj23a_firmware | - |
| hp | laserjet_mfp_m233_9yg10a_firmware | - |
| hp | laserjet_mfp_m234_6gx04a_firmware | - |
| hp | deskjet_2700e_26k70b_firmware | - |
| hp | laserjet_m111e_2u582e_firmware | - |
| hp | color_laserjet_enterprise_mfp_m577_b5l46a_firmware | - |
| hp | officejet_pro_8740_j6x83a_firmware | - |
| hp | laserjet_tank_mfp_2602_381u1a_firmware | - |
| hp | laserjet_pro_mfp_m429_w1a31a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_5zn00a_firmware | - |
| hp | laserjet_enterprise_mfp_m634_7ps95a_firmware | - |
| hp | color_laserjet_pro_m454_w1y46a_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_785_j7z11a_firmware | - |
| hp | laserjet_pro_m702_k9g91a_firmware | - |
| hp | officejet_pro_9010_1kr46a_firmware | - |
| hp | color_laserjet_managed_mfp_e78227_8gs15a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z65a_firmware | - |
| hp | laserjet_mfp_m129_g3q68a_firmware | - |
| hp | deskjet_plus_ink_advantage_6400_5sd79a_firmware | - |
| hp | color_laserjet_managed_mfp_e77426_5cm77a_firmware | - |
| hp | laserjet_managed_mfp_e82540_az8z20a_firmware | - |
| hp | laserjet_mfp_m228_g3q76a_firmware | - |
| hp | laserjet_mfp_m141_7md76a_firmware | - |
| hp | smart_tank_670_2h3n3a_firmware | - |
| hp | laserjet_m110e_7md66e_firmware | - |
| hp | laserjet_mfp_m232e_6gx01a_firmware | - |
| hp | color_laserjet_pro_mfp_m284_7kw72a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67550_l3u69a_firmware | - |
| hp | color_laserjet_managed_flow_e77426_5cm75a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_z8z23a_firmware | - |
| hp | designjet_z9w3z72f_firmware | * |
| hp | laserjet_enterprise_mfp_m631_j8j65a_firmware | - |
| hp | deskjet_2700e_297x0a_firmware | - |
| hp | color_laserjet_pro_m452_cf389a_firmware | - |
| hp | color_laserjet_pro_m153_t6b49a_firmware | - |
| hp | color_laserjet_managed_flow_e77424_5cm75a_firmware | - |
| hp | laserjet_managed_mfp_e72530_x3a65a_firmware | - |
| hp | laserjet_pro_m404_w1a63a_firmware | - |
| hp | designjet_z6_t8w16c_firmware | * |
| hp | color_laserjet_managed_mfp_e78224_8gs43a_firmware | - |
| hp | laserjet_tank_1503_2r7f3a_firmware | - |
| hp | smart_tank_510_3yw75a_firmware | - |
| hp | designjet_t2600_36"_mfp_3ek15b_firmware | * |
| hp | laserjet_mfp_m230_g3q77a_firmware | - |
| hp | color_laserjet_managed_flow_e77423_5cm75a_firmware | - |
| hp | laserjet_pro_m405_w1a51a_firmware | - |
| hp | color_laserjet_managed_mfp_e78226_8gs13a_firmware | - |
| hp | color_laserjet_enterprise_m855_d7p72a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a71a_firmware | - |
| hp | smart_tank_510_3yw74a_firmware | - |
| hp | color_laserjet_managed_mfp_e78227_8gs13a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m577_b5l47a_firmware | - |
| hp | laserjet_mfp_m233_6gx06a_firmware | - |
| hp | laserjet_enterprise_mfp_m634_7ps94a_firmware | - |
| hp | pagewide_managed_p75050dw_y3z45a_firmware | - |
| hp | envy_6000_5se18a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_7hz76b_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a80a_firmware | - |
| hp | color_laserjet_pro_mfp_m280_t6b83a_firmware | - |
| hp | laserjet_mfp_m134_g3q63a_firmware | - |
| hp | laserjet_enterprise_m506_f2a68a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m577_b5l48a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62555_j8j79a_firmware | - |
| hp | laserjet_mfp_m140e_7md74e_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m633_j8j78a_firmware | - |
| hp | laserjet_tank_mfp_2602_381u8a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5cm68a_firmware | - |
| hp | designjet_z9_w3z72e_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e77825_z8z0a_firmware | - |
| hp | laserjet_managed_500_color_mfp_m575_l3u46a_firmware | - |
| hp | laserjet_mfp_m132_g3q64a_firmware | - |
| hp | designjet_z6_t8w15e_firmware | * |
| hp | laserjet_pro_mfp_m30_y5s54a_firmware | - |
| hp | deskjet_4100e_2a9t7a_firmware | - |
| hp | pagewide_xl_5200_4vw21a_firmware | - |
| hp | color_laserjet_managed_mfp_e78226_8gs15a_firmware | - |
| hp | color_laserjet_pro_m256_7kw65a_firmware | - |
| hp | laserjet_managed_flow_mfp_m630_l3u62a_firmware | - |
| hp | laserjet_mfp_m236_6gw99a_firmware | - |
| hp | laserjet_mfp_m234_9yf92a_firmware | - |
| hp | laserjet_mfp_m237e_6gx01a_firmware | - |
| hp | deskjet_3700_t8w95a_firmware | - |
| hp | color_laserjet_managed_mfp_e47528_3qa75a_firmware | - |
| hp | deskjet_ink_advantage_2700_7fr20a_firmware | - |
| hp | deskjet_plus_4100_7fs75d_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a78a_firmware | - |
| hp | laserjet_mfp_m139_2a130a_firmware | - |
| hp | laserjet_mfp_m139_7md73a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_z8z0a_firmware | - |
| hp | laserjet_mfp_m139_2u589f_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a79a_firmware | - |
| hp | color_laserjet_managed_mfp_e77423_5rc91a_firmware | - |
| hp | deskjet_ink_advantage_3630_f5s44a_firmware | - |
| hp | officejet_8022_3uc65a_firmware | - |
| hp | laserjet_pro_m402_c5f92a_firmware | - |
| hp | laserjet_mfp_m131_g3q61a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a74a_firmware | - |
| hp | laserjet_enterprise_600_m601_ce989a_firmware | - |
| hp | deskjet_2700_3xv19a_firmware | - |
| hp | color_laserjet_managed_mfp_e78224_8gs44a_firmware | - |
| hp | envy_6000e_223n1a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m830_cf367a_firmware | - |
| hp | laserjet_mfp_m237_9yg08a_firmware | - |
| hp | laserjet_mfp_m140_2a130a_firmware | - |
| hp | color_laserjet_managed_mfp_e77425_5cm79a_firmware | - |
| hp | laserjet_enterprise_m407_3pz16a_firmware | - |
| hp | smart_tank_6000_2h0b9a_firmware | - |
| hp | color_laserjet_managed_mfp_e78224_8gs36a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a79a_firmware | - |
| hp | designjet_t1700_w6b56c_firmware | - |
| hp | color_laserjet_pro_mfp_m284_7kw73a_firmware | - |
| hp | smart_tank_7000_6uu46a_firmware | - |
| hp | color_laserjet_managed_mfp_e78227_8gs43a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87660_x3a90a_firmware | - |
| hp | laserjet_managed_flow_mfp_m527z_f2a79a_firmware | - |
| hp | laserjet_mfp_m237e_6gx02e_firmware | - |
| hp | officejet_pro_6970_j7k41a_firmware | - |
| hp | laserjet_mfp_m141e_2a130e_firmware | - |
| hp | laserjet_mfp_m227_g3q74a_firmware | - |
| hp | hp_color_laserjet_enterprise_m555_7zu79a_firmware | * |
| hp | laserjet_managed_m506_f2a71a_firmware | - |
| hp | color_laserjet_managed_mfp_e78227_19gsaw_firmware | - |
| hp | deskjet_2700_7fr58a_firmware | - |
| hp | smart_tank_610_7xv38a_firmware | - |
| hp | deskjet_ink_advantage_3630_f5s45a_firmware | - |
| hp | laserjet_pro_m405_w1a52a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs00a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a63a_firmware | - |
| hp | laserjet_managed_mfp_e82560_az8z20a_firmware | - |
| hp | laserjet_tank_2502_2r3e3a_firmware | - |
| hp | designjet_t1700_w6b56g_firmware | - |
| hp | color_laserjet_managed_mfp_e67660_3gy32a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87650_x3a89a_firmware | - |
| hp | color_laserjet_pro_mfp_m281_t6b82a_firmware | - |
| hp | laserjet_managed_e50045_3gn19a_firmware | - |
| hp | laserjet_pro_mfp_m429_w1a34a_firmware | - |
| hp | officejet_6950_p4c81a_firmware | - |
| hp | laserjet_mfp_m237_9yf90a_firmware | - |
| hp | deskjet_2600_v1n05a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs01a_firmware | - |
| hp | color_laserjet_pro_mfp_m477_cf378a_firmware | - |
| hp | laserjet_managed_e60065_m0p33a_firmware | - |
| hp | laserjet_managed_e40040_3pz35a_firmware | - |
| hp | laserjet_pro_m701_b6s01a_firmware | - |
| hp | designjet_t1700_1vd87f_firmware | - |
| hp | laserjet_tank_mfp_1604_2r3e7a_firmware | - |
| hp | smart_tank_plus_550_3yw72a_firmware | - |
| hp | color_laserjet_enterprise_m751_t3u64a_firmware | - |
| hp | laserjet_mfp_m233_9yf95a_firmware | - |
| hp | deskjet_3630_k4t93a_firmware | - |
| hp | laserjet_m211_6gw63a_firmware | - |
| hp | laserjet_managed_mfp_e82550du_5fm78a_firmware | - |
| hp | laserjet_pro_m405_w1a56a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m681_j8a12a_firmware | - |
| hp | designjet_t2600_36"_mfp_3ek15k_firmware | * |
| hp | laserjet_enterprise_m506_f2a67a_firmware | - |
| hp | laserjet_pro_m17_w2g53a_firmware | - |
| hp | color_laserjet_pro_m254_t6b65a_firmware | - |
| hp | laserjet_pro_m17_w2g52a_firmware | - |
| hp | laserjet_pro_mfp_m428_w1a33a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a69a_firmware | - |
| hp | color_laserjet_managed_flow_e77425_5cm75a_firmware | - |
| hp | laserjet_managed_mfp_e82550du_5fm77a_firmware | - |
| hp | laserjet_managed_color_flow_mfp_m575_l3u45a_firmware | - |
| hp | laserjet_mfp_m235_6gw99a_firmware | - |
| hp | laserjet_mfp_m235_6gx03a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j66a_firmware | - |
| hp | deskjet_plus_4100_3xv13a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a60a_firmware | - |
| hp | laserjet_mfp_m134_g3q59a_firmware | - |
| hp | laserjet_pro_mfp_m30_w2g57a_firmware | - |
| hp | envy_6000_5se17a_firmware | - |
| hp | designjet_z6+_pro_2qu25f_firmware | - |
| hp | color_laserjet_cm5525_mfp_ce709a_firmware | * |
| hp | officejet_pro_8210_j3p66a_firmware | - |
| hp | deskjet_3700_t8w83a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a79a_firmware | - |
| hp | color_laserjet_pro_mfp_m182_7kw56a_firmware | - |
| hp | laserjet_tank_mfp_2606_381u8a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m634_7ps95a_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z010a_firmware | - |
| hp | laserjet_tank_mfp_2605_381u6a_firmware | - |
| hp | laserjet_pro_m304_w1a47a_firmware | - |
| hp | laserjet_pro_mfp_m30_w2g56a_firmware | - |
| hp | laserjet_m111e_7md66e_firmware | - |
| hp | officejet_pro_6970_t0f35a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z011a_firmware | - |
| hp | designjet_z9_w3z71d_firmware | * |
| hp | laserjet_pro_m402_f6j41a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_z8z01a_firmware | - |
| hp | deskjet_2700e_26k72a_firmware | - |
| hp | laserjet_pro_mfp_m29_w2g54a_firmware | - |
| hp | laserjet_tank_mfp_2604_381v1a_firmware | - |
| hp | designjet_xl_3600_mfp_6dh33f_firmware | - |
| hp | laserjet_enterprise_mfp_m725_cf066a_firmware | - |
| hp | laserjet_mfp_m234_6gx06a_firmware | - |
| hp | laserjet_mfp_m133_g3q64a_firmware | - |
| hp | laserjet_mfp_m237e_6gx05e_firmware | - |
| hp | laserjet_managed_mfp_e72425_5cm72a_firmware | - |
| hp | pagewide_color_mfp_774_4pa44a_firmware | - |
| hp | color_laserjet_managed_flow_e67660_3gy31a_firmware | - |
| hp | laserjet_m105_g3q35a_firmware | - |
| hp | laserjet_tank_mfp_1005_381u4a_firmware | - |
| hp | deskjet_2600_y5h66a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87640_x3a87a_firmware | - |
| hp | laserjet_pro_m15_w2g51a_firmware | - |
| hp | designjet_z9_w3z72c_firmware | * |
| hp | laserjet_mfp_m237_9yg10a_firmware | - |
| hp | laserjet_tank_mfp_2605_2r3f0a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr95a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87660_x3a89a_firmware | - |
| hp | officejet_6960_t0g26a_firmware | - |
| hp | officejet_pro_8020_5lj19a_firmware | - |
| hp | deskjet_ink_advantage_ultra_4800_25r66a_firmware | - |
| hp | color_laserjet_managed_mfp_e78225_8gs36a_firmware | - |
| hp | color_laserjet_enterprise_m652_j7z98a_firmware | - |
| hp | designjet_t2600_36"_mfp_y3t75a_firmware | * |
| hp | laserjet_mfp_m140_7md69a_firmware | - |
| hp | laserjet_tank_mfp_2605_381u7a_firmware | - |
| hp | designjet_t1700_1vd87a_firmware | * |
| hp | pagewide_enterprise_color_765_j7z04a_firmware | - |
| hp | smart_tank_7600_28c03a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs25a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_2gp26a_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z09a_firmware | - |
| hp | laserjet_mfp_m142_7md69a_firmware | - |
| hp | pagewide_enterprise_color_mfp_586_g1w39a_firmware | - |
| hp | laserjet_managed_mfp_e72530_x3a59a_firmware | - |
| hp | laserjet_mfp_m129_g3q61a_firmware | - |
| hp | laserjet_tank_1502_2r3e2a_firmware | - |
| hp | deskjet_ink_advantage_ultra_4800_25r69a_firmware | - |
| hp | smart_tank_720_2h1t6a_firmware | - |
| hp | deskjet_3700_t8w58a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs50a_firmware | - |
| hp | color_laserjet_pro_m154_t6b53a_firmware | - |
| hp | deskjet_3700_t8w93a_firmware | - |
| hp | designjet_t1600_36"_3ek12a_firmware | * |
| hp | color_laserjet_managed_flow_mfp_e67560_l3u66a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62565_j8j74a_firmware | - |
| hp | deskjet_4100e_26q94a_firmware | - |
| hp | color_laserjet_managed_flow_e77422_5cm79a_firmware | - |
| hp | laserjet_mfp_m236_9yf90a_firmware | - |
| hp | envy_inspire_7900e_2h2m8a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a59a_firmware | - |
| hp | laserjet_m110_7md66a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5cm75a_firmware | - |
| hp | hp_color_laserjet_enterprise_m554_7zu81a_firmware | * |
| hp | laserjet_managed_mfp_e72425_5cm68a_firmware | - |
| hp | deskjet_2600_y5h68a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m680_cz248a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87640_z8z14a_firmware | - |
| hp | laserjet_m210_6gw61a_firmware | - |
| hp | laserjet_mfp_m236e_9yf91e_firmware | - |
| hp | laserjet_mfp_m233e_9yg02e_firmware | - |
| hp | officejet_6950_p4c78a_firmware | - |
| hp | smart_tank_7600_28b97a_firmware | - |
| hp | pagewide_enterprise_color_mfp_780_j7z09a_firmware | - |
| hp | laserjet_m112_7md66a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5fm82a_firmware | - |
| hp | laserjet_managed_flow_mfp_e52545c_firmware | - |
| hp | color_laserjet_managed_mfp_e57540_3gy26a_firmware | - |
| hp | color_laserjet_managed_mfp_e77423_5cm77a_firmware | - |
| hp | color_laserjet_managed_mfp_e77424_5cm76a_firmware | - |
| hp | laserjet_m109e_7md68e_firmware | - |
| hp | color_laserjet_enterprise_mfp_m682_j8a17a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_5zn00a_firmware | - |
| hp | laserjet_tank_mfp_1603_2r3e7a_firmware | - |
| hp | color_laserjet_managed_mfp_e77426_5cm79a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a80a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_7ft02b_firmware | - |
| hp | laserjet_mfp_m234e_6gx05e_firmware | - |
| hp | officejet_8010_1kr58a_firmware | - |
| hp | color_laserjet_m578_mfp_7zu87a_firmware | * |
| hp | smart_tank_6000_2h3n3a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z08a_firmware | - |
| hp | laserjet_mfp_m236_6gx05a_firmware | - |
| hp | laserjet_pro_mfp_m29_w2g55a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m635_7ps97a_firmware | - |
| hp | laserjet_mfp_m142_7md73a_firmware | - |
| hp | laserjet_tank_mfp_2606_381u1a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs15a_firmware | - |
| hp | laserjet_pro_mfp_m427_f6w19a_firmware | - |
| hp | designjet_z6_t8w18d_firmware | * |
| hp | laserjet_mfp_m233e_9yf91e_firmware | - |
| hp | color_laserjet_enterprise_m554_7zu79a_firmware | - |
| hp | officejet_pro_6970_t0f37a_firmware | - |
| hp | smart_tank_510_1tj12a_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_586z_g1w40a_firmware | - |
| hp | color_laserjet_pro_mfp_m282_7kw74a_firmware | - |
| hp | laserjet_pro_m226_cf485a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5cm77a_firmware | - |
| hp | laserjet_enterprise_mfp_m632_j8j70a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z63a_firmware | - |
| hp | laserjet_m208_6gw61a_firmware | - |
| hp | laserjet_mfp_m234e_9yf91e_firmware | - |
| hp | pagewide_managed_color_mfp_e58650dn_l3u43a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_az8z20a_firmware | - |
| hp | smart_tank_plus_650_3yw48a_firmware | - |
| hp | laserjet_mfp_m140_2u589f_firmware | - |
| hp | color_laserjet_managed_mfp_e77424_5rc92a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_z8z05a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m680_cz249a_firmware | - |
| hp | laserjet_m208_9yf80a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_7ft03b_firmware | - |
| hp | smart_tank_720_2h0a6a_firmware | - |
| hp | officejet_managed_color_mfp_x585_b5l05a_firmware | - |
| hp | color_laserjet_managed_mfp_e67550_l3u70a_firmware | - |
| hp | laserjet_m210e_6gw62er_firmware | - |
| hp | laserjet_tank_2502_2r7f4a_firmware | - |
| hp | deskjet_3755_j9v90a_firmware | - |
| hp | deskjet_3755_1lu12a_firmware | - |
| hp | smart_tank_720_2g9q2a_firmware | - |
| hp | color_laserjet_managed_mfp_e77427_5cm77a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs30a_firmware | - |
| hp | laserjet_m110_2u582a_firmware | - |
| hp | laserjet_mfp_m236_9yf97a_firmware | - |
| hp | laserjet_mfp_m130_g3q62a_firmware | - |
| hp | laserjet_tank_1020_381v6a_firmware | - |
| hp | color_laserjet_managed_mfp_e78226_8gs12a_firmware | - |
| hp | smart_tank_plus_550_1tj11a_firmware | - |
| hp | laserjet_m112e_7md66e_firmware | - |
| hp | laserjet_pro_mfp_m30_y5s55a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m630_p7z47a_firmware | - |
| hp | laserjet_pro_m225_cf486a_firmware | - |
| hp | color_laserjet_pro_mfp_m185_7kw57a_firmware | - |
| hp | deskjet_2600_v1n03a_firmware | - |
| hp | laserjet_managed_mfp_e82550du_5rc83a_firmware | - |
| hp | laserjet_mfp_m237_9yg02a_firmware | - |
| hp | laserjet_mfp_m235e_6gx02e_firmware | - |
| hp | laserjet_m104_g3q34a_firmware | - |
| hp | laserjet_pro_m705_b6s00a_firmware | - |
| hp | color_laserjet_managed_mfp_e78225_8gs43a_firmware | - |
| hp | color_laserjet_pro_m453_w1y45a_firmware | - |
| hp | pagewide_xl_5200_4vw19f_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_z8z04a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a77a_firmware | - |
| hp | laserjet_enterprise_700_m712_cf236a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62555_j8j80a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_z8z00a_firmware | - |
| hp | laserjet_enterprise_mfp_m630_b3g85a_firmware | - |
| hp | laserjet_mfp_m237e_6gx00e_firmware | - |
| hp | officejet_pro_8710_j6x76a_firmware | - |
| hp | officejet_pro_9020_1mr73a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62565_j8j67a_firmware | - |
| hp | laserjet_m109_7md66a_firmware | - |
| hp | laserjet_mfp_m233_9yf98a_firmware | - |
| hp | color_laserjet_pro_m153_t6b50a_firmware | - |
| hp | laserjet_mfp_m235_6gx05a_firmware | - |
| hp | laserjet_mfp_m141_7md71a_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z06a_firmware | - |
| hp | officejet_pro_6960_t0f28a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd24f_firmware | - |
| hp | color_laserjet_pro_mfp_m284_7kw76a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m633_j8j76a_firmware | - |
| hp | pagewide_pro_577z_k9z76a_firmware | - |
| hp | designjet_t1700_w6b56b_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8pe97a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m632_j8j72a_firmware | - |
| hp | officejet_pro_9010_1kr42a_firmware | - |
| hp | pagewide_enterprise_color_mfp_586_g1w40a_firmware | - |
| hp | laserjet_mfp_m227_g3q77a_firmware | - |
| hp | laserjet_pro_mfp_m427_f6w17a_firmware | - |
| hp | color_laserjet_pro_mfp_m185_7kw56a_firmware | - |
| hp | color_laserjet_managed_flow_e77423_5cm79a_firmware | - |
| hp | officejet_pro_9020_1mr74a_firmware | - |
| hp | officejet_pro_8710_j6x81a_firmware | - |
| hp | color_laserjet_pro_m154_t6b52a_firmware | - |
| hp | color_laserjet_managed_mfp_m775_l3u50a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z61a_firmware | - |
| hp | deskjet_2700e_26k72b_firmware | - |
| hp | laserjet_pro_mfp_m31_w2g56a_firmware | - |
| hp | laserjet_pro_m405_93m22a_firmware | - |
| hp | laserjet_pro_mfp_m426_f6w15a_firmware | - |
| hp | envy_6000_5se16a_firmware | - |
| hp | laserjet_mfp_m129_g3q65a_firmware | - |
| hp | designjet_z6_t8w15d_firmware | * |
| hp | laserjet_managed_mfp_e82560du_5cm61a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a84a_firmware | - |
| hp | laserjet_mfp_m228_g3q79a_firmware | - |
| hp | laserjet_pro_m202_c6n21a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650du_5fm82a_firmware | - |
| hp | laserjet_pro_mfp_m429_w1a30a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z010a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a83a_firmware | - |
| hp | designjet_z6_t8w16h_firmware | * |
| hp | deskjet_2600_v1n08a_firmware | - |
| hp | laserjet_enterprise_color_flow_mfp_m575_cd644_firmware | - |
| hp | designjet_t1700_w6b55h_firmware | * |
| hp | laserjet_pro_m202_c6n20a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a74a_firmware | - |
| hp | laserjet_managed_mfp_e72530_x3a63a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_9rt91a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_z8z19_firmware | - |
| hp | designjet_t1600_36"_3ek13a_firmware | * |
| hp | color_laserjet_pro_m453_w1y44a_firmware | - |
| hp | laserjet_managed_e50145_1pu51a_firmware | - |
| hp | laserjet_enterprise_mfp_m528_1pv66a_firmware | - |
| hp | laserjet_pro_m304_w1a48a_firmware | - |
| hp | color_laserjet_managed_mfp_e67550_l3u66a_firmware | - |
| hp | laserjet_managed_mfp_e82540du_5fm78a_firmware | - |
| hp | laserjet_m210_9yf84a_firmware | - |
| hp | color_laserjet_managed_mfp_e78225_8gs13a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87640_x3a89a_firmware | - |
| hp | laserjet_pro_mfp_m429_w1a32a_firmware | - |
| hp | color_laserjet_managed_mfp_e77425_5cm76a_firmware | - |
| hp | pagewide_xl_4200_4vw13f_firmware | - |
| hp | designjet_t1700_w6b55e_firmware | * |
| hp | envy_6000_6wd35a_firmware | - |
| hp | designjet_t1700_w6b55c_firmware | * |
| hp | color_laserjet_pro_mfp_m182_7kw59a_firmware | - |
| hp | designjet_z6_t8w16a_firmware | * |
| hp | deskjet_2600_5sf03a_firmware | - |
| hp | designjet_t1700_w6b56f_firmware | * |
| hp | laserjet_m112a_2u581a_firmware | - |
| hp | laserjet_enterprise_700_m712_cf235a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5cm58a_firmware | - |
| hp | color_laserjet_pro_mfp_m184_7kw57a_firmware | - |
| hp | color_laserjet_pro_mfp_m477_cf377a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m680_ca251a_firmware | - |
| hp | color_laserjet_managed_mfp_m775_cf304a_firmware | - |
| hp | laserjet_pro_m402_c5j91a_firmware | - |
| hp | deskjet_ink_advantage_3700_1dt62a_firmware | - |
| hp | officejet_pro_9020e_1g5m0a_firmware | - |
| hp | laserjet_mfp_m132_g3q61a_firmware | - |
| hp | deskjet_2700e_297x1a_firmware | - |
| hp | laserjet_m212e_6gw62er_firmware | - |
| hp | designjet_xl_3600_mfp_6dh33h_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z65a_firmware | - |
| hp | color_laserjet_pro_m153_t6b53a_firmware | - |
| hp | deskjet_3630_k4t95a_firmware | - |
| hp | laserjet_enterprise_m607_k0q15a_firmware | - |
| hp | laserjet_pro_m404_w1a52a_firmware | - |
| hp | color_laserjet_pro_mfp_m277_b3q17a_firmware | - |
| hp | deskjet_3755_j9v91a_firmware | - |
| hp | deskjet_4100e_26q97a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m577_b5l49a_firmware | - |
| hp | officejet_pro_6970_j7k34a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5cm65a_firmware | - |
| hp | laserjet_enterprise_m4555_mfp_ce504a_firmware | - |
| hp | laserjet_mfp_m236_6gx04a_firmware | - |
| hp | laserjet_m210_9yf85a_firmware | - |
| hp | color_laserjet_pro_m155_7kw49a_firmware | - |
| hp | officejet_pro_8030_5lj17a_firmware | - |
| hp | laserjet_mfp_m133_g3q68a_firmware | - |
| hp | laserjet_tank_mfp_2605_381u5a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs27a_firmware | - |
| hp | officejet_pro_6970_j7k36a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_2gp23a_firmware | - |
| hp | laserjet_managed_mfp_e62555_j8j79a_firmware | - |
| hp | laserjet_m105_g3q37a_firmware | - |
| hp | laserjet_mfp_m234_9yg05a_firmware | - |
| hp | laserjet_mfp_m232_9yg08a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j73a_firmware | - |
| hp | color_laserjet_pro_m253_t6b61a_firmware | - |
| hp | laserjet_managed_e60065_m0p39a_firmware | - |
| hp | laserjet_tank_mfp_2603_381u7a_firmware | - |
| hp | laserjet_mfp_m129_g3q64a_firmware | - |
| hp | pagewide_managed_p55250dw_j6u55a_firmware | - |
| hp | color_laserjet_managed_mfp_e78226_8gs37a_firmware | - |
| hp | laserjet_mfp_m236_9yf95a_firmware | - |
| hp | laserjet_m110_2u584a_firmware | - |
| hp | laserjet_mfp_m133_g3q65a_firmware | - |
| hp | deskjet_2700_8rk11a_firmware | - |
| hp | laserjet_mfp_m139e_7md76e_firmware | - |
| hp | deskjet_plus_4100_7fs77b_firmware | - |
| hp | laserjet_mfp_m235_9yf95a_firmware | - |
| hp | laserjet_m206_g3q48a_firmware | - |
| hp | laserjet_pro_mfp_m427_f6w13a_firmware | - |
| hp | officejet_pro_9020e_226y9a_firmware | - |
| hp | laserjet_m110_7md68a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5cm59a_firmware | - |
| hp | laserjet_pro_m705_k9g90a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a66a_firmware | - |
| hp | color_laserjet_pro_mfp_m284_7kw74a_firmware | - |
| hp | laserjet_mfp_m235e_6gw99e_firmware | - |
| hp | laserjet_tank_mfp_2604_381u8a_firmware | - |
| hp | laserjet_managed_flow_mfp_m830_l3u65a_firmware | - |
| hp | designjet_z9_w3z71f_firmware | * |
| hp | laserjet_managed_flow_mfp_e82550_x3a71a_firmware | - |
| hp | laserjet_pro_m226_cf486a_firmware | - |
| hp | laserjet_managed_mfp_e62665_3gy14a_firmware | - |
| hp | laserjet_mfp_m234_9yf91a_firmware | - |
| hp | smart_tank_7000_28b50a_firmware | - |
| hp | envy_inspire_7900e_242p6b_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a72a_firmware | - |
| hp | officejet_enterprise_color_x555_c2s12a_firmware | - |
| hp | deskjet_plus_4100_7fs79b_firmware | - |
| hp | deskjet_plus_ink_advantage_6400_5sd78a_firmware | - |
| hp | color_laserjet_pro_m254_t6b57a_firmware | - |
| hp | color_laserjet_managed_e75245_t3u43a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a69a_firmware | - |
| hp | laserjet_m110a_7md67a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87650_x3a90a_firmware | - |
| hp | deskjet_2700e_26k68a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m880z_a2w76a_firmware | * |
| hp | laserjet_mfp_m134_g3q58a_firmware | - |
| hp | laserjet_tank_mfp_1602_381l0a_firmware | - |
| hp | officejet_pro_6960_j7k38a_firmware | - |
| hp | officejet_252_n4l16c_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67550_l3u66a_firmware | - |
| hp | pagewide_pro_750dw_a7w93a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr95a_firmware | - |
| hp | color_laserjet_cm4540_mfp_cc420a_firmware | * |
| hp | envy_inspire_7900e_2h2n1b_firmware | - |
| hp | envy_inspire_7900e_1w2y9a_firmware | - |
| hp | laserjet_m208e_6gw62e_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5rc84a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m682_j8a16a_firmware | - |
| hp | color_laserjet_managed_mfp_e78227_8gs36a_firmware | - |
| hp | laserjet_enterprise_mfp_m725_l3u64a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd25h_firmware | - |
| hp | laserjet_m102_g3q37a_firmware | - |
| hp | laserjet_mfp_m235_9yf96a_firmware | - |
| hp | officejet_pro_8740_t0g65a_firmware | - |
| hp | laserjet_pro_mfp_m28_y5s53a_firmware | - |
| hp | laserjet_managed_mfp_e62555_j8j73a_firmware | - |
| hp | laserjet_managed_mfp_e82560_z8z22a_firmware | - |
| hp | color_laserjet_managed_mfp_e78226_8gs44a_firmware | - |
| hp | laserjet_enterprise_m609_k0q22a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5rc83a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a81a_firmware | - |
| hp | color_laserjet_pro_mfp_m478_w1a80a_firmware | - |
| hp | laserjet_enterprise_500_mfp_m525f_cf116a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_2gp26a_firmware | - |
| hp | laserjet_managed_mfp_e82560_z8z19_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs26a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m680_l3u47a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z61a_firmware | - |
| hp | officejet_6950_t3p03a_firmware | - |
| hp | color_laserjet_pro_mfp_m184_7kw55a_firmware | - |
| hp | officejet_pro_8030e_5lj16a_firmware | - |
| hp | laserjet_mfp_m227_g3q79a_firmware | - |
| hp | laserjet_mfp_m229_g3q77a_firmware | - |
| hp | laserjet_pro_mfp_m428_w1a28a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m776_t3u56a_firmware | - |
| hp | officejet_3830_f5r99a_firmware | - |
| hp | laserjet_mfp_m140e_2a130e_firmware | - |
| hp | laserjet_mfp_m129_g3q58a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a66a_firmware | - |
| hp | designjet_t1600_36"_3ek13b_firmware | * |
| hp | laserjet_m212_9yf82a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_z8z05a_firmware | - |
| hp | laserjet_tank_mfp_2602_381u5a_firmware | - |
| hp | laserjet_mfp_m141_7md74a_firmware | - |
| hp | laserjet_pro_mfp_m427_c5f97a_firmware | - |
| hp | laserjet_mfp_m235_6gx04a_firmware | - |
| hp | color_laserjet_pro_mfp_m478_w1a82a_firmware | - |
| hp | laserjet_pro_mfp_m428_w1a34a_firmware | - |
| hp | laserjet_managed_e60155_3gy12a_firmware | - |
| hp | laserjet_mfp_m229_g3q79a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a75a_firmware | - |
| hp | deskjet_4100e_26q90a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62565_j8j80a_firmware | - |
| hp | laserjet_pro_m403_c5f93a_firmware | - |
| hp | color_laserjet_pro_m253_t6b64a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m577_b5l54a_firmware | - |
| hp | color_laserjet_managed_flow_e77422_5cm75a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87650_x3a93a_firmware | - |
| hp | laserjet_mfp_m230_q3q75a_firmware | - |
| hp | designjet_z6+_pro_2qu25f_firmware | * |
| hp | laserjet_managed_mfp_e82550du_5fm76a_firmware | - |
| hp | color_laserjet_pro_m453_w1y47a_firmware | - |
| hp | laserjet_managed_mfp_e82540du_5fm77a_firmware | - |
| hp | laserjet_m208_9yf85a_firmware | - |
| hp | color_laserjet_pro_m256_7kw68a_firmware | - |
| hp | laserjet_pro_m403_f6j44a_firmware | - |
| hp | laserjet_pro_m703_b6s00a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs12a_firmware | - |
| hp | pagewide_pro_750dn_y3z44a_firmware | - |
| hp | laserjet_tank_mfp_2604_2r3f0a_firmware | - |
| hp | laserjet_pro_mfp_m426_f6w17a_firmware | - |
| hp | color_laserjet_pro_mfp_m377_cf377a_firmware | - |
| hp | laserjet_tank_mfp_2604_381u9a_firmware | - |
| hp | color_laserjet_m578_mfp_7zu88a_firmware | * |
| hp | officejet_pro_6960_t0f38a_firmware | - |
| hp | laserjet_managed_mfp_e72425_5cm69a_firmware | - |
| hp | laserjet_m207e_6gw62er_firmware | - |
| hp | color_laserjet_pro_mfp_m280_t6b82a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87650_z8z15a_firmware | - |
| hp | color_laserjet_pro_m452_cf388a_firmware | - |
| hp | laserjet_m211_9yf80a_firmware | - |
| hp | laserjet_m110a_7md65a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5fm81a_firmware | - |
| hp | laserjet_mfp_m232_6gx03a_firmware | - |
| hp | color_laserjet_pro_mfp_m282_7kw78a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m631_j8j64a_firmware | - |
| hp | officejet_pro_8210_j3p67a_firmware | - |
| hp | laserjet_mfp_m227_g3q76a_firmware | - |
| hp | laserjet_pro_mfp_m31_y5s54a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a60a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_5zn01a_firmware | - |
| hp | deskjet_2600_v1n07a_firmware | - |
| hp | officejet_pro_8030_1kr61a_firmware | - |
| hp | laserjet_tank_mfp_2606_381v1a_firmware | - |
| hp | laserjet_managed_mfp_e72530_x3a60a_firmware | - |
| hp | officejet_enterprise_color_x555_c2s11a_firmware | - |
| hp | laserjet_m112e_2u582e_firmware | - |
| hp | designjet_xl_3600_mfp_2yb64h_firmware | - |
| hp | pagewide_xl_4200_4vw13h_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a81a_firmware | - |
| hp | laserjet_mfp_m236_9yg10a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5cm70a_firmware | - |
| hp | smart_tank_plus_550_3yw73a_firmware | - |
| hp | laserjet_mfp_m130_g3q63a_firmware | - |
| hp | laserjet_mfp_m230_g3q78a_firmware | - |
| hp | color_laserjet_pro_mfp_m478_w1a81a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_2gp25a_firmware | - |
| hp | designjet_xl_3600_mfp_6kd25m_firmware | - |
| hp | smart_tank_plus_550_3yw75a_firmware | - |
| hp | designjet_t1700_w6b55f_firmware | - |
| hp | laserjet_enterprise_m607_k0q14a_firmware | - |
| hp | laserjet_mfp_m131_g3q64a_firmware | - |
| hp | laserjet_pro_mfp_m428_w1a38a_firmware | - |
| hp | deskjet_2700e_26k71a_firmware | - |
| hp | laserjet_pro_m403_c5f95a_firmware | - |
| hp | laserjet_mfp_m232_9yf97a_firmware | - |
| hp | laserjet_pro_mfp_m426_f6w13a_firmware | - |
| hp | laserjet_enterprise_mfp_m430_3pz55a_firmware | - |
| hp | laserjet_mfp_m228_g3q77a_firmware | - |
| hp | laserjet_enterprise_mfp_m635_7ps98a_firmware | - |
| hp | officejet_pro_8740_k7s43a_firmware | - |
| hp | laserjet_mfp_m235_9yf98a_firmware | - |
| hp | pagewide_managed_p77750z_w1b37a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs44a_firmware | - |
| hp | pagewide_pro_452dn_d3q15a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5rc89a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_x3a59a_firmware | - |
| hp | laserjet_tank_mfp_2605_381u8a_firmware | - |
| hp | designjet_xl_3600_mfp_2yb64i_firmware | - |
| hp | laserjet_m205_g3q50a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5cm64a_firmware | - |
| hp | deskjet_plus_4100_3xv15d_firmware | - |
| hp | laserjet_mfp_m237_6gx04a_firmware | - |
| hp | smart_tank_6000_2h5s3a_firmware | - |
| hp | laserjet_managed_mfp_e82550_z8z18a_firmware | - |
| hp | officejet_pro_8020_1kr62a_firmware | - |
| hp | deskjet_3755_j9v92a_firmware | - |
| hp | laserjet_mfp_m142_7md70f_firmware | - |
| hp | laserjet_pro_m706_b6s00a_firmware | - |
| hp | laserjet_m112_2u587a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_z8z22a_firmware | - |
| hp | laserjet_managed_e60165_3gy09a_firmware | - |
| hp | laserjet_m205_g3q47a_firmware | - |
| hp | designjet_t2600_36"_mfp_3xb78f_firmware | * |
| hp | laserjet_mfp_m233_6gx03a_firmware | - |
| hp | color_laserjet_managed_mfp_e77426_5rc92a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_z8z02a_firmware | - |
| hp | laserjet_tank_mfp_1604_381l0a_firmware | - |
| hp | deskjet_plus_4100_3xv15a_firmware | - |
| hp | laserjet_enterprise_m611_7ps83a_firmware | - |
| hp | laserjet_pro_mfp_m429_w1a28a_firmware | - |
| hp | smart_tank_510_3yw70a_firmware | - |
| hp | pagewide_pro_750dw_y3z46a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650du_5rc88a_firmware | - |
| hp | laserjet_enterprise_mfp_m631_j8j63a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m631_j8j63a_firmware | - |
| hp | laserjet_pro_mfp_m429_w1a38a_firmware | - |
| hp | designjet_z9_w3z72f_firmware | * |
| hp | color_laserjet_cm4540_mfp_cc421a_firmware | * |
| hp | laserjet_m204_g3q50a_firmware | - |
| hp | laserjet_pro_m704_b6s02a_firmware | - |
| hp | laserjet_pro_mfp_m426_f6w16a_firmware | - |
| hp | officejet_pro_9020_1mr70a_firmware | - |
| hp | laserjet_mfp_m131_g3q60a_firmware | - |
| hp | laserjet_tank_mfp_2602_381u6a_firmware | - |
| hp | color_laserjet_managed_mfp_flow_e87650_z8z16a_firmware | - |
| hp | laserjet_m212_6gw63a_firmware | - |
| hp | deskjet_plus_4100_7fs87a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5cm75a_firmware | - |
| hp | laserjet_pro_mfp_m31_w2g57a_firmware | - |
| hp | laserjet_m112e_2u584e_firmware | - |
| hp | deskjet_3700_t8w51a_firmware | - |
| hp | color_laserjet_managed_flow_e77425_5cm78a_firmware | - |
| hp | laserjet_managed_mfp_e82540du_5cm58a_firmware | - |
| hp | laserjet_mfp_m140_7md73a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a74a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_5zn98a_firmware | - |
| hp | color_laserjet_managed_e65160_3gy03a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs00a_firmware | - |
| hp | smart_tank_plus_650_y0f73a_firmware | - |
| hp | officejet_pro_6960_j7k35a_firmware | - |
| hp | laserjet_mfp_m237_6gx03a_firmware | - |
| hp | laserjet_enterprise_mfp_m725_l3u63a_firmware | - |
| hp | color_laserjet_enterprise_m751_t3u44a_firmware | - |
| hp | laserjet_m204_g3q48a_firmware | - |
| hp | laserjet_mfp_m131_g3q57a_firmware | - |
| hp | smart_tank_plus_550_1tj10a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a62a_firmware | - |
| hp | laserjet_enterprise_m506_f2a69a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62555_j8j73a_firmware | - |
| hp | laserjet_managed_mfp_e62665_3gy17a_firmware | - |
| hp | laserjet_tank_mfp_2603_381u0a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e58650z_firmware | - |
| hp | pagewide_enterprise_color_mfp_586_g1w41a_firmware | - |
| hp | laserjet_m112e_7md68e_firmware | - |
| hp | laserjet_pro_mfp_m426_c5f97a_firmware | - |
| hp | laserjet_mfp_m235_9yf89a_firmware | - |
| hp | laserjet_mfp_m141_1y7d4a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e57540_3gy25a_firmware | - |
| hp | deskjet_plus_ink_advantage_4100_7hz75b_firmware | - |
| hp | laserjet_mfp_m142_2u589f_firmware | - |
| hp | designjet_t1700_1vd88b_firmware | - |
| hp | laserjet_mfp_m234_9yg08a_firmware | - |
| hp | officejet_enterprise_color_mfp_x585_l3u40a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a81a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_5zn98a_firmware | - |
| hp | laserjet_m109e_2u587e_firmware | - |
| hp | deskjet_2700_3xv17a_firmware | - |
| hp | smart_tank_720_28b72a_firmware | - |
| hp | officejet_pro_9020_1mr71a_firmware | - |
| hp | smart_tank_790_2g9q9a_firmware | - |
| hp | laserjet_enterprise_700_m712_cf238a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a84a_firmware | - |
| hp | officejet_pro_8216_t0g70a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z64a_firmware | - |
| hp | laserjet_pro_m225_cf484a_firmware | - |
| hp | laserjet_pro_m404_w1a51a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67560_l3u70a_firmware | - |
| hp | color_laserjet_managed_m651_cz255a_firmware | * |
| hp | color_laserjet_enterprise_flow_mfp_m577_b5l47a_firmware | - |
| hp | laserjet_mfp_m131_g3q66a_firmware | - |
| hp | laserjet_enterprise_mfp_m635_7ps99a_firmware | - |
| hp | laserjet_mfp_m236_6gx03a_firmware | - |
| hp | laserjet_mfp_m129_g3q62a_firmware | - |
| hp | color_laserjet_pro_m452_cf389v_firmware | - |
| hp | laserjet_pro_mfp_m148_4pa42a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8pe96a_firmware | - |
| hp | laserjet_managed_mfp_flow_e62575_j8j66a_firmware | - |
| hp | officejet_pro_6970_t0f29a_firmware | - |
| hp | laserjet_enterprise_m606_e6b72a_firmware | - |
| hp | laserjet_mfp_m230_g3q74a_firmware | - |
| hp | designjet_t1700_1vd88f_firmware | - |
| hp | designjet_z9_x9d24g_firmware | * |
| hp | laserjet_managed_e60175_3gy12a_firmware | - |
| hp | color_laserjet_pro_m253_t6b65a_firmware | - |
| hp | smart_tank_6000_28c15a_firmware | - |
| hp | pagewide_managed_p75050dw_w1b29a_firmware | - |
| hp | deskjet_plus_4100_7fs74a_firmware | - |
| hp | color_laserjet_managed_mfp_e77423_5cm78a_firmware | - |
| hp | officejet_pro_8710_t0g47a_firmware | - |
| hp | laserjet_mfp_m130_g3q61a_firmware | - |
| hp | color_laserjet_managed_mfp_e77425_5cm75a_firmware | - |
| hp | laserjet_tank_mfp_2603_381v0a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a68a_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z011a_firmware | - |
| hp | color_laserjet_managed_mfp_e78227_8gs44a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j74a_firmware | - |
| hp | color_laserjet_pro_mfp_m285_7kw75a_firmware | - |
| hp | color_laserjet_managed_e45028_3qa35a_firmware | - |
| hp | laserjet_enterprise_m612_7ps87a_firmware | - |
| hp | officejet_pro_8030_1kr57a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650du_5cm66a_firmware | - |
| hp | color_laserjet_pro_m253_t6b58a_firmware | - |
| hp | color_laserjet_pro_m253_t6b59a_firmware | - |
| hp | laserjet_m211_9yf82a_firmware | - |
| hp | officejet_pro_6960_j7k33a_firmware | - |
| hp | officejet_pro_6960_j7k39a_firmware | - |
| hp | laserjet_enterprise_m608_k0q19a_firmware | - |
| hp | laserjet_managed_mfp_e82540_z8z22a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z64a_firmware | - |
| hp | designjet_t1700_w6b56e_firmware | * |
| hp | laserjet_managed_mfp_e62665_3gy15a_firmware | - |
| hp | laserjet_enterprise_mfp_m636_7pt00a_firmware | - |
| hp | laserjet_managed_e60055_m0p33a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_z8z011a_firmware | - |
| hp | color_laserjet_cm4540_mfp_cc419a_firmware | * |
| hp | laserjet_managed_flow_mfp_e82540_x3a75a_firmware | - |
| hp | smart_tank_7300_6uu47a_firmware | - |
| hp | laserjet_mfp_m234_9yf98a_firmware | - |
| hp | designjet_z6_t8w15a_firmware | * |
| hp | laserjet_mfp_m232_9yg10a_firmware | - |
| hp | deskjet_ink_advantage_ultra_5730_f5s61a_firmware | - |
| hp | smart_tank_510_1tj10a_firmware | - |
| hp | laserjet_pro_m405_w1a53a_firmware | - |
| hp | deskjet_plus_4100_8qb70a_firmware | - |
| hp | color_laserjet_enterprise_m651_l8z07a_firmware | * |
| hp | laserjet_m207_6gw61a_firmware | - |
| hp | designjet_xl_3600_mfp_2yb64f_firmware | - |
| hp | officejet_pro_8710_t0g49a_firmware | - |
| hp | laserjet_pro_m15_y5s43a_firmware | - |
| hp | smart_tank_plus_550_6hf11a_firmware | - |
| hp | pagewide_xl_5200_4vw20a_firmware | - |
| hp | designjet_t1700_w6b55a_firmware | * |
| hp | officejet_pro_8710_m9l66a_firmware | - |
| hp | color_laserjet_enterprise_m553_b5l24a_firmware | * |
| hp | color_laserjet_managed_mfp_e78323_8gs26a_firmware | - |
| hp | color_laserjet_managed_mfp_m577_b5l50a_firmware | - |
| hp | officejet_pro_8730_k7s32a_firmware | - |
| hp | designjet_t1700_w6b56f_firmware | - |
| hp | color_laserjet_pro_m454_w1y41a_firmware | - |
| hp | designjet_z6_t8w16b_firmware | * |
| hp | laserjet_pro_mfp_m29_y5s53a_firmware | - |
| hp | laserjet_mfp_m236_6gx06a_firmware | - |
| hp | laserjet_managed_mfp_e52645_1ps54a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5fm80a_firmware | - |
| hp | laserjet_enterprise_500_mfp_m525f_cf117a_firmware | - |
| hp | color_laserjet_managed_mfp_e77425_5rc92a_firmware | - |
| hp | laserjet_pro_m704_b6s00a_firmware | - |
| hp | color_laserjet_pro_m153_t6b55a_firmware | - |
| hp | laserjet_managed_mfp_e72425_5rc89a_firmware | - |
| hp | color_laserjet_managed_mfp_e67560_l3u70a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs37a_firmware | - |
| hp | officejet_6960_t0g25a_firmware | - |
| hp | laserjet_mfp_m132_g3q60a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_2gp25a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m880zm_l3u52a_firmware | * |
| hp | laserjet_mfp_m232_9yf94a_firmware | - |
| hp | designjet_z9_w3z72b_firmware | * |
| hp | laserjet_managed_m506_f2a70a_firmware | - |
| hp | color_laserjet_managed_mfp_e78225_8gs44a_firmware | - |
| hp | deskjet_ink_advantage_3700_3yz75a_firmware | - |
| hp | deskjet_4100e_26q90b_firmware | - |
| hp | laserjet_m212_6gw62a_firmware | - |
| hp | laserjet_mfp_m235_6gw71a_firmware | - |
Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-639,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | designjet_z6810_2qu14a_firmware | px8_06_05_02.1 |
| hp | designjet_z6600_f2s71a_firmware | ptr6_03_07_06.1 |
| hp | designjet_t3500_b9e24b_firmware | aeneas_04_09_06.1 |
| hp | designjet_z6800_f2s72a_firmware | ptr8_03_07_06.1 |
| hp | designjet_t2530_l2y26a_firmware | mry_07_07_04.1 |
| hp | designjet_z6810_2qu12b_firmware | px8_06_05_02.1 |
| hp | designjet_z6810_2qu14b_firmware | px8_06_05_02.1 |
| hp | designjet_t930_l2y22b_firmware | mry_07_07_04.1 |
| hp | designjet_t3500_b9e25a_firmware | aeneas_04_09_06.1 |
| hp | designjet_t920_cr355a_firmware | mry_07_07_04.1 |
| hp | designjet_t920_cr355b_firmware | mry_07_07_04.1 |
| hp | designjet_t1530_l2y23a_firmware | mry_07_07_04.1 |
| hp | designjet_t1530_l2y24a_firmware | mry_07_07_04.1 |
| hp | designjet_t920_cr354a_firmware | mry_07_07_04.1 |
| hp | designjet_t2530_l2y26b_firmware | mry_07_07_04.1 |
| hp | designjet_z6610_2qu13b_firmware | px6_06_05_02.1 |
| hp | designjet_t930_l2y21b_firmware | mry_07_07_04.1 |
| hp | designjet_z6800_f2s72b_firmware | ptr8_03_07_06.1 |
| hp | designjet_t3500_b9e24a_firmware | aeneas_04_09_06.1 |
| hp | designjet_z6600_f2s71ar_firmware | ptr6_03_07_06.1 |
| hp | designjet_t930_l2y21a_firmware | mry_07_07_04.1 |
| hp | designjet_z6800_f2s72ar_firmware | ptr8_03_07_06.1 |
| hp | designjet_t1530_l2y24b_firmware | mry_07_07_04.1 |
| hp | designjet_z6810_2qu12a_firmware | px8_06_05_02.1 |
| hp | designjet_t930_l2y22a_firmware | mry_07_07_04.1 |
| hp | designjet_t2530_l2y25a_firmware | mry_07_07_04.1 |
| hp | designjet_z6610_2qu13a_firmware | px6_06_05_02.1 |
Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_5_firmware | * |
A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | jumpstart | - |
A potential security vulnerability has been identified in HP ThinPro 7.2 Service Pack 8 (SP8). The security vulnerability in SP8 is not remedied after upgrading from SP8 to Service Pack 9 (SP9). HP has released Service Pack 10 (SP10) to remediate the potential vulnerability introduced in SP8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | thinpro | 7.2 |
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
Potential arbitrary file deletion vulnerability has been identified in HP Support Assistant software.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
A vulnerability in the Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to intercept sensitive information in Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system versions: 4.3.0 build 2208101 and below. Aruba has released upgrades for Virtual Intranet Access (VIA) Client that address this security vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_virtual_intranet_access | * |
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
A local authentication restriction bypass vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_4 | * |
A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_bios | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_bios | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_bios | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_bios | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_bios | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_bios | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_bios | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_bios | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_bios | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_bios | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products which may allow Escalation of Privilege, Arbitrary Code Execution, Unauthorized Code Execution, Denial of Service, and Information Disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_bios | * |
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | probook_440_g8_firmware | * |
| hp | prodesk_405_g6_small_form_factor_firmware | * |
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | probook_440_g8_firmware | * |
| hp | prodesk_405_g6_small_form_factor_firmware | * |
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | probook_440_g8_firmware | * |
| hp | prodesk_405_g6_small_form_factor_firmware | * |
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | probook_440_g8_firmware | * |
| hp | prodesk_405_g6_small_form_factor_firmware | * |
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | probook_440_g8_firmware | * |
| hp | prodesk_405_g6_small_form_factor_firmware | * |
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | probook_440_g8_firmware | * |
| hp | prodesk_405_g6_small_form_factor_firmware | * |
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_mfp_m478-m479_w1a78a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y46a_firmware | * |
| hp | pagewide_managed_p55250dw_j6u55a_firmware | * |
| hp | officejet_pro_8210_j3p67a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a77a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a56a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y44a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a47a_firmware | * |
| hp | laserjet_pro_m404-m405_93m22a_firmware | * |
| hp | pagewide_pro_477dw_d3q20a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a33a_firmware | * |
| hp | officejet_pro_8740_j6x83a_firmware | * |
| hp | pagewide_pro_452dw_d3q16a_firmware | * |
| hp | pagewide_pro_577dw_d3q21a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a48a_firmware | * |
| hp | officejet_pro_8210_d9l63a_firmware | * |
| hp | pagewide_pro_552dw_d3q17a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y43a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a81a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a66a_firmware | * |
| hp | officejet_pro_8730_d9l20a_firmware | * |
| hp | officejet_pro_8740_d9l21a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a60a_firmware | * |
| hp | pagewide_377dw_j9v80a_firmware | * |
| hp | officejet_pro_8210_j3p65a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a53a_firmware | * |
| hp | pagewide_352dw_j6u57a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a57a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a82a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a28a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a38a_firmware | * |
| hp | officejet_pro_8740_k7s40a_firmware | * |
| hp | pagewide_managed_p55250dw_j6u55b_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a80a_firmware | * |
| hp | officejet_pro_8740_k7s39a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a63a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a76a_firmware | * |
| hp | officejet_pro_8216_t0g70a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a59a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a52a_firmware | * |
| hp | officejet_pro_8740_k7s41a_firmware | * |
| hp | pagewide_managed_p55250dw_j6u51b_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a31a_firmware | * |
| hp | officejet_pro_8740_k7s42a_firmware | * |
| hp | officejet_pro_8210_j3p66a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a58a_firmware | * |
| hp | pagewide_managed_p57750dw_j9v82a_firmware | * |
| hp | pagewide_pro_452dn_d3q15a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y40a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a79a_firmware | * |
| hp | pagewide_pro_577z_k9z76a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y41a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a32a_firmware | * |
| hp | officejet_pro_8730_k7s32a_firmware | * |
| hp | officejet_pro_8740_t0g65a_firmware | * |
| hp | pagewide_pro_477dn_d3q19a_firmware | * |
| hp | officejet_pro_8210_d9l64a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a75a_firmware | * |
| hp | officejet_pro_8210_j3p68a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a30a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a46a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a34a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a35a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y47a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y45a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a51a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a29a_firmware | * |
| hp | officejet_pro_8740_k7s43a_firmware | * |
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_mfp_m478-m479_w1a78a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y46a_firmware | * |
| hp | pagewide_managed_p55250dw_j6u55a_firmware | * |
| hp | officejet_pro_8210_j3p67a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a77a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a56a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y44a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a47a_firmware | * |
| hp | laserjet_pro_m404-m405_93m22a_firmware | * |
| hp | pagewide_pro_477dw_d3q20a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a33a_firmware | * |
| hp | officejet_pro_8740_j6x83a_firmware | * |
| hp | pagewide_pro_452dw_d3q16a_firmware | * |
| hp | pagewide_pro_577dw_d3q21a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a48a_firmware | * |
| hp | officejet_pro_8210_d9l63a_firmware | * |
| hp | pagewide_pro_552dw_d3q17a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y43a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a81a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a66a_firmware | * |
| hp | officejet_pro_8730_d9l20a_firmware | * |
| hp | officejet_pro_8740_d9l21a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a60a_firmware | * |
| hp | pagewide_377dw_j9v80a_firmware | * |
| hp | officejet_pro_8210_j3p65a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a53a_firmware | * |
| hp | pagewide_352dw_j6u57a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a57a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a82a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a28a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a38a_firmware | * |
| hp | officejet_pro_8740_k7s40a_firmware | * |
| hp | pagewide_managed_p55250dw_j6u55b_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a80a_firmware | * |
| hp | officejet_pro_8740_k7s39a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a63a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a76a_firmware | * |
| hp | officejet_pro_8216_t0g70a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a59a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a52a_firmware | * |
| hp | officejet_pro_8740_k7s41a_firmware | * |
| hp | pagewide_managed_p55250dw_j6u51b_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a31a_firmware | * |
| hp | officejet_pro_8740_k7s42a_firmware | * |
| hp | officejet_pro_8210_j3p66a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a58a_firmware | * |
| hp | pagewide_managed_p57750dw_j9v82a_firmware | * |
| hp | pagewide_pro_452dn_d3q15a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y40a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a79a_firmware | * |
| hp | pagewide_pro_577z_k9z76a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y41a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a32a_firmware | * |
| hp | officejet_pro_8730_k7s32a_firmware | * |
| hp | officejet_pro_8740_t0g65a_firmware | * |
| hp | pagewide_pro_477dn_d3q19a_firmware | * |
| hp | officejet_pro_8210_d9l64a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a75a_firmware | * |
| hp | officejet_pro_8210_j3p68a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a30a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a46a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a34a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a35a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y47a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y45a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a51a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a29a_firmware | * |
| hp | officejet_pro_8740_k7s43a_firmware | * |
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_mfp_m478-m479_w1a78a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y46a_firmware | * |
| hp | pagewide_managed_p55250dw_j6u55a_firmware | * |
| hp | officejet_pro_8210_j3p67a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a77a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a56a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y44a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a47a_firmware | * |
| hp | laserjet_pro_m404-m405_93m22a_firmware | * |
| hp | pagewide_pro_477dw_d3q20a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a33a_firmware | * |
| hp | officejet_pro_8740_j6x83a_firmware | * |
| hp | pagewide_pro_452dw_d3q16a_firmware | * |
| hp | pagewide_pro_577dw_d3q21a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a48a_firmware | * |
| hp | officejet_pro_8210_d9l63a_firmware | * |
| hp | pagewide_pro_552dw_d3q17a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y43a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a81a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a66a_firmware | * |
| hp | officejet_pro_8730_d9l20a_firmware | * |
| hp | officejet_pro_8740_d9l21a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a60a_firmware | * |
| hp | pagewide_377dw_j9v80a_firmware | * |
| hp | officejet_pro_8210_j3p65a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a53a_firmware | * |
| hp | pagewide_352dw_j6u57a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a57a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a82a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a28a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a38a_firmware | * |
| hp | officejet_pro_8740_k7s40a_firmware | * |
| hp | pagewide_managed_p55250dw_j6u55b_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a80a_firmware | * |
| hp | officejet_pro_8740_k7s39a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a63a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a76a_firmware | * |
| hp | officejet_pro_8216_t0g70a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a59a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a52a_firmware | * |
| hp | officejet_pro_8740_k7s41a_firmware | * |
| hp | pagewide_managed_p55250dw_j6u51b_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a31a_firmware | * |
| hp | officejet_pro_8740_k7s42a_firmware | * |
| hp | officejet_pro_8210_j3p66a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a58a_firmware | * |
| hp | pagewide_managed_p57750dw_j9v82a_firmware | * |
| hp | pagewide_pro_452dn_d3q15a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y40a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a79a_firmware | * |
| hp | pagewide_pro_577z_k9z76a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y41a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a32a_firmware | * |
| hp | officejet_pro_8730_k7s32a_firmware | * |
| hp | officejet_pro_8740_t0g65a_firmware | * |
| hp | pagewide_pro_477dn_d3q19a_firmware | * |
| hp | officejet_pro_8210_d9l64a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a75a_firmware | * |
| hp | officejet_pro_8210_j3p68a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a30a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a46a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a34a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a35a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y47a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y45a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a51a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a29a_firmware | * |
| hp | officejet_pro_8740_k7s43a_firmware | * |
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_server | 11 |
| suse | manager_retail_branch_server | 4.1 |
| suse | openstack_cloud_crowbar | 9.0 |
| debian | debian_linux | 9.0 |
| suse | linux_enterprise_server | 12 |
| suse | linux_enterprise_point_of_service | 11.0 |
| suse | manager_retail_branch_server | 4.3 |
| suse | manager_proxy | 4.2 |
| suse | manager_retail_branch_server | 4.2 |
| suse | linux_enterprise_server | 15 |
| suse | openstack_cloud | 8.0 |
| suse | enterprise_storage | 6.0 |
| fedoraproject | fedora | 36 |
| suse | manager_proxy | 4.3 |
| fedoraproject | fedora | 35 |
| samba | cifs-utils | * |
| suse | linux_enterprise_high_performance_computing | 15.0 |
| suse | enterprise_storage | 7.0 |
| suse | linux_enterprise_desktop | 15 |
| suse | linux_enterprise_storage | 7.1 |
| suse | manager_server | 4.2 |
| suse | linux_enterprise_software_development_kit | 12 |
| suse | linux_enterprise_micro | 5.2 |
| suse | linux_enterprise_high_performance_computing | 12.0 |
| suse | manager_proxy | 4.1 |
| debian | debian_linux | 10.0 |
| suse | openstack_cloud_crowbar | 8.0 |
| debian | debian_linux | 11.0 |
| suse | caas_platform | 4.0 |
| hp | helion_openstack | 8.0 |
| suse | manager_server | 4.1 |
| suse | linux_enterprise_real_time | 15.0 |
| suse | manager_server | 4.3 |
| suse | openstack_cloud | 9.0 |
| fedoraproject | fedora | 34 |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate these potential vulnerabilities.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | z1_entry_tower_g6_workstation_firmware | 02.12.01 |
| hp | probook_445_g7_firmware | 01.10.00 |
| hp | zbook_fury_16_g9_firmware | 01.03.02 |
| hp | probook_450_g5_firmware | 01.21.01 |
| hp | elitebook_836_g6_firmware | 01.21.01 |
| hp | elite_slice_g2_firmware | 2.59 |
| hp | elitebook_645_g9_firmware | 01.08.01 |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_880_g3_tower_firmware | 2.44 |
| hp | probook_430_g6_firmware | 01.21.01 |
| hp | engage_go_10_mobile_system_firmware | 01.10.00 |
| hp | elitebook_845_g7_firmware | 01.10.00 |
| hp | zhan_x_13_g2_firmware | 01.21.01 |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_800_g6_desktop_mini_firmware | 02.12.01 |
| hp | probook_470_g5_firmware | 01.21.01 |
| hp | elitebook_735_g6_firmware | 01.21.01 |
| hp | prodesk_405_g8_desktop_mini_firmware | 02.05.02 |
| hp | elitedesk_705_g5_desktop_mini_firmware | 02.15.00 |
| hp | elite_x2_1013_g3_firmware | 01.21.01 |
| hp | elitedesk_800_g8_desktop_mini_firmware | 02.09.01 |
| hp | probook_440_g6_firmware | 01.21.01 |
| hp | prodesk_405_g6_desktop_mini_firmware | 02.09.01 |
| hp | engage_go_mobile_system_firmware | 01.21.01 |
| hp | mt44_mobile_thin_client_firmware | 01.21.01 |
| hp | elitebook_855_g7_firmware | 01.10.00 |
| hp | engage_flex_mini_retail_system_firmware | 02.12.01 |
| hp | prodesk_600_g5_small_form_factor_firmware | 02.15.00 |
| hp | z2_tower_g8_workstation_firmware | 01.06.00 |
| hp | z1_g8_tower_firmware | 02.09.01 |
| hp | elitebook_850_g5_firmware | 01.21.01 |
| hp | probook_430_g5_firmware | 01.21.01 |
| hp | zbook_14u_g6_firmware | 01.21.01 |
| hp | probook_440_g5_firmware | 01.21.01 |
| hp | elitedesk_800_65w_g2_desktop_mini_firmware | 2.59 |
| hp | elitebook_830_g7_firmware | 01.10.00 |
| hp | zbook_15_g5_firmware | 01.21.02 |
| hp | probook_440_g7_firmware | 01.14.00 |
| hp | probook_fortis_g9_firmware | 01.03.00 |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_800_g4_workstation_firmware | 02.20.01 |
| hp | elite_x2_1012_g1_firmware | 1.57 |
| hp | elite_x2_g4_firmware | 01.21.01 |
| hp | elitedesk_800_35w_g2_desktop_mini_firmware | 2.59 |
| hp | prodesk_405_g6_small_form_factor_firmware | 02.09.01 |
| hp | elitedesk_800_g5_desktop_mini_firmware | 02.15.00 |
| hp | elitedesk_880_g6_tower_firmware | 02.12.01 |
| hp | probook_650_g4_firmware | 01.21.01 |
| hp | prodesk_400_g4_desktop_mini_firmware | 02.21.00 |
| hp | elitebook_745_g6_firmware | 01.21.01 |
| hp | prodesk_405_g4_desktop_mini_firmware | 02.20.00 |
| hp | prodesk_405_g4_small_form_factor_firmware | 02.20.00 |
| hp | pro_mini_400_g9_firmware | 02.05.00 |
| hp | elitebook_1040_g4_firmware | 1.44 |
| hp | prodesk_400_g6_desktop_mini_firmware | 02.12.01 |
| hp | proone_600_g5_21.5-in_all-in-one_business_firmware | 02.15.00 |
| hp | elitebook_x360_1030_g8_firmware | 01.10.00 |
| hp | z2_small_form_factor_g8_workstation_firmware | 01.06.00 |
| hp | zhan_66_pro_14_g4_firmware | 01.10.00 |
| hp | elitedesk_800_g6_tower_firmware | 02.12.01 |
| hp | probook_x360_11_g4_ee_firmware | 01.16.00 |
| hp | elitedesk_880_g8_tower_firmware | 02.09.01 |
| hp | prodesk_600_g4_microtower_firmware | 02.21.00 |
| hp | elitedesk_880_g4_tower_firmware | 02.21.00 |
| hp | pro_tower_480_g9_firmware | 02.05.00 |
| hp | elitebook_x360_1040_g7_firmware | 01.10.00 |
| hp | zhan_66_pro_g1_firmware | 01.21.01 |
| hp | zbook_17_g5_firmware | 01.21.02 |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_firmware | 02.21.00 |
| hp | zhan_66_pro_g3_24_all-in-one_firmware | 02.12.01 |
| hp | zbook_firefly_15_g7_firmware | 01.10.00 |
| hp | zhan_66_pro_13_g2_firmware | 01.21.01 |
| hp | prodesk_600_g3_microtower_firmware | 2.44 |
| hp | prodesk_600_g6_small_form_factor_firmware | 02.12.01 |
| hp | elitebook_x360_1030_g4_firmware | 01.21.01 |
| hp | engage_one_pro_aio_system_firmware | 02.12.01 |
| hp | elitebook_840_g7_firmware | 01.10.00 |
| hp | elite_mini_600_g9_firmware | 02.05.00 |
| hp | elitebook_855_g8_firmware | 01.10.00 |
| hp | probook_635_aero_g8_firmware | 01.10.00 |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | 02.15.00 |
| hp | prodesk_600_g5_microtower_firmware | 02.15.00 |
| hp | elitebook_835_g8_firmware | 01.10.00 |
| hp | probook_640_g7_firmware | 01.10.00 |
| hp | proone_440_g6_24_all-in-one_firmware | 02.12.01 |
| hp | probook_455_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_g5_firmware | 01.04.00 |
| hp | probook_450_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_15_g2_firmware | 01.21.01 |
| hp | elitebook_1050_g1_firmware | 01.22.00 |
| hp | elitebook_735_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_firmware | 2.44 |
| hp | elitebook_655_g9_firmware | 01.08.01 |
| hp | z2_small_form_factor_g5_workstation_firmware | 01.04.07 |
| hp | prodesk_480_g6_microtower_firmware | 02.15.00 |
| hp | elitedesk_800_g4_tower_firmware | 02.21.00 |
| hp | prodesk_400_g6_microtower_firmware | 02.15.00 |
| hp | elitedesk_800_g8_tower_firmware | 02.09.01 |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | probook_650_g7_firmware | 01.10.00 |
| hp | elitedesk_805_g6_small_form_factor_firmware | 02.09.01 |
| hp | z2_mini_g4_workstation_firmware | 01.08.03 |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | elitedesk_800_65w_g4_desktop_mini_firmware | 02.20.01 |
| hp | engage_flex_pro_retail_system_firmware | 02.21.00 |
| hp | elitebook_x360_1040_g6_firmware | 01.21.01 |
| hp | prodesk_680_g2_microtower_firmware | 2.59 |
| hp | elitedesk_880_g5_tower_firmware | 02.15.00 |
| hp | prodesk_600_g6_firmware | 02.12.01 |
| hp | probook_x360_11_g3_ee_firmware | 01.20.00 |
| hp | proone_400_g6_20_all-in-one_firmware | 02.12.01 |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | dragonfly_folio_g3_2-in-1_firmware | 01.01.03 |
| hp | elitebook_845_g9_firmware | 01.02.01 |
| hp | elite_sff_800_g9_firmware | 02.05.01 |
| hp | prodesk_600_g3_desktop_mini_firmware | 2.44 |
| hp | eliteone_800_g5_23.8-in_all-in-one_firmware | 02.15.00 |
| hp | zbook_power_g7_firmware | 01.10.00 |
| hp | proone_400_g5_20-inch_all-in-one_business_firmware | 02.15.00 |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_firmware | 02.21.00 |
| hp | eliteone_800_g3_23.8_non-touch_all-in-one_business_firmware | 2.44 |
| hp | eliteone_800_g6_24_all-in-one_firmware | 02.12.01 |
| hp | zbook_power_g9_firmware | 01.03.00 |
| hp | zbook_15_g6_firmware | 01.21.02 |
| hp | elite_x2_g8_firmware | 01.10.00 |
| hp | elite_x360_830_g9_2-in-1_firmware | 01.03.01 |
| hp | prodesk_600_g6_microtower_firmware | 02.12.01 |
| hp | probook_630_g8_firmware | 01.10.00 |
| hp | elitedesk_805_g8_small_form_factor_firmware | 02.05.02 |
| hp | elitebook_1040_g3_firmware | 1.57 |
| hp | zbook_15u_g5_firmware | 01.21.01 |
| hp | prodesk_600_g6_desktop_mini_firmware | 02.12.01 |
| hp | zbook_create_g7_firmware | 01.10.00 |
| hp | prodesk_680_g6_firmware | 02.12.01 |
| hp | elitebook_x360_1040_g5_firmware | 01.21.01 |
| hp | elitebook_865_g9_firmware | 01.02.01 |
| hp | elitedesk_800_g3_small_form_factor_firmware | 2.44 |
| hp | elitedesk_705_g4_small_form_factor_firmware | 02.20.00 |
| hp | zbook_fury_15_g7_firmware | 01.10.00 |
| hp | elitebook_x360_1040_g8_firmware | 01.10.00 |
| hp | mp9_g2_retail_system_firmware | 2.59 |
| hp | rp9_g1_retail_system_firmware | 2.59 |
| hp | prodesk_405_g8_small_form_factor_firmware | 02.05.02 |
| hp | probook_445r_g6_firmware | 01.21.01 |
| hp | elitebook_850_g6_firmware | 01.21.01 |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_firmware | 02.21.00 |
| hp | elitebook_1040_g9_firmware | 01.03.01 |
| hp | proone_400_g3_20-inch_touch_all-in-one_firmware | 2.44 |
| hp | z2_mini_g5_workstation_firmware | 01.04.07 |
| hp | elitebook_835_g9_firmware | 01.02.01 |
| hp | elitebook_x360_830_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_firmware | 2.44 |
| hp | proone_400_g5_23.8-inch_all-in-one_business_firmware | 02.15.00 |
| hp | proone_600_g6_22_all-in-one_firmware | 02.12.01 |
| hp | elite_dragonfly_firmware | 01.21.01 |
| hp | zbook_studio_x360_g5_firmware | 01.21.02 |
| hp | elitedesk_800_g5_tower_firmware | 02.15.00 |
| hp | probook_445_g6_firmware | 01.21.01 |
| hp | eliteone_800_g8_24_all-in-one_firmware | 02.09.01 |
| hp | zhan_66_pro_a_14_g5_firmware | 01.08.01 |
| hp | prodesk_600_g2_small_form_factor_firmware | 2.59 |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | zhan_66_pro_14_g2_firmware | 01.21.01 |
| hp | probook_x360_11_g7_ee_firmware | 01.10.00 |
| hp | zbook_studio_g7_firmware | 01.10.00 |
| hp | prodesk_600_g3_small_form_factor_firmware | 2.44 |
| hp | zhan_66_pro_a_14_g4_firmware | 01.10.00 |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitebook_630_g9_firmware | 01.04.00 |
| hp | elitebook_850_g8_firmware | 01.10.00 |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | elitebook_x360_830_g8_firmware | 01.10.00 |
| hp | probook_640_g5_firmware | 01.21.01 |
| hp | probook_640_g8_firmware | 01.10.00 |
| hp | prodesk_400_g5_desktop_mini_firmware | 02.15.00 |
| hp | probook_455_g9_firmware | 01.08.01 |
| hp | prodesk_600_g4_small_form_factor_firmware | 02.21.00 |
| hp | elitebook_840_aero_g8_firmware | 01.10.00 |
| hp | elitedesk_800_g6_small_form_factor_firmware | 02.12.01 |
| hp | elitedesk_800_35w_g4_desktop_mini_firmware | 02.21.00 |
| hp | z2_tower_g5_workstation_firmware | 01.04.07 |
| hp | elitebook_x360_830_g6_firmware | 01.21.01 |
| hp | probook_645_g4_firmware | 01.21.01 |
| hp | elite_x360_1040_g9_2-in-1_firmware | 01.03.01 |
| hp | elitebook_830_g5_firmware | 01.21.01 |
| hp | probook_455r_g6_firmware | 01.21.01 |
| hp | prodesk_400_g7_small_form_factor_firmware | 02.12.01 |
| hp | elitebook_830_g8_firmware | 01.10.00 |
| hp | probook_x360_11_g6_ee_firmware | 01.12.00 |
| hp | elitebook_830_g9_firmware | 01.03.01 |
| hp | elitebook_840_g8_firmware | 01.10.00 |
| hp | elitebook_840_g9_firmware | 01.03.01 |
| hp | probook_x360_440_g1_firmware | 01.21.01 |
| hp | elitebook_835_g7_firmware | 01.10.00 |
| hp | probook_440_g8_firmware | 01.10.00 |
| hp | pro_x360_fortis_g9_firmware | 01.03.00 |
| hp | z1_entry_tower_g5_workstation_firmware | 02.15.00 |
| hp | elitedesk_800_g2_small_form_factor_firmware | 2.59 |
| hp | elitebook_840_g6_firmware | 01.21.01 |
| hp | mt45_mobile_thin_client_firmware | 01.21.10 |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_firmware | 02.21.00 |
| hp | prodesk_480_g4_microtower_firmware | 2.44 |
| hp | zbook_studio_g9_firmware | 01.03.01 |
| hp | eliteone_840_23.8_inch_g9_all-in-one_firmware | 02.06.00 |
| hp | proone_440_g5_23.8-in_all-in-one_business_firmware | 02.15.00 |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | elitedesk_800_g4_small_form_factor_firmware | 02.21.00 |
| hp | elite_tower_880_g9_firmware | 02.05.01 |
| hp | probook_445_g9_firmware | 01.08.01 |
| hp | zbook_firefly_15_g8_firmware | 01.10.00 |
| hp | eliteone_800_g6_27_all-in-one_firmware | 02.12.01 |
| hp | elitedesk_800_35w_g3_desktop_mini_firmware | 2.44 |
| hp | probook_440_g9_firmware | 01.04.00 |
| hp | proone_400_g6_24_all-in-one_firmware | 02.12.01 |
| hp | prodesk_400_g5_small_form_factor_firmware | 02.21.00 |
| hp | elite_dragonfly_max_firmware | 01.10.00 |
| hp | elitedesk_805_g6_desktop_mini_firmware | 02.09.01 |
| hp | prodesk_400_g4_microtower_firmware | 2.44 |
| hp | probook_x360_11_g5_ee_firmware | 01.11.00 |
| hp | probook_x360_435_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_14_g3_firmware | 01.14.00 |
| hp | elitedesk_800_95w_g4_desktop_mini_firmware | 02.20.01 |
| hp | prodesk_600_g2_desktop_mini_firmware | 2.59 |
| hp | probook_455_g7_firmware | 01.10.00 |
| hp | probook_x360_435_g7_firmware | 01.10.01 |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_firmware | 02.21.00 |
| hp | probook_650_g5_firmware | 01.21.01 |
| hp | elitedesk_800_g3_tower_firmware | 2.44 |
| hp | mp9_g4_retail_system_firmware | 02.21.00 |
| hp | zbook_fury_17_g8_firmware | 01.10.00 |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_firmware | 2.44 |
| hp | mt46_mobile_thin_client_firmware | 01.10.00 |
| hp | zhan_66_pro_g3_22_all-in-one_firmware | 02.12.01 |
| hp | elitebook_1030_g1_firmware | 1.57 |
| hp | prodesk_600_g2_microtower_firmware | 2.59 |
| hp | probook_fortis_g10_firmware | 01.03.00 |
| hp | zbook_15u_g6_firmware | 01.21.01 |
| hp | z2_tower_g4_workstation_firmware | 01.08.03 |
| hp | pro_sff_400_g9_firmware | 02.05.00 |
| hp | engage_flex_pro-c_retail_system_firmware | 02.21.00 |
| hp | elitedesk_705_g4_workstation_firmware | 02.19.01 |
| hp | eliteone_800_g8_27_all-in-one_firmware | 02.09.01 |
| hp | prodesk_400_g4_small_form_factor_firmware | 2.44 |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_firmware | 02.21.00 |
| hp | probook_650_g8_firmware | 01.10.00 |
| hp | prodesk_600_g4_desktop_mini_firmware | 02.21.00 |
| hp | zbook_studio_g8_firmware | 01.10.00 |
| hp | elite_mini_800_g9_firmware | 02.05.00 |
| hp | prodesk_480_g7_firmware | 02.12.01 |
| hp | prodesk_400_g7_microtower_firmware | 02.12.01 |
| hp | eliteone_800_g4_23.8-in_all-in-one_business_firmware | 02.21.00 |
| hp | probook_450_g6_firmware | 01.21.01 |
| hp | zbook_power_g8_firmware | 01.10.00 |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_firmware | 2.44 |
| hp | pro_tower_400_g9_firmware | 02.05.00 |
| hp | prodesk_600_g5_desktop_mini_firmware | 02.15.00 |
| hp | prodesk_400_g5_microtower_firmware | 02.21.00 |
| hp | probook_455_g6_firmware | 01.21.01 |
| hp | elite_slice_firmware | 2.59 |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_firmware | 2.44 |
| hp | zhan_66_pro_a_14_g3_firmware | 01.10.00 |
| hp | z1_g9_tower_firmware | 02.05.01 |
| hp | elitedesk_705_g5_small_form_factor_firmware | 02.15.00 |
| hp | elitebook_840r_g4_firmware | 01.21.01 |
| hp | elitebook_840_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_firmware | 2.44 |
| hp | prodesk_680_g3_microtower_firmware | 2.44 |
| hp | elite_sff_600_g9_firmware | 02.05.01 |
| hp | probook_455_g5_firmware | 01.21.01 |
| hp | zbook_studio_g5_firmware | 01.21.02 |
| hp | zbook_firefly_14_g9_firmware | 01.03.01 |
| hp | elitedesk_705_g3_firmware | 2.41 |
| hp | elite_dragonfly_g3_firmware | 01.03.01 |
| hp | elitebook_745_g5_firmware | 01.21.01 |
| hp | elitebook_860_g9_firmware | 01.03.01 |
| hp | zhan_66_pro_15_g3_firmware | 01.14.00 |
| hp | elitedesk_800_g8_small_form_factor_firmware | 02.09.01 |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_firmware | 2.44 |
| hp | zbook_firefly_16_g9_firmware | 01.03.01 |
| hp | elitebook_755_g5_firmware | 01.21.01 |
| hp | pro_x360_fortis_g10_firmware | 01.03.00 |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_firmware | 2.44 |
| hp | zbook_firefly_14_g8_firmware | 01.10.00 |
| hp | elite_folio_2-in-1_firmware | not_impacted |
| hp | elite_x2_1012_g2_firmware | 1.43 |
| hp | elitebook_x360_830_g7_firmware | 01.10.00 |
| hp | prodesk_480_g5_microtower_firmware | 02.21.00 |
| hp | elitebook_846_g5_firmware | 01.21.01 |
| hp | elitebook_x360_1030_g7_firmware | 01.10.00 |
| hp | prodesk_400_g3_desktop_mini_firmware | 2.44 |
| hp | elite_tower_680_g9_firmware | 02.05.01 |
| hp | elitebook_850_g7_firmware | 01.10.00 |
| hp | elite_tower_600_g9_firmware | 02.05.01 |
| hp | z2_small_form_factor_g4_workstation_firmware | 01.08.03 |
| hp | zbook_17_g6_firmware | 01.21.02 |
| hp | proone_400_g2_20-inch_touch_all-in-one_firmware | 2.59 |
| hp | prodesk_680_g4_microtower_firmware | 02.21.00 |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | probook_450_g7_firmware | 01.14.00 |
| hp | elite_tower_800_g9_firmware | 02.05.01 |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_firmware | 2.59 |
| hp | prodesk_400_g6_small_form_factor_firmware | 02.15.00 |
| hp | probook_430_g8_firmware | 01.10.00 |
| hp | elitedesk_800_g5_small_form_factor_firmware | 02.15.00 |
| hp | elitedesk_705_g4_desktop_mini_firmware | 02.20.00 |
| hp | zbook_14u_g5_firmware | 01.21.01 |
| hp | proone_440_23.8_inch_g9_all-in-one_firmware | 02.05.00 |
| hp | probook_640_g4_firmware | 01.21.01 |
| hp | engage_one_aio_system_firmware | 2.44 |
| hp | probook_430_g7_firmware | 01.14.00 |
| hp | elitedesk_800_65w_g3_desktop_mini_firmware | 2.44 |
| hp | probook_445_g8_firmware | 01.10.00 |
| hp | elite_dragonfly_g2_firmware | 01.10.00 |
| hp | elitebook_845_g8_firmware | 01.10.00 |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitebook_830_g6_firmware | 01.21.01 |
| hp | elitebook_x360_1030_g3_firmware | 01.21.01 |
| hp | elitedesk_705_g4_microtower_firmware | 02.20.00 |
| hp | elitebook_650_g9_firmware | 01.04.00 |
| hp | zbook_fury_17_g7_firmware | 01.10.00 |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_firmware | 2.59 |
| hp | zbook_fury_15_g8_firmware | 01.10.00 |
| hp | probook_450_g9_firmware | 01.04.00 |
| hp | elitedesk_805_g8_desktop_mini_firmware | 02.05.02 |
| hp | elitebook_640_g9_firmware | 01.04.00 |
| hp | elitebook_836_g5_firmware | 01.21.01 |
| hp | zbook_firefly_14_g7_firmware | 01.10.00 |
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_fury_17_g7_firmware | * |
| hp | engage_flex_pro-c_retail_system_firmware | * |
| hp | elite_dragonfly_g3_firmware | * |
| hp | mp9_g4_retail_system_firmware | * |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | probook_455_g8_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | elite_tower_800_g9_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | elitebook_1040_g9_firmware | * |
| hp | elite_slice_g2_firmware | * |
| hp | probook_x360_11_g5_education_edition_firmware | * |
| hp | pro_mini_400_g9_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitebook_845_g9_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | zhan_66_pro_g5_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | elitebook_830_g9_firmware | * |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | elitebook_835_g9_firmware | * |
| hp | proone_440_23.8_inch_g9_all-in-one_firmware | * |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | zhan_99_pro_23.8_inch_g9_all-in-one_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | elite_slice_firmware | * |
| hp | elitebook_640_g9_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | zbook_power_g9_firmware | * |
| hp | engage_flex_pro_retail_system_firmware | * |
| hp | elitebook_650_g9_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | prodesk_680_g4_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | probook_635_aero_g8_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | elite_tower_680_g9_firmware | * |
| hp | elite_mini_800_g9_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | z2_mini_g3_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | mt46_firmware | * |
| hp | elitebook_865_g9_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | z1_entry_tower_g6_workstation_firmware | * |
| hp | probook_440_g9_firmware | * |
| hp | probook_fortis_g10_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | elitedesk_705_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | mt32_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | - |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | probook_x360_11_g6_education_edition_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_x360_11_g4_education_edition_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | zbook_studio_16_g9_firmware | * |
| hp | pro_x360_435_g9_firmware | * |
| hp | elite_tower_600_g9_firmware | * |
| hp | zbook_fury_g8_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | elitebook_860_g9_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | zbook_fury_17_g8_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | zbook_power_g8_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | elite_tower_880_g9_firmware | * |
| hp | pro_tower_480_g9_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | * |
| hp | pro_tower_400_g9_firmware | * |
| hp | z2_tower_g9_firmware | * |
| hp | pro_sff_400_g9_firmware | * |
| hp | probook_450_g9_firmware | * |
| hp | z2_small_form_factor_g8_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z2_mini_g4_firmware | * |
| hp | z2_small_form_factor_g4_firmware | * |
| hp | z1_all-in-one_g3_firmware | * |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g3_microtower_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | engage_one_pro_aio_system_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_g9_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_455_g5_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | zbook_firefly_g9_firmware | * |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | * |
| hp | eliteone_840_23.8_inch_g9_all-in-one_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | elitebook_630_g9_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | eliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | mt45_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | z2_small_form_factor_g5_firmware | * |
| hp | probook_fortis_g9_firmware | * |
| hp | z2_tower_g5_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | eliteone_870_27_inch_g9_all-in-one_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | probook_x360_435_g8_firmware | * |
| hp | elite_sff_800_g9_firmware | * |
| hp | mt31_mobile_thin_client_firmware | * |
| hp | pro_mt440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | zhan_66_pro_14_g4_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | pro_x360_fortis_g10_firmware | * |
| hp | z240_tower_firmware | * |
| hp | probook_455_g9_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | zhan_66_pro_a_14_g4_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | elitedesk_800_g3_tower_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | z2_mini_g5_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | zbook_firefly_g8_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | * |
| hp | mt44_firmware | * |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | probook_445r_g6_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | z2_mini_g9_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | z1_g8_tower_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | zbook_fury_16_g9_firmware | * |
| hp | z238_microtower_firmware | * |
| hp | elitebook_645_g9_firmware | * |
| hp | elitebook_655_g9_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | z2_small_form_factor_g9_firmware | * |
| hp | elite_mini_600_g9_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | dragonfly_folio_g3_2-in-1_firmware | * |
| hp | zbook_firefly_15_g8_firmware | * |
| hp | pro_x360_fortis_g9_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | zbook_power_g7_firmware | - |
| hp | probook_445_g9_firmware | * |
| hp | zbook_studio_g8_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | * |
| hp | probook_445_g8_firmware | * |
| hp | z1_entry_tower_g5_workstation_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_x360_11_g7_education_edition_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | probook_x360_11_g3_education_edition_firmware | * |
| hp | prodesk_405_g6_small_form_factor_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | prodesk_600_g5_microtower_pc(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | probook_445_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | mt22_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_405_g6_desktop_mini_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | * |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | zhan_66_pro_a_14_g5_firmware | * |
| hp | z2_tower_g4_firmware | * |
| hp | z240_small_form_factor_firmware | * |
| hp | z2_tower_g8_firmware | * |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | zbook_firefly_16_g9_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | elite_sff_600_g9_firmware | * |
| hp | probook_455r_g6_firmware | * |
| hp | elite_x360_1040_g9_2-in-1_firmware | * |
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mp9_g4_retail_system_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z2_small_form_factor_g8_workstation_firmware | * |
| hp | pro_tower_480_g9_desktop_pc_firmware | * |
| hp | zbook_firefly_14_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elite_x360_1040_14_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | prodesk_405_g6_desktop_mini_pc_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | * |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_pc_firmware | * |
| hp | zbook_studio_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | elitebook_755_g3_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | elitedesk_705_g3_microtower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | z2_mini_g5_workstation_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_445_14_inch_g9_notebook_pc_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elitedesk_705_g4_workstation_edition_firmware | * |
| hp | pro_mt440_g3_mobile_thin_client_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | probook_fortis_14_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_725_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | z1_all-in-one_g3_workstation_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | elitebook_865_16_inch_g9_notebook_pc_firmware | * |
| hp | zbook_power_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_mini_600_g9_desktop_pc_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | mini_conferencing_pc_with_zoom_rooms_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | probook_fortis_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmware | * |
| hp | eliteone_870_27_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | elitebook_640_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_440_14_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | elite_tower_800_g9_desktop_pc_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_405_g6_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | mt21_mobile_thin_client_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | zbook_firefly_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_15u_g4_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_450_15.6_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | prodesk_400_g4_microtower_pc_firmware | * |
| hp | probook_x360_435_g8_notebook_pc_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | * |
| hp | elite_sff_600_g9_desktop_pc_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g3_microtower_pc_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | z2_small_form_factor_g9_workstation_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | zbook_firefly_14_inch_g8_mobile_workstation_pc_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | elite_x2_1012_g1_tablet_with_travel_keyboard_firmware | * |
| hp | prodesk_405_g4_small_form_factor_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | * |
| hp | z2_tower_g4_workstation_firmware | * |
| hp | pro_sff_400_g9_desktop_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | z2_tower_g5_workstation_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | elite_x360_830_13_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | mt31_mobile_thin_client_firmware | * |
| hp | z840_workstation_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | zbook_power_15.6_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | mt22_mobile_thin_client_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | pro_x360_fortis_11_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_1040_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_tower_680_g9_desktop_pc_firmware | * |
| hp | zcentral_4r_workstation_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | zhan_66_pro_a_14_g4_notebook_pc_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | mt46_mobile_thin_client_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | elitebook_645_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_745_g3_firmware | * |
| hp | elite_slice_g2_with_intel_unite_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | * |
| hp | proone_400_g2_20-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | pro_tower_400_g9_desktop_pc_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_a_14_g5_notebook_pc_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | zbook_fury_17_g7_firmware | * |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g2_desktop_mini_pc_firmware | * |
| hp | z2_small_form_factor_g5_workstation_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_450_g3_firmware | * |
| hp | prodesk_680_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | zbook_fury_16_g9_mobile_workstation_pc_firmware | * |
| hp | probook_455_15.6_inch_g9_notebook_pc_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_with_zoom_rooms_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | probook_645_g2_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | z440_workstation_firmware | * |
| hp | elite_x2_1012_g1_tablet_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | elitebook_650_15.6_inch_g9_notebook_pc_firmware | * |
| hp | mt43_mobile_thin_client_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | dragonfly_folio_13.5_inch_g3_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | pro_x360_fortis_11_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | mt44_mobile_thin_client_firmware | * |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | mt42_mobile_thin_client_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | elite_slice_firmware | * |
| hp | z1_g9_tower_desktop_pc_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | z2_small_form_factor_g4_workstation_firmware | * |
| hp | zbook_fury_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zhan_66_pro_14_inch_g5_notebook_pc_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_-_audio_ready_with_zoom_rooms_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | elite_mini_800_g9_desktop_pc_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | mt32_mobile_thin_client_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | elite_tower_880_g9_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | elite_dragonfly_13.5_inch_g3_notebook_pc_firmware | * |
| hp | elitedesk_705_g4_microtower_pc_firmware | * |
| hp | mt45_mobile_thin_client_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_835_13_inch_g9_notebook_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_400_g2_desktop_mini_pc_firmware | * |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_sff_800_g9_desktop_pc_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | elitebook_830_13.3_inch_g9_notebook_pc_firmware | * |
| hp | z2_mini_g9_workstation_firmware | * |
| hp | zbook_firefly_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | z2_mini_g4_workstation_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitedesk_705_g3_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | * |
| hp | zbook_studio_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | z2_tower_g8_workstation_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | prodesk_600_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zbook_fury_17.3_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | elitedesk_800_g3_tower_pc_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | proone_440_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z640_workstation_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | elitedesk_705_g3_small_form_factor_pc_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | eliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_pc_firmware | * |
| hp | probook_11_ee_g2_firmware | * |
| hp | elitebook_630_13_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_with_microsoft_teams_rooms_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | pro_mini_400_g9_desktop_pc_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | probook_455_g3_firmware | * |
| hp | elitebook_860_16_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | z2_tower_g9_workstation_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_655_g2_firmware | * |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_845_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | elite_tower_600_g9_desktop_pc_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | * |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_14_g4_notebook_pc_firmware | * |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_655_15.6_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | probook_455r_g6_firmware | * |
A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_fury_17_g7_firmware | * |
| hp | engage_flex_pro-c_retail_system_firmware | * |
| hp | mp9_g4_retail_system_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z2_small_form_factor_g8_workstation_firmware | * |
| hp | pro_tower_480_g9_desktop_pc_firmware | * |
| hp | zbook_firefly_14_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | z2_small_form_factor_g5_workstation_firmware | * |
| hp | elite_x360_1040_14_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | prodesk_405_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | probook_440_g4_firmware | * |
| hp | probook_455_g8_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | * |
| hp | zbook_studio_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | probook_450_g3_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | zbook_fury_16_g9_mobile_workstation_pc_firmware | * |
| hp | probook_455_15.6_inch_g9_notebook_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | z2_mini_g5_workstation_firmware | * |
| hp | z6_g4_workstation_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | elite_slice_g2_with_zoom_rooms_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | elitebook_650_15.6_inch_g9_notebook_pc_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_445_14_inch_g9_notebook_pc_firmware | * |
| hp | mt43_mobile_thin_client_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | presence_27_all-in-one_with_zoom_rooms_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | dragonfly_folio_13.5_inch_g3_2-in-1_notebook_pc_firmware | * |
| hp | pro_mt440_g3_mobile_thin_client_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | probook_430_g4_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | probook_fortis_14_inch_g10_notebook_pc_firmware | * |
| hp | pro_x360_435_13.3_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | pro_x360_fortis_11_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | elitebook_840_g5_firmware | 01.28.00 |
| hp | mt44_mobile_thin_client_firmware | * |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | * |
| hp | presence_24_all-in-one_with_zoom_rooms_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | elite_x2_g4_firmware | 01.26.0 |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | eliteone_870_27_g9_all-in-one_desktop_pc_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | z1_g9_tower_desktop_pc_firmware | * |
| hp | elitebook_865_16_inch_g9_notebook_pc_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | engage_flex_pro_retail_system_firmware | * |
| hp | zbook_power_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | z2_small_form_factor_g4_workstation_firmware | * |
| hp | zbook_fury_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zhan_66_pro_14_inch_g5_notebook_pc_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | probook_635_aero_g8_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_mini_600_g9_desktop_pc_firmware | * |
| hp | zhan_99_pro_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | elite_slice_g2_-_audio_ready_with_zoom_rooms_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | elite_mini_800_g9_desktop_pc_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | mt32_mobile_thin_client_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | mini_conferencing_pc_with_zoom_rooms_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | elite_x2_1012_g2_firmware | 1.48 |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | probook_fortis_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_tower_880_g9_desktop_pc_firmware | * |
| hp | elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmware | * |
| hp | eliteone_870_27_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | elitebook_640_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_440_14_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | elite_tower_800_g9_desktop_pc_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | prodesk_405_g6_small_form_factor_pc_firmware | * |
| hp | elite_dragonfly_13.5_inch_g3_notebook_pc_firmware | * |
| hp | elitedesk_705_g4_microtower_pc_firmware | * |
| hp | mt45_mobile_thin_client_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_835_13_inch_g9_notebook_pc_firmware | * |
| hp | mt21_mobile_thin_client_firmware | * |
| hp | zbook_firefly_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | mp9_g2_retail_system_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | elite_sff_800_g9_desktop_pc_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | zbook_15u_g4_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | probook_450_15.6_inch_g9_notebook_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | prodesk_400_g4_microtower_pc_firmware | * |
| hp | probook_x360_435_g8_notebook_pc_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | * |
| hp | elite_sff_600_g9_desktop_pc_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | elitebook_830_13.3_inch_g9_notebook_pc_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | z2_mini_g9_workstation_firmware | * |
| hp | zbook_firefly_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | z2_mini_g4_workstation_firmware | * |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | z2_small_form_factor_g9_workstation_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | zbook_firefly_14_inch_g8_mobile_workstation_pc_firmware | * |
| hp | eliteone_840_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | engage_one_pro_aio_system_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | zbook_studio_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_455_g5_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | elite_x2_1012_g1_tablet_firmware | 1.6 |
| hp | z2_tower_g4_workstation_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | pro_sff_400_g9_desktop_pc_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | z2_tower_g5_workstation_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | z2_tower_g8_workstation_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | mt31_mobile_thin_client_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | zbook_fury_17.3_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_14_inch_g9_notebook_pc_firmware | * |
| hp | elitedesk_800_g3_tower_pc_firmware | * |
| hp | zbook_power_15.6_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | proone_440_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | mt22_mobile_thin_client_firmware | * |
| hp | mt20_mobile_thin_client_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | probook_445r_g6_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | pro_x360_fortis_11_inch_g9_notebook_pc_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | elitebook_1040_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_tower_680_g9_desktop_pc_firmware | * |
| hp | probook_11_ee_g2_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | elitebook_630_13_inch_g9_notebook_pc_firmware | * |
| hp | zhan_66_pro_a_14_g4_notebook_pc_firmware | * |
| hp | elite_slice_g2_with_microsoft_teams_rooms_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | mt46_mobile_thin_client_firmware | * |
| hp | pro_mini_400_g9_desktop_pc_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | elitebook_860_16_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | z2_tower_g9_workstation_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | elite_slice_g2_with_intel_unite_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | * |
| hp | probook_445_g8_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elite_mt645_g7_mobile_thin_client_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | probook_445_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | pro_tower_400_g9_desktop_pc_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | elite_x2_1012_g1_tablet_with_travel_keyboard_firmware | 1.6 |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | elite_tower_600_g9_desktop_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | 01.28.00 |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_a_14_g5_notebook_pc_firmware | * |
| hp | zhan_66_pro_14_g4_notebook_pc_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | probook_455r_g6_firmware | * |
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mp9_g4_retail_system_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z2_small_form_factor_g8_workstation_firmware | * |
| hp | pro_tower_480_g9_desktop_pc_firmware | * |
| hp | zbook_firefly_14_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elite_x360_1040_14_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | prodesk_405_g6_desktop_mini_pc_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | * |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_pc_firmware | * |
| hp | zbook_studio_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | elitebook_755_g3_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | elitedesk_705_g3_microtower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | z2_mini_g5_workstation_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_445_14_inch_g9_notebook_pc_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elitedesk_705_g4_workstation_edition_firmware | * |
| hp | pro_mt440_g3_mobile_thin_client_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | probook_fortis_14_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_725_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | z1_all-in-one_g3_workstation_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | elitebook_865_16_inch_g9_notebook_pc_firmware | * |
| hp | zbook_power_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_mini_600_g9_desktop_pc_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | mini_conferencing_pc_with_zoom_rooms_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | probook_fortis_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmware | * |
| hp | eliteone_870_27_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | elitebook_640_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_440_14_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | elite_tower_800_g9_desktop_pc_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_405_g6_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | mt21_mobile_thin_client_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | zbook_firefly_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_15u_g4_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_450_15.6_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | prodesk_400_g4_microtower_pc_firmware | * |
| hp | probook_x360_435_g8_notebook_pc_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | * |
| hp | elite_sff_600_g9_desktop_pc_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g3_microtower_pc_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | z2_small_form_factor_g9_workstation_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | zbook_firefly_14_inch_g8_mobile_workstation_pc_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | elite_x2_1012_g1_tablet_with_travel_keyboard_firmware | * |
| hp | prodesk_405_g4_small_form_factor_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | * |
| hp | z2_tower_g4_workstation_firmware | * |
| hp | pro_sff_400_g9_desktop_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | z2_tower_g5_workstation_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | elite_x360_830_13_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | mt31_mobile_thin_client_firmware | * |
| hp | z840_workstation_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | zbook_power_15.6_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | mt22_mobile_thin_client_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | pro_x360_fortis_11_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_1040_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_tower_680_g9_desktop_pc_firmware | * |
| hp | zcentral_4r_workstation_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | zhan_66_pro_a_14_g4_notebook_pc_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | mt46_mobile_thin_client_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | elitebook_645_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_745_g3_firmware | * |
| hp | elite_slice_g2_with_intel_unite_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | * |
| hp | proone_400_g2_20-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | pro_tower_400_g9_desktop_pc_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_a_14_g5_notebook_pc_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | zbook_fury_17_g7_firmware | * |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g2_desktop_mini_pc_firmware | * |
| hp | z2_small_form_factor_g5_workstation_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_450_g3_firmware | * |
| hp | prodesk_680_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | zbook_fury_16_g9_mobile_workstation_pc_firmware | * |
| hp | probook_455_15.6_inch_g9_notebook_pc_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_with_zoom_rooms_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | probook_645_g2_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | z440_workstation_firmware | * |
| hp | elite_x2_1012_g1_tablet_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | elitebook_650_15.6_inch_g9_notebook_pc_firmware | * |
| hp | mt43_mobile_thin_client_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | dragonfly_folio_13.5_inch_g3_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | pro_x360_fortis_11_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | mt44_mobile_thin_client_firmware | * |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | mt42_mobile_thin_client_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | elite_slice_firmware | * |
| hp | z1_g9_tower_desktop_pc_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | z2_small_form_factor_g4_workstation_firmware | * |
| hp | zbook_fury_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zhan_66_pro_14_inch_g5_notebook_pc_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_-_audio_ready_with_zoom_rooms_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | elite_mini_800_g9_desktop_pc_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | mt32_mobile_thin_client_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | elite_tower_880_g9_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | elite_dragonfly_13.5_inch_g3_notebook_pc_firmware | * |
| hp | elitedesk_705_g4_microtower_pc_firmware | * |
| hp | mt45_mobile_thin_client_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_835_13_inch_g9_notebook_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_400_g2_desktop_mini_pc_firmware | * |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_sff_800_g9_desktop_pc_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | elitebook_830_13.3_inch_g9_notebook_pc_firmware | * |
| hp | z2_mini_g9_workstation_firmware | * |
| hp | zbook_firefly_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | z2_mini_g4_workstation_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitedesk_705_g3_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | * |
| hp | zbook_studio_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | z2_tower_g8_workstation_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | prodesk_600_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zbook_fury_17.3_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | elitedesk_800_g3_tower_pc_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | proone_440_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z640_workstation_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | elitedesk_705_g3_small_form_factor_pc_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | eliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_pc_firmware | * |
| hp | probook_11_ee_g2_firmware | * |
| hp | elitebook_630_13_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_with_microsoft_teams_rooms_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | pro_mini_400_g9_desktop_pc_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | probook_455_g3_firmware | * |
| hp | elitebook_860_16_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | z2_tower_g9_workstation_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_655_g2_firmware | * |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_845_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | elite_tower_600_g9_desktop_pc_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | * |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_14_g4_notebook_pc_firmware | * |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_655_15.6_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | probook_455r_g6_firmware | * |
Certain HP PageWide Pro Printers may be vulnerable to a potential denial of service attack.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pagewide_managed_p55250dw_j6u55a_firmware | * |
| hp | pagewide_377dw_j9v80a_firmware | * |
| hp | pagewide_352dw_j6u57a_firmware | * |
| hp | pagewide_managed_p55250dw_j6u51b_firmware | * |
| hp | pagewide_pro_477dn_d3q19a_firmware | * |
| hp | pagewide_managed_p57750dw_j9v82a_firmware | * |
| hp | pagewide_pro_477dw_d3q20a_firmware | * |
| hp | pagewide_managed_p55250dw_j6u55b_firmware | * |
| hp | pagewide_pro_452dn_d3q15a_firmware | * |
| hp | pagewide_pro_452dw_d3q16a_firmware | * |
| hp | pagewide_pro_577dw_d3q21a_firmware | * |
| hp | pagewide_pro_577z_k9z76a_firmware | * |
| hp | pagewide_pro_552dw_d3q17a_firmware | * |
A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-918,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
A remote bypass security restrictions vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
Certain HP Print Products are potentially vulnerable to Remote Code Execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | z4a54a_firmware | * |
| hp | j6u51b_firmware | * |
| hp | w1a79a_firmware | * |
| hp | y3z54a_firmware | * |
| hp | j7k38a_firmware | * |
| hp | j6u55a_firmware | * |
| hp | p4c78a_firmware | * |
| hp | y0f71a_firmware | * |
| hp | j7k33a_firmware | * |
| hp | t0f33a_firmware | * |
| hp | t0g25a_firmware | * |
| hp | 3yw73a_firmware | * |
| hp | m2u88b_firmware | * |
| hp | 1kr62a_firmware | * |
| hp | t0f39a_firmware | * |
| hp | 4kj65a_firmware | * |
| hp | k7s32a_firmware | * |
| hp | w1a76a_firmware | * |
| hp | k7r96a_firmware | * |
| hp | j6x83a_firmware | * |
| hp | 3uc65a_firmware | * |
| hp | 1kr45a_firmware | * |
| hp | t0f30a_firmware | * |
| hp | w1a60a_firmware | * |
| hp | k7s01a_firmware | * |
| hp | 3yf61a_firmware | * |
| hp | w1a75a_firmware | * |
| hp | j7k40a_firmware | * |
| hp | 3yw74a_firmware | * |
| hp | 5se45a_firmware | * |
| hp | m2u85a_firmware | * |
| hp | 3yw70a_firmware | * |
| hp | 7xv38a_firmware | * |
| hp | 3yf65a_firmware | * |
| hp | 5sd78a_firmware | * |
| hp | d3q15a_firmware | * |
| hp | 2k4v8a_firmware | * |
| hp | w1a31a_firmware | * |
| hp | j9v80a_firmware | * |
| hp | 5lj14a_firmware | * |
| hp | w1a29a_firmware | * |
| hp | m2u82a_firmware | * |
| hp | k7s39a_firmware | * |
| hp | 1mr74a_firmware | * |
| hp | p4c86a_firmware | * |
| hp | 223r9a_firmware | * |
| hp | 257g3a_firmware | * |
| hp | m2u82b_firmware | * |
| hp | t1p99a_firmware | * |
| hp | w1a58a_firmware | * |
| hp | 3uc66a_firmware | * |
| hp | w1a48a_firmware | * |
| hp | 223r3a_firmware | * |
| hp | t0f37a_firmware | * |
| hp | z4a59a_firmware | * |
| hp | 8qq99a_firmware | * |
| hp | z4b13a_firmware | * |
| hp | 1kr61a_firmware | * |
| hp | 3yf67a_firmware | * |
| hp | 1kr69a_firmware | * |
| hp | w1a56a_firmware | * |
| hp | z4b27a_firmware | * |
| hp | 5lj16a_firmware | * |
| hp | k7s42a_firmware | * |
| hp | 8qq88a_firmware | * |
| hp | p4c84a_firmware | * |
| hp | w1a66a_firmware | * |
| hp | w1a51a_firmware | * |
| hp | m2u87a_firmware | * |
| hp | k7g96a_firmware | * |
| hp | y3z57a_firmware | * |
| hp | 5se18a_firmware | * |
| hp | 6hf11a_firmware | * |
| hp | p4c81a_firmware | * |
| hp | t0g65a_firmware | * |
| hp | 3yf70a_firmware | * |
| hp | w1y47a_firmware | * |
| hp | j3p67a_firmware | * |
| hp | w1a46a_firmware | * |
| hp | 1kr46a_firmware | * |
| hp | 1mr75a_firmware | * |
| hp | 1kr48a_firmware | * |
| hp | d9l64a_firmware | * |
| hp | 5lj17a_firmware | * |
| hp | y3z45a_firmware | * |
| hp | 5se522a_firmware | * |
| hp | m2u87b_firmware | * |
| hp | 1mr72a_firmware | * |
| hp | w1y45a_firmware | * |
| hp | w1y43a_firmware | * |
| hp | w1b38a_firmware | * |
| hp | 8qq98a_firmware | * |
| hp | 1mr78a_firmware | * |
| hp | 3dp65a_firmware | * |
| hp | y0f72a_firmware | * |
| hp | w1a30a_firmware | * |
| hp | y0s18a_firmware | * |
| hp | j7k39a_firmware | * |
| hp | a7w93a_firmware | * |
| hp | m2u81a_firmware | * |
| hp | 1mr71a_firmware | * |
| hp | j7k42a_firmware | * |
| hp | k7s41a_firmware | * |
| hp | m2u92a_firmware | * |
| hp | 223r6a_firmware | * |
| hp | j3p65a_firmware | * |
| hp | m2u75a_firmware | * |
| hp | m2u94a_firmware | * |
| hp | t3p03a_firmware | * |
| hp | 6wd14a_firmware | * |
| hp | 1k7k7a_firmware | * |
| hp | 3uk83a_firmware | * |
| hp | y0f74a_firmware | * |
| hp | j6u57a_firmware | * |
| hp | 2ry54a_firmware | * |
| hp | k7s00a_firmware | * |
| hp | 5se16a_firmware | * |
| hp | 223n2a_firmware | * |
| hp | d3q21a_firmware | * |
| hp | 1kr57a_firmware | * |
| hp | 1mr66a_firmware | * |
| hp | 3yf66a_firmware | * |
| hp | t0f29a_firmware | * |
| hp | t0g70a_firmware | * |
| hp | w1a81a_firmware | * |
| hp | j9v82a_firmware | * |
| hp | w1b29a_firmware | * |
| hp | w1a63a_firmware | * |
| hp | w1b31a_firmware | * |
| hp | d3q19a_firmware | * |
| hp | j7k41a_firmware | * |
| hp | z4b18a_firmware | * |
| hp | 3yw75a_firmware | * |
| hp | j7k37a_firmware | * |
| hp | t0f34a_firmware | * |
| hp | w1a53a_firmware | * |
| hp | m2u77a_firmware | * |
| hp | 6wd16a_firmware | * |
| hp | z4b28a_firmware | * |
| hp | p4c85a_firmware | * |
| hp | w1a78a_firmware | * |
| hp | 5se46a_firmware | * |
| hp | 1k7k6a_firmware | * |
| hp | 223n6a_firmware | * |
| hp | k7d05a_firmware | * |
| hp | w1a82a_firmware | * |
| hp | 3yw71a_firmware | * |
| hp | 1kr58a_firmware | * |
| hp | 3yf69a_firmware | * |
| hp | z4a60a_firmware | * |
| hp | 3xd89a_firmware | * |
| hp | z4a71a_firmware | * |
| hp | w1y40a_firmware | * |
| hp | w1a35a_firmware | * |
| hp | t0f35a_firmware | * |
| hp | 1kr54a_firmware | * |
| hp | 228f5a_firmware | * |
| hp | m2u84b_firmware | * |
| hp | w1b33a_firmware | * |
| hp | t0f40a_firmware | * |
| hp | m2u94b_firmware | * |
| hp | 2ry55a_firmware | * |
| hp | l3t99a_firmware | * |
| hp | 5lj23a_firmware | * |
| hp | 3yf57a_firmware | * |
| hp | 5lj19a_firmware | * |
| hp | t0f38a_firmware | * |
| hp | 1tj09a_firmware | * |
| hp | 5lj18a_firmware | * |
| hp | z4a70a_firmware | * |
| hp | 3yw48a_firmware | * |
| hp | 5sd79a_firmware | * |
| hp | j3p66a_firmware | * |
| hp | t0f31a_firmware | * |
| hp | 1mr69a_firmware | * |
| hp | 3yf58a_firmware | * |
| hp | y3z44a_firmware | * |
| hp | m2u76a_firmware | * |
| hp | m2u85b_firmware | * |
| hp | 223r1a_firmware | * |
| hp | w1a52a_firmware | * |
| hp | w1a28a_firmware | * |
| hp | 223n1a_firmware | * |
| hp | m2u91b_firmware | * |
| hp | w1b28a_firmware | * |
| hp | 3yf56a_firmware | * |
| hp | 5lj15a_firmware | * |
| hp | 223n5a_firmware | * |
| hp | 3uk84a_firmware | * |
| hp | w1y44a_firmware | * |
| hp | y3z47a_firmware | * |
| hp | m2u84a_firmware | * |
| hp | k9z76a_firmware | * |
| hp | w1y41a_firmware | * |
| hp | z4b29a_firmware | * |
| hp | j3p68a_firmware | * |
| hp | 1mr73a_firmware | * |
| hp | d9l21a_firmware | * |
| hp | 1mr70a_firmware | * |
| hp | d3q20a_firmware | * |
| hp | w1a57a_firmware | * |
| hp | z3m52a_firmware | * |
| hp | 5se50a_firmware | * |
| hp | w1a33a_firmware | * |
| hp | y0s19a_firmware | * |
| hp | 3yf60a_firmware | * |
| hp | 1mr79a_firmware | * |
| hp | m2u86a_firmware | * |
| hp | 7xk12a_firmware | * |
| hp | 4sb23a_firmware | * |
| hp | y0f73a_firmware | * |
| hp | d9l63a_firmware | * |
| hp | g5j56a_firmware | * |
| hp | 1mr76a_firmware | * |
| hp | 1tj12a_firmware | * |
| hp | d3q16a_firmware | * |
| hp | 1mr77a_firmware | * |
| hp | m2u86b_firmware | * |
| hp | z4a73a_firmware | * |
| hp | 5se48a_firmware | * |
| hp | p4c82a_firmware | * |
| hp | 3yw51a_firmware | * |
| hp | w1a80a_firmware | * |
| hp | 223r2a_firmware | * |
| hp | d9l20a_firmware | * |
| hp | 2ry56a_firmware | * |
| hp | 93m22a_firmware | * |
| hp | 5se19a_firmware | * |
| hp | m2u81b_firmware | * |
| hp | 1g5m0a_firmware | * |
| hp | w1a32a_firmware | * |
| hp | w1a38a_firmware | * |
| hp | w1b37a_firmware | * |
| hp | 5se20a_firmware | * |
| hp | 3dp64a_firmware | * |
| hp | 1kr55a_firmware | * |
| hp | k7s40a_firmware | * |
| hp | 3yf59a_firmware | * |
| hp | k7g22a_firmware | * |
| hp | 1tj11a_firmware | * |
| hp | 226y9a_firmware | * |
| hp | k7s08a_firmware | * |
| hp | k7g93a_firmware | * |
| hp | 1kr49a_firmware | * |
| hp | k7g99a_firmware | * |
| hp | 1l0h8a_firmware | * |
| hp | g5j38a_firmware | * |
| hp | t0f36a_firmware | * |
| hp | 6wd35a_firmware | * |
| hp | m2u91a_firmware | * |
| hp | k7g18a_firmware | * |
| hp | k7g23a_firmware | * |
| hp | z3m37a_firmware | * |
| hp | w1a77a_firmware | * |
| hp | 8qq87a_firmware | * |
| hp | w1y46a_firmware | * |
| hp | 7cz37a_firmware | * |
| hp | j7k34a_firmware | * |
| hp | 2k4w2a_firmware | * |
| hp | 1tj10a_firmware | * |
| hp | t0g26a_firmware | * |
| hp | y3z46a_firmware | * |
| hp | k7s43a_firmware | * |
| hp | 223n9a_firmware | * |
| hp | z4a69a_firmware | * |
| hp | j7k36a_firmware | * |
| hp | 3uc64a_firmware | * |
| hp | 2k4w1a_firmware | * |
| hp | 3dp66a_firmware | * |
| hp | 3yw72a_firmware | * |
| hp | 5se47a_firmware | * |
| hp | 1l0h6a_firmware | * |
| hp | t0f28a_firmware | * |
| hp | z4b14a_firmware | * |
| hp | 2k5l5a_firmware | * |
| hp | 1kr42a_firmware | * |
| hp | z4b12a_firmware | * |
| hp | k7g95a_firmware | * |
| hp | m2u92b_firmware | * |
| hp | w1b39a_firmware | * |
| hp | z4a61b_firmware | * |
| hp | 8qq97a_firmware | * |
| hp | 1l0h7a_firmware | * |
| hp | 3yf68a_firmware | * |
| hp | y0k15a_firmware | * |
| hp | z4a61a_firmware | * |
| hp | 1mr67a_firmware | * |
| hp | 1mr68a_firmware | * |
| hp | j7k35a_firmware | * |
| hp | w1a34a_firmware | * |
| hp | m2u89b_firmware | * |
| hp | d3q17a_firmware | * |
| hp | t0f32a_firmware | * |
| hp | m2u86c_firmware | * |
| hp | z4a74a_firmware | * |
| hp | 8qq86a_firmware | * |
| hp | w1a47a_firmware | * |
| hp | 5se17a_firmware | * |
| hp | j6u55b_firmware | * |
| hp | w1a59a_firmware | * |
Certain HP Print Products are potentially vulnerable to Buffer Overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | j6u51b_firmware | * |
| hp | y3z54a_firmware | * |
| hp | j7k38a_firmware | * |
| hp | j6x80a_firmware | * |
| hp | m9l66a_firmware | * |
| hp | t0f35a_firmware | * |
| hp | j6u55a_firmware | * |
| hp | p4c78a_firmware | * |
| hp | w1b33a_firmware | * |
| hp | j7k33a_firmware | * |
| hp | t0f40a_firmware | * |
| hp | t0g47a_firmware | * |
| hp | t0f33a_firmware | * |
| hp | t0g25a_firmware | * |
| hp | t0g48a_firmware | * |
| hp | l3t99a_firmware | * |
| hp | t0f38a_firmware | * |
| hp | t0f39a_firmware | * |
| hp | k7s32a_firmware | * |
| hp | j3p66a_firmware | * |
| hp | j6x83a_firmware | * |
| hp | t0f31a_firmware | * |
| hp | t0f30a_firmware | * |
| hp | y3z44a_firmware | * |
| hp | j7k40a_firmware | * |
| hp | w1b28a_firmware | * |
| hp | d3q15a_firmware | * |
| hp | y3z47a_firmware | * |
| hp | j9v80a_firmware | * |
| hp | k9z76a_firmware | * |
| hp | k7s39a_firmware | * |
| hp | p4c86a_firmware | * |
| hp | j3p68a_firmware | * |
| hp | d9l18a_firmware | * |
| hp | d9l21a_firmware | * |
| hp | j6x76a_firmware | * |
| hp | d3q20a_firmware | * |
| hp | t1p99a_firmware | * |
| hp | t0f37a_firmware | * |
| hp | y0s19a_firmware | * |
| hp | m9l67a_firmware | * |
| hp | k7s42a_firmware | * |
| hp | p4c84a_firmware | * |
| hp | y3z57a_firmware | * |
| hp | d9l63a_firmware | * |
| hp | g5j56a_firmware | * |
| hp | p4c81a_firmware | * |
| hp | t0g65a_firmware | * |
| hp | m9l70a_firmware | * |
| hp | j6x78a_firmware | * |
| hp | j3p67a_firmware | * |
| hp | d3q16a_firmware | * |
| hp | p4c82a_firmware | * |
| hp | t0g46a_firmware | * |
| hp | d9l20a_firmware | * |
| hp | d9l64a_firmware | * |
| hp | y3z45a_firmware | * |
| hp | w1b37a_firmware | * |
| hp | w1b38a_firmware | * |
| hp | k7s40a_firmware | * |
| hp | m9l65a_firmware | * |
| hp | y0s18a_firmware | * |
| hp | j7k39a_firmware | * |
| hp | a7w93a_firmware | * |
| hp | k7s38a_firmware | * |
| hp | j6x81a_firmware | * |
| hp | g5j38a_firmware | * |
| hp | t0f36a_firmware | * |
| hp | j7k42a_firmware | * |
| hp | k7s41a_firmware | * |
| hp | k7s37a_firmware | * |
| hp | j3p65a_firmware | * |
| hp | j7k34a_firmware | * |
| hp | j6x79a_firmware | * |
| hp | t3p03a_firmware | * |
| hp | t0g26a_firmware | * |
| hp | y3z46a_firmware | * |
| hp | j6u57a_firmware | * |
| hp | k7s43a_firmware | * |
| hp | j7k36a_firmware | * |
| hp | d3q21a_firmware | * |
| hp | t0f29a_firmware | * |
| hp | t0g70a_firmware | * |
| hp | j9v82a_firmware | * |
| hp | t0f28a_firmware | * |
| hp | w1b29a_firmware | * |
| hp | t0g49a_firmware | * |
| hp | w1b31a_firmware | * |
| hp | d3q19a_firmware | * |
| hp | j7k41a_firmware | * |
| hp | j7k37a_firmware | * |
| hp | t0f34a_firmware | * |
| hp | w1b39a_firmware | * |
| hp | p4c85a_firmware | * |
| hp | j7k35a_firmware | * |
| hp | d3q17a_firmware | * |
| hp | t0f32a_firmware | * |
| hp | j6x77a_firmware | * |
| hp | j6u55b_firmware | * |
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mp9_g4_retail_system_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z2_small_form_factor_g8_workstation_firmware | * |
| hp | pro_tower_480_g9_desktop_pc_firmware | * |
| hp | zbook_firefly_14_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elite_x360_1040_14_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | prodesk_405_g6_desktop_mini_pc_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | probook_455_g8_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | * |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_pc_firmware | * |
| hp | zbook_studio_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | elitebook_755_g3_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | elitedesk_705_g3_microtower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | z2_mini_g5_workstation_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_445_14_inch_g9_notebook_pc_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elitedesk_705_g4_workstation_edition_firmware | * |
| hp | pro_mt440_g3_mobile_thin_client_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | probook_fortis_14_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_725_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | z1_all-in-one_g3_workstation_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | elitebook_865_16_inch_g9_notebook_pc_firmware | * |
| hp | zbook_power_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_mini_600_g9_desktop_pc_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | mini_conferencing_pc_with_zoom_rooms_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | probook_fortis_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmware | * |
| hp | eliteone_870_27_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | elitebook_640_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_440_14_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | elite_tower_800_g9_desktop_pc_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_405_g6_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | mt21_mobile_thin_client_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | zbook_firefly_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_15u_g4_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_450_15.6_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | prodesk_400_g4_microtower_pc_firmware | * |
| hp | probook_x360_435_g8_notebook_pc_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | * |
| hp | elite_sff_600_g9_desktop_pc_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g3_microtower_pc_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | z2_small_form_factor_g9_workstation_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | zbook_firefly_14_inch_g8_mobile_workstation_pc_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | elite_x2_1012_g1_tablet_with_travel_keyboard_firmware | * |
| hp | prodesk_405_g4_small_form_factor_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | z2_tower_g4_workstation_firmware | * |
| hp | pro_sff_400_g9_desktop_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | z2_tower_g5_workstation_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | elite_x360_830_13_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | mt31_mobile_thin_client_firmware | * |
| hp | z840_workstation_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | zbook_power_15.6_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | mt22_mobile_thin_client_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | pro_x360_fortis_11_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_1040_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_tower_680_g9_desktop_pc_firmware | * |
| hp | zcentral_4r_workstation_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | zhan_66_pro_a_14_g4_notebook_pc_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | mt46_mobile_thin_client_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | elitebook_645_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_745_g3_firmware | * |
| hp | elite_slice_g2_with_intel_unite_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | * |
| hp | proone_400_g2_20-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_445_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | pro_tower_400_g9_desktop_pc_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_a_14_g5_notebook_pc_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | zbook_fury_17_g7_firmware | * |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g2_desktop_mini_pc_firmware | * |
| hp | z2_small_form_factor_g5_workstation_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_450_g3_firmware | * |
| hp | prodesk_680_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | zbook_fury_16_g9_mobile_workstation_pc_firmware | * |
| hp | probook_455_15.6_inch_g9_notebook_pc_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_with_zoom_rooms_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | probook_645_g2_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | z440_workstation_firmware | * |
| hp | elite_x2_1012_g1_tablet_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | elitebook_650_15.6_inch_g9_notebook_pc_firmware | * |
| hp | mt43_mobile_thin_client_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | dragonfly_folio_13.5_inch_g3_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | pro_x360_fortis_11_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | mt44_mobile_thin_client_firmware | * |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | mt42_mobile_thin_client_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | elite_slice_firmware | * |
| hp | z1_g9_tower_desktop_pc_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | z2_small_form_factor_g4_workstation_firmware | * |
| hp | zbook_fury_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zhan_66_pro_14_inch_g5_notebook_pc_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | probook_635_aero_g8_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_-_audio_ready_with_zoom_rooms_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | elite_mini_800_g9_desktop_pc_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | mt32_mobile_thin_client_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | elite_tower_880_g9_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | elite_dragonfly_13.5_inch_g3_notebook_pc_firmware | * |
| hp | elitedesk_705_g4_microtower_pc_firmware | * |
| hp | mt45_mobile_thin_client_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_835_13_inch_g9_notebook_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_400_g2_desktop_mini_pc_firmware | * |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_sff_800_g9_desktop_pc_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | elitebook_830_13.3_inch_g9_notebook_pc_firmware | * |
| hp | z2_mini_g9_workstation_firmware | * |
| hp | zbook_firefly_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | z2_mini_g4_workstation_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitedesk_705_g3_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | * |
| hp | zbook_studio_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_455_g5_firmware | * |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | z2_tower_g8_workstation_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | prodesk_600_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zbook_fury_17.3_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | elitedesk_800_g3_tower_pc_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | proone_440_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z640_workstation_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | probook_445r_g6_firmware | * |
| hp | elitedesk_705_g3_small_form_factor_pc_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | eliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_pc_firmware | * |
| hp | probook_11_ee_g2_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_630_13_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_with_microsoft_teams_rooms_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | pro_mini_400_g9_desktop_pc_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | probook_455_g3_firmware | * |
| hp | elitebook_860_16_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | z2_tower_g9_workstation_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_655_g2_firmware | * |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | * |
| hp | probook_445_g8_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_845_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | elite_tower_600_g9_desktop_pc_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | * |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_14_g4_notebook_pc_firmware | * |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_655_15.6_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | probook_455r_g6_firmware | * |
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mp9_g4_retail_system_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z2_small_form_factor_g8_workstation_firmware | * |
| hp | pro_tower_480_g9_desktop_pc_firmware | * |
| hp | zbook_firefly_14_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elite_x360_1040_14_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | prodesk_405_g6_desktop_mini_pc_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | probook_455_g8_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | * |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_pc_firmware | * |
| hp | zbook_studio_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | elitebook_755_g3_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | elitedesk_705_g3_microtower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | z2_mini_g5_workstation_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_445_14_inch_g9_notebook_pc_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elitedesk_705_g4_workstation_edition_firmware | * |
| hp | pro_mt440_g3_mobile_thin_client_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | probook_fortis_14_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_725_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | z1_all-in-one_g3_workstation_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | elitebook_865_16_inch_g9_notebook_pc_firmware | * |
| hp | zbook_power_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_mini_600_g9_desktop_pc_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | mini_conferencing_pc_with_zoom_rooms_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | probook_fortis_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmware | * |
| hp | eliteone_870_27_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | elitebook_640_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_440_14_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | elite_tower_800_g9_desktop_pc_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_405_g6_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | mt21_mobile_thin_client_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | zbook_firefly_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_15u_g4_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_450_15.6_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | prodesk_400_g4_microtower_pc_firmware | * |
| hp | probook_x360_435_g8_notebook_pc_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | * |
| hp | elite_sff_600_g9_desktop_pc_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g3_microtower_pc_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | z2_small_form_factor_g9_workstation_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | zbook_firefly_14_inch_g8_mobile_workstation_pc_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | elite_x2_1012_g1_tablet_with_travel_keyboard_firmware | * |
| hp | prodesk_405_g4_small_form_factor_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | z2_tower_g4_workstation_firmware | * |
| hp | pro_sff_400_g9_desktop_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | z2_tower_g5_workstation_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | elite_x360_830_13_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | mt31_mobile_thin_client_firmware | * |
| hp | z840_workstation_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | zbook_power_15.6_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | mt22_mobile_thin_client_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | pro_x360_fortis_11_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_1040_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_tower_680_g9_desktop_pc_firmware | * |
| hp | zcentral_4r_workstation_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | zhan_66_pro_a_14_g4_notebook_pc_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | mt46_mobile_thin_client_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | elitebook_645_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_745_g3_firmware | * |
| hp | elite_slice_g2_with_intel_unite_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | * |
| hp | proone_400_g2_20-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_445_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | pro_tower_400_g9_desktop_pc_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_a_14_g5_notebook_pc_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | zbook_fury_17_g7_firmware | * |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g2_desktop_mini_pc_firmware | * |
| hp | z2_small_form_factor_g5_workstation_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_450_g3_firmware | * |
| hp | prodesk_680_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | zbook_fury_16_g9_mobile_workstation_pc_firmware | * |
| hp | probook_455_15.6_inch_g9_notebook_pc_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_with_zoom_rooms_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | probook_645_g2_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | z440_workstation_firmware | * |
| hp | elite_x2_1012_g1_tablet_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | elitebook_650_15.6_inch_g9_notebook_pc_firmware | * |
| hp | mt43_mobile_thin_client_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | dragonfly_folio_13.5_inch_g3_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | pro_x360_fortis_11_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | mt44_mobile_thin_client_firmware | * |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | mt42_mobile_thin_client_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | elite_slice_firmware | * |
| hp | z1_g9_tower_desktop_pc_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | z2_small_form_factor_g4_workstation_firmware | * |
| hp | zbook_fury_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zhan_66_pro_14_inch_g5_notebook_pc_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | probook_635_aero_g8_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_-_audio_ready_with_zoom_rooms_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | elite_mini_800_g9_desktop_pc_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | mt32_mobile_thin_client_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | elite_tower_880_g9_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | elite_dragonfly_13.5_inch_g3_notebook_pc_firmware | * |
| hp | elitedesk_705_g4_microtower_pc_firmware | * |
| hp | mt45_mobile_thin_client_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_835_13_inch_g9_notebook_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_400_g2_desktop_mini_pc_firmware | * |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_sff_800_g9_desktop_pc_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | elitebook_830_13.3_inch_g9_notebook_pc_firmware | * |
| hp | z2_mini_g9_workstation_firmware | * |
| hp | zbook_firefly_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | z2_mini_g4_workstation_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitedesk_705_g3_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | * |
| hp | zbook_studio_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_455_g5_firmware | * |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | z2_tower_g8_workstation_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | prodesk_600_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zbook_fury_17.3_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | elitedesk_800_g3_tower_pc_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | proone_440_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z640_workstation_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | probook_445r_g6_firmware | * |
| hp | elitedesk_705_g3_small_form_factor_pc_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | eliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_pc_firmware | * |
| hp | probook_11_ee_g2_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_630_13_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_with_microsoft_teams_rooms_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | pro_mini_400_g9_desktop_pc_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | probook_455_g3_firmware | * |
| hp | elitebook_860_16_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | z2_tower_g9_workstation_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_655_g2_firmware | * |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | * |
| hp | probook_445_g8_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_845_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | elite_tower_600_g9_desktop_pc_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | * |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_14_g4_notebook_pc_firmware | * |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_655_15.6_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | probook_455r_g6_firmware | * |
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mp9_g4_retail_system_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z2_small_form_factor_g8_workstation_firmware | * |
| hp | pro_tower_480_g9_desktop_pc_firmware | * |
| hp | zbook_firefly_14_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elite_x360_1040_14_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | prodesk_405_g6_desktop_mini_pc_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | probook_455_g8_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | * |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_pc_firmware | * |
| hp | zbook_studio_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | elitebook_755_g3_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | elitedesk_705_g3_microtower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | z2_mini_g5_workstation_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_445_14_inch_g9_notebook_pc_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elitedesk_705_g4_workstation_edition_firmware | * |
| hp | pro_mt440_g3_mobile_thin_client_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | probook_fortis_14_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_725_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | z1_all-in-one_g3_workstation_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | elitebook_865_16_inch_g9_notebook_pc_firmware | * |
| hp | zbook_power_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_mini_600_g9_desktop_pc_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | mini_conferencing_pc_with_zoom_rooms_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | probook_fortis_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmware | * |
| hp | eliteone_870_27_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | elitebook_640_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_440_14_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | elite_tower_800_g9_desktop_pc_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_405_g6_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | mt21_mobile_thin_client_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | zbook_firefly_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_15u_g4_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_450_15.6_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | prodesk_400_g4_microtower_pc_firmware | * |
| hp | probook_x360_435_g8_notebook_pc_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | * |
| hp | elite_sff_600_g9_desktop_pc_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g3_microtower_pc_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | z2_small_form_factor_g9_workstation_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | zbook_firefly_14_inch_g8_mobile_workstation_pc_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | elite_x2_1012_g1_tablet_with_travel_keyboard_firmware | * |
| hp | prodesk_405_g4_small_form_factor_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | z2_tower_g4_workstation_firmware | * |
| hp | pro_sff_400_g9_desktop_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | z2_tower_g5_workstation_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | elite_x360_830_13_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | mt31_mobile_thin_client_firmware | * |
| hp | z840_workstation_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | zbook_power_15.6_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | mt22_mobile_thin_client_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | pro_x360_fortis_11_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_1040_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_tower_680_g9_desktop_pc_firmware | * |
| hp | zcentral_4r_workstation_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | zhan_66_pro_a_14_g4_notebook_pc_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | mt46_mobile_thin_client_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | elitebook_645_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_745_g3_firmware | * |
| hp | elite_slice_g2_with_intel_unite_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | * |
| hp | proone_400_g2_20-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_445_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | pro_tower_400_g9_desktop_pc_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_a_14_g5_notebook_pc_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | zbook_fury_17_g7_firmware | * |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g2_desktop_mini_pc_firmware | * |
| hp | z2_small_form_factor_g5_workstation_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_450_g3_firmware | * |
| hp | prodesk_680_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | zbook_fury_16_g9_mobile_workstation_pc_firmware | * |
| hp | probook_455_15.6_inch_g9_notebook_pc_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_with_zoom_rooms_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | probook_645_g2_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | z440_workstation_firmware | * |
| hp | elite_x2_1012_g1_tablet_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | elitebook_650_15.6_inch_g9_notebook_pc_firmware | * |
| hp | mt43_mobile_thin_client_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | dragonfly_folio_13.5_inch_g3_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | pro_x360_fortis_11_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | mt44_mobile_thin_client_firmware | * |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | mt42_mobile_thin_client_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | elite_slice_firmware | * |
| hp | z1_g9_tower_desktop_pc_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | z2_small_form_factor_g4_workstation_firmware | * |
| hp | zbook_fury_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zhan_66_pro_14_inch_g5_notebook_pc_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | probook_635_aero_g8_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_-_audio_ready_with_zoom_rooms_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | elite_mini_800_g9_desktop_pc_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | mt32_mobile_thin_client_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | elite_tower_880_g9_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | elite_dragonfly_13.5_inch_g3_notebook_pc_firmware | * |
| hp | elitedesk_705_g4_microtower_pc_firmware | * |
| hp | mt45_mobile_thin_client_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_835_13_inch_g9_notebook_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_400_g2_desktop_mini_pc_firmware | * |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_sff_800_g9_desktop_pc_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | elitebook_830_13.3_inch_g9_notebook_pc_firmware | * |
| hp | z2_mini_g9_workstation_firmware | * |
| hp | zbook_firefly_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | z2_mini_g4_workstation_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitedesk_705_g3_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | * |
| hp | zbook_studio_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_455_g5_firmware | * |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | z2_tower_g8_workstation_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | prodesk_600_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zbook_fury_17.3_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | elitedesk_800_g3_tower_pc_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | proone_440_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z640_workstation_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | probook_445r_g6_firmware | * |
| hp | elitedesk_705_g3_small_form_factor_pc_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | eliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_pc_firmware | * |
| hp | probook_11_ee_g2_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_630_13_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_with_microsoft_teams_rooms_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | pro_mini_400_g9_desktop_pc_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | probook_455_g3_firmware | * |
| hp | elitebook_860_16_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | z2_tower_g9_workstation_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_655_g2_firmware | * |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | * |
| hp | probook_445_g8_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_845_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | elite_tower_600_g9_desktop_pc_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | * |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_14_g4_notebook_pc_firmware | * |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_655_15.6_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | probook_455r_g6_firmware | * |
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mp9_g4_retail_system_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z2_small_form_factor_g8_workstation_firmware | * |
| hp | pro_tower_480_g9_desktop_pc_firmware | * |
| hp | zbook_firefly_14_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elite_x360_1040_14_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | prodesk_405_g6_desktop_mini_pc_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | probook_455_g8_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | * |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_pc_firmware | * |
| hp | zbook_studio_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | elitebook_755_g3_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | elitedesk_705_g3_microtower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | z2_mini_g5_workstation_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_445_14_inch_g9_notebook_pc_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elitedesk_705_g4_workstation_edition_firmware | * |
| hp | pro_mt440_g3_mobile_thin_client_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | probook_fortis_14_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_725_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | z1_all-in-one_g3_workstation_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | elitebook_865_16_inch_g9_notebook_pc_firmware | * |
| hp | zbook_power_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_mini_600_g9_desktop_pc_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | mini_conferencing_pc_with_zoom_rooms_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | probook_fortis_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmware | * |
| hp | eliteone_870_27_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | elitebook_640_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_440_14_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | elite_tower_800_g9_desktop_pc_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_405_g6_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | mt21_mobile_thin_client_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | zbook_firefly_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_15u_g4_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_450_15.6_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | prodesk_400_g4_microtower_pc_firmware | * |
| hp | probook_x360_435_g8_notebook_pc_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | * |
| hp | elite_sff_600_g9_desktop_pc_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g3_microtower_pc_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | z2_small_form_factor_g9_workstation_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | zbook_firefly_14_inch_g8_mobile_workstation_pc_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | elite_x2_1012_g1_tablet_with_travel_keyboard_firmware | * |
| hp | prodesk_405_g4_small_form_factor_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | z2_tower_g4_workstation_firmware | * |
| hp | pro_sff_400_g9_desktop_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | z2_tower_g5_workstation_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | elite_x360_830_13_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | mt31_mobile_thin_client_firmware | * |
| hp | z840_workstation_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | zbook_power_15.6_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | mt22_mobile_thin_client_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | pro_x360_fortis_11_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_1040_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_tower_680_g9_desktop_pc_firmware | * |
| hp | zcentral_4r_workstation_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | zhan_66_pro_a_14_g4_notebook_pc_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | mt46_mobile_thin_client_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | elitebook_645_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_745_g3_firmware | * |
| hp | elite_slice_g2_with_intel_unite_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | * |
| hp | proone_400_g2_20-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_445_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | pro_tower_400_g9_desktop_pc_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_a_14_g5_notebook_pc_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | zbook_fury_17_g7_firmware | * |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g2_desktop_mini_pc_firmware | * |
| hp | z2_small_form_factor_g5_workstation_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_450_g3_firmware | * |
| hp | prodesk_680_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | zbook_fury_16_g9_mobile_workstation_pc_firmware | * |
| hp | probook_455_15.6_inch_g9_notebook_pc_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_with_zoom_rooms_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | probook_645_g2_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | z440_workstation_firmware | * |
| hp | elite_x2_1012_g1_tablet_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | elitebook_650_15.6_inch_g9_notebook_pc_firmware | * |
| hp | mt43_mobile_thin_client_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | dragonfly_folio_13.5_inch_g3_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | pro_x360_fortis_11_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | mt44_mobile_thin_client_firmware | * |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | mt42_mobile_thin_client_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | elite_slice_firmware | * |
| hp | z1_g9_tower_desktop_pc_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | z2_small_form_factor_g4_workstation_firmware | * |
| hp | zbook_fury_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zhan_66_pro_14_inch_g5_notebook_pc_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | probook_635_aero_g8_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_-_audio_ready_with_zoom_rooms_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | elite_mini_800_g9_desktop_pc_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | mt32_mobile_thin_client_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | elite_tower_880_g9_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | elite_dragonfly_13.5_inch_g3_notebook_pc_firmware | * |
| hp | elitedesk_705_g4_microtower_pc_firmware | * |
| hp | mt45_mobile_thin_client_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_835_13_inch_g9_notebook_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_400_g2_desktop_mini_pc_firmware | * |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_sff_800_g9_desktop_pc_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | elitebook_830_13.3_inch_g9_notebook_pc_firmware | * |
| hp | z2_mini_g9_workstation_firmware | * |
| hp | zbook_firefly_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | z2_mini_g4_workstation_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitedesk_705_g3_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | * |
| hp | zbook_studio_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_455_g5_firmware | * |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | z2_tower_g8_workstation_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | prodesk_600_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zbook_fury_17.3_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | elitedesk_800_g3_tower_pc_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | proone_440_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z640_workstation_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | probook_445r_g6_firmware | * |
| hp | elitedesk_705_g3_small_form_factor_pc_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | eliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_pc_firmware | * |
| hp | probook_11_ee_g2_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_630_13_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_with_microsoft_teams_rooms_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | pro_mini_400_g9_desktop_pc_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | probook_455_g3_firmware | * |
| hp | elitebook_860_16_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | z2_tower_g9_workstation_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_655_g2_firmware | * |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | * |
| hp | probook_445_g8_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_845_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | elite_tower_600_g9_desktop_pc_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | * |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_14_g4_notebook_pc_firmware | * |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_655_15.6_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | probook_455r_g6_firmware | * |
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mp9_g4_retail_system_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z2_small_form_factor_g8_workstation_firmware | * |
| hp | pro_tower_480_g9_desktop_pc_firmware | * |
| hp | zbook_firefly_14_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elite_x360_1040_14_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | prodesk_405_g6_desktop_mini_pc_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | probook_455_g8_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | * |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_pc_firmware | * |
| hp | zbook_studio_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | elitebook_755_g3_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | elitedesk_705_g3_microtower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | z2_mini_g5_workstation_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_445_14_inch_g9_notebook_pc_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elitedesk_705_g4_workstation_edition_firmware | * |
| hp | pro_mt440_g3_mobile_thin_client_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | probook_fortis_14_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_725_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | z1_all-in-one_g3_workstation_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | elitebook_865_16_inch_g9_notebook_pc_firmware | * |
| hp | zbook_power_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_mini_600_g9_desktop_pc_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | mini_conferencing_pc_with_zoom_rooms_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | probook_fortis_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmware | * |
| hp | eliteone_870_27_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | elitebook_640_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_440_14_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | elite_tower_800_g9_desktop_pc_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_405_g6_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | mt21_mobile_thin_client_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | zbook_firefly_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_15u_g4_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_450_15.6_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | prodesk_400_g4_microtower_pc_firmware | * |
| hp | probook_x360_435_g8_notebook_pc_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | * |
| hp | elite_sff_600_g9_desktop_pc_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g3_microtower_pc_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | z2_small_form_factor_g9_workstation_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | zbook_firefly_14_inch_g8_mobile_workstation_pc_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | elite_x2_1012_g1_tablet_with_travel_keyboard_firmware | * |
| hp | prodesk_405_g4_small_form_factor_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | z2_tower_g4_workstation_firmware | * |
| hp | pro_sff_400_g9_desktop_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | z2_tower_g5_workstation_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | elite_x360_830_13_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | mt31_mobile_thin_client_firmware | * |
| hp | z840_workstation_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | zbook_power_15.6_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | mt22_mobile_thin_client_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | pro_x360_fortis_11_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_1040_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_tower_680_g9_desktop_pc_firmware | * |
| hp | zcentral_4r_workstation_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | zhan_66_pro_a_14_g4_notebook_pc_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | mt46_mobile_thin_client_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | elitebook_645_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_745_g3_firmware | * |
| hp | elite_slice_g2_with_intel_unite_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | * |
| hp | proone_400_g2_20-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_445_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | pro_tower_400_g9_desktop_pc_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_a_14_g5_notebook_pc_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | zbook_fury_17_g7_firmware | * |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g2_desktop_mini_pc_firmware | * |
| hp | z2_small_form_factor_g5_workstation_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_450_g3_firmware | * |
| hp | prodesk_680_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | zbook_fury_16_g9_mobile_workstation_pc_firmware | * |
| hp | probook_455_15.6_inch_g9_notebook_pc_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_with_zoom_rooms_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | probook_645_g2_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | z440_workstation_firmware | * |
| hp | elite_x2_1012_g1_tablet_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | elitebook_650_15.6_inch_g9_notebook_pc_firmware | * |
| hp | mt43_mobile_thin_client_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | dragonfly_folio_13.5_inch_g3_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | pro_x360_fortis_11_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | mt44_mobile_thin_client_firmware | * |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | mt42_mobile_thin_client_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | elite_slice_firmware | * |
| hp | z1_g9_tower_desktop_pc_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | z2_small_form_factor_g4_workstation_firmware | * |
| hp | zbook_fury_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zhan_66_pro_14_inch_g5_notebook_pc_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | probook_635_aero_g8_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_-_audio_ready_with_zoom_rooms_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | elite_mini_800_g9_desktop_pc_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | mt32_mobile_thin_client_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | elite_tower_880_g9_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | elite_dragonfly_13.5_inch_g3_notebook_pc_firmware | * |
| hp | elitedesk_705_g4_microtower_pc_firmware | * |
| hp | mt45_mobile_thin_client_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_835_13_inch_g9_notebook_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_400_g2_desktop_mini_pc_firmware | * |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_sff_800_g9_desktop_pc_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | elitebook_830_13.3_inch_g9_notebook_pc_firmware | * |
| hp | z2_mini_g9_workstation_firmware | * |
| hp | zbook_firefly_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | z2_mini_g4_workstation_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitedesk_705_g3_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | * |
| hp | zbook_studio_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_455_g5_firmware | * |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | z2_tower_g8_workstation_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | prodesk_600_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zbook_fury_17.3_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | elitedesk_800_g3_tower_pc_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | proone_440_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z640_workstation_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | probook_445r_g6_firmware | * |
| hp | elitedesk_705_g3_small_form_factor_pc_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | eliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_pc_firmware | * |
| hp | probook_11_ee_g2_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_630_13_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_with_microsoft_teams_rooms_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | pro_mini_400_g9_desktop_pc_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | probook_455_g3_firmware | * |
| hp | elitebook_860_16_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | z2_tower_g9_workstation_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_655_g2_firmware | * |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | * |
| hp | probook_445_g8_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_845_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | elite_tower_600_g9_desktop_pc_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | * |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_14_g4_notebook_pc_firmware | * |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_655_15.6_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | probook_455r_g6_firmware | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_fury_17_g7_firmware | * |
| hp | engage_flex_pro-c_retail_system_firmware | * |
| hp | probook_470_g4_firmware | * |
| hp | elite_dragonfly_g3_firmware | * |
| hp | mp9_g4_retail_system_firmware | * |
| hp | prodesk_400_g6_firmware | * |
| hp | z1_g9_tower_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | elitedesk_800_g3_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | probook_440_g4_firmware | * |
| hp | probook_455_g8_firmware | * |
| hp | mt21_firmware | * |
| hp | elite_tower_800_g9_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | elitebook_1040_g9_firmware | * |
| hp | elite_slice_g2_firmware | * |
| hp | proone_440_g9_firmware | * |
| hp | pro_mini_400_g9_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | proone_600_g4_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitedesk_880_g6_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | elitebook_845_g9_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | elitedesk_705_g4_firmware | * |
| hp | prodesk_405_g4_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | eliteone_800_g8_firmware | * |
| hp | eliteone_870_g9_firmware | * |
| hp | elitedesk_880_g8_firmware | * |
| hp | proone_440_g4_firmware | * |
| hp | prodesk_680_g4_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | zhan_66_pro_g5_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | probook_430_g4_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_800_g4_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | elite_x360_1040_g9_firmware | * |
| hp | elitedesk_705_g5_firmware | * |
| hp | elitebook_830_g9_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | elitebook_835_g9_firmware | * |
| hp | eliteone_1000_g1_firmware | * |
| hp | eliteone_1000_g2_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | elitedesk_800_g6_firmware | * |
| hp | elitebook_640_g9_firmware | * |
| hp | eliteone_800_g3_healthcare_edition_firmware | * |
| hp | zbook_power_g9_firmware | * |
| hp | engage_flex_pro_retail_system_firmware | * |
| hp | elitebook_650_g9_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | probook_635_aero_g8_firmware | * |
| hp | proone_400_g6_firmware | * |
| hp | prodesk_480_g7_pci_firmware | * |
| hp | elite_tower_680_g9_firmware | * |
| hp | elite_mini_800_g9_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | eliteone_800_g5_healthcare_edition_firmware | * |
| hp | proone_440_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | prodesk_400_g3_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | z2_mini_g3_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | elitedesk_880_g5_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | mt46_firmware | * |
| hp | elite_x360_830_g9_firmware | * |
| hp | elitebook_865_g9_firmware | * |
| hp | proone_400_g5_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | prodesk_400_g4_firmware | * |
| hp | elitedesk_800_g5_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | prodesk_405_g6_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | eliteone_800_g6_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | probook_440_g9_firmware | * |
| hp | probook_fortis_g10_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | proone_600_g5_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | proone_480_g3_firmware | * |
| hp | mt32_firmware | * |
| hp | elitebook_846_g5_healthcare_edition_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | elitedesk_800_g8_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | elite_tower_600_g9_firmware | * |
| hp | zbook_fury_g8_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | mt31_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_680_g3_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | eliteone_800_g3_firmware | * |
| hp | zbook_studio_g9_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | elitebook_860_g9_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | zbook_power_g8_firmware | * |
| hp | proone_400_g3_firmware | * |
| hp | elite_tower_880_g9_firmware | * |
| hp | pro_tower_480_g9_firmware | * |
| hp | pro_tower_400_g9_firmware | * |
| hp | z2_tower_g9_firmware | * |
| hp | elitedesk_880_g4_firmware | * |
| hp | pro_sff_400_g9_firmware | * |
| hp | probook_450_g9_firmware | * |
| hp | z2_small_form_factor_g8_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z2_mini_g4_firmware | * |
| hp | z2_small_form_factor_g4_firmware | * |
| hp | z1_all-in-one_g3_firmware | * |
| hp | elite_x2_g8__firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | mini_conferencing_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | zhan_66_pro_g3_firmware | * |
| hp | engage_one_pro_aio_system_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elitebook_840_g9_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | elitedesk_880_g3_firmware | * |
| hp | probook_455_g5_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | zbook_firefly_g9_firmware | * |
| hp | elitebook_846r_g4_firmware | * |
| hp | elitedesk_805_g8_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | elitebook_630_g9_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | mt45_firmware | * |
| hp | z2_small_form_factor_g5_firmware | * |
| hp | probook_fortis_g9_firmware | * |
| hp | z2_tower_g5_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | mt43_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | probook_x360_435_g8_firmware | * |
| hp | elite_sff_800_g9_firmware | * |
| hp | pro_mt440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | zhan_66_pro_14_g4_firmware | * |
| hp | pro_x360_fortis_g10_firmware | * |
| hp | z240_tower_firmware | * |
| hp | probook_455_g9_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | elitedesk_805_g6_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | prodesk_400_g5_firmware | * |
| hp | zhan_66_pro_a_14_g4_firmware | * |
| hp | probook_450_g4_firmware | * |
| hp | prodesk_400_g7_firmware | * |
| hp | engage_flex_mini_retail_system_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | z2_mini_g5_firmware | * |
| hp | eliteone_800_g5_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | zbook_firefly_g8_firmware | * |
| hp | proone_600_g3_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | mt44_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | probook_445r_g6_firmware | * |
| hp | prodesk_680_g6_pci_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | z2_mini_g9_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | prodesk_600_g6_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | z1_g8_tower_firmware | * |
| hp | eliteone_800_g4_healthcare_edition_firmware | * |
| hp | zbook_fury_16_g9_firmware | * |
| hp | prodesk_480_g4_firmware | * |
| hp | z238_microtower_firmware | * |
| hp | elitebook_645_g9_firmware | * |
| hp | elitebook_655_g9_firmware | * |
| hp | z2_small_form_factor_g9_firmware | * |
| hp | elite_mini_600_g9_firmware | * |
| hp | prodesk_600_g3_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | pro_x360_fortis_g9_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_445_g9_firmware | * |
| hp | zbook_studio_g8_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | proone_400_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | probook_445_g8_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | probook_445_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | mt22_firmware | * |
| hp | eliteone_840_g9_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | proone_440_g6_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | prodesk_480_g6_firmware | * |
| hp | prodesk_405_g8_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | zhan_66_pro_a_14_g5_firmware | * |
| hp | prodesk_480_g5_firmware | * |
| hp | prodesk_600_g5_firmware | * |
| hp | z2_tower_g4_firmware | * |
| hp | z240_small_form_factor_firmware | * |
| hp | eliteone_800_g4_firmware | * |
| hp | z2_tower_g8_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | elite_sff_600_g9_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | probook_455r_g6_firmware | * |
| hp | prodesk_600_g4_firmware | * |
| hp | proone_600_g6_firmware | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_fury_17_g7_firmware | * |
| hp | engage_flex_pro-c_retail_system_firmware | * |
| hp | probook_470_g4_firmware | * |
| hp | elite_dragonfly_g3_firmware | * |
| hp | mp9_g4_retail_system_firmware | * |
| hp | prodesk_400_g6_firmware | * |
| hp | z1_g9_tower_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | elitedesk_800_g3_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | probook_440_g4_firmware | * |
| hp | probook_455_g8_firmware | * |
| hp | mt21_firmware | * |
| hp | elite_tower_800_g9_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | elitebook_1040_g9_firmware | * |
| hp | elite_slice_g2_firmware | * |
| hp | proone_440_g9_firmware | * |
| hp | pro_mini_400_g9_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | proone_600_g4_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitedesk_880_g6_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | elitebook_845_g9_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | elitedesk_705_g4_firmware | * |
| hp | prodesk_405_g4_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | eliteone_800_g8_firmware | * |
| hp | eliteone_870_g9_firmware | * |
| hp | elitedesk_880_g8_firmware | * |
| hp | proone_440_g4_firmware | * |
| hp | prodesk_680_g4_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | zhan_66_pro_g5_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | probook_430_g4_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_800_g4_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | elite_x360_1040_g9_firmware | * |
| hp | elitedesk_705_g5_firmware | * |
| hp | elitebook_830_g9_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | elitebook_835_g9_firmware | * |
| hp | eliteone_1000_g1_firmware | * |
| hp | eliteone_1000_g2_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | elitedesk_800_g6_firmware | * |
| hp | elitebook_640_g9_firmware | * |
| hp | eliteone_800_g3_healthcare_edition_firmware | * |
| hp | zbook_power_g9_firmware | * |
| hp | engage_flex_pro_retail_system_firmware | * |
| hp | elitebook_650_g9_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | probook_635_aero_g8_firmware | * |
| hp | proone_400_g6_firmware | * |
| hp | prodesk_480_g7_pci_firmware | * |
| hp | elite_tower_680_g9_firmware | * |
| hp | elite_mini_800_g9_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | eliteone_800_g5_healthcare_edition_firmware | * |
| hp | proone_440_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | prodesk_400_g3_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | z2_mini_g3_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | elitedesk_880_g5_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | mt46_firmware | * |
| hp | elite_x360_830_g9_firmware | * |
| hp | elitebook_865_g9_firmware | * |
| hp | proone_400_g5_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | prodesk_400_g4_firmware | * |
| hp | elitedesk_800_g5_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | prodesk_405_g6_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | eliteone_800_g6_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | probook_440_g9_firmware | * |
| hp | probook_fortis_g10_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | proone_600_g5_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | proone_480_g3_firmware | * |
| hp | mt32_firmware | * |
| hp | elitebook_846_g5_healthcare_edition_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | elitedesk_800_g8_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | elite_tower_600_g9_firmware | * |
| hp | zbook_fury_g8_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | mt31_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_680_g3_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | eliteone_800_g3_firmware | * |
| hp | zbook_studio_g9_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | elitebook_860_g9_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | zbook_power_g8_firmware | * |
| hp | proone_400_g3_firmware | * |
| hp | elite_tower_880_g9_firmware | * |
| hp | pro_tower_480_g9_firmware | * |
| hp | pro_tower_400_g9_firmware | * |
| hp | z2_tower_g9_firmware | * |
| hp | elitedesk_880_g4_firmware | * |
| hp | pro_sff_400_g9_firmware | * |
| hp | probook_450_g9_firmware | * |
| hp | z2_small_form_factor_g8_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z2_mini_g4_firmware | * |
| hp | z2_small_form_factor_g4_firmware | * |
| hp | z1_all-in-one_g3_firmware | * |
| hp | elite_x2_g8__firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | mini_conferencing_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | zhan_66_pro_g3_firmware | * |
| hp | engage_one_pro_aio_system_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elitebook_840_g9_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | elitedesk_880_g3_firmware | * |
| hp | probook_455_g5_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | zbook_firefly_g9_firmware | * |
| hp | elitebook_846r_g4_firmware | * |
| hp | elitedesk_805_g8_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | elitebook_630_g9_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | mt45_firmware | * |
| hp | z2_small_form_factor_g5_firmware | * |
| hp | probook_fortis_g9_firmware | * |
| hp | z2_tower_g5_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | mt43_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | probook_x360_435_g8_firmware | * |
| hp | elite_sff_800_g9_firmware | * |
| hp | pro_mt440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | zhan_66_pro_14_g4_firmware | * |
| hp | pro_x360_fortis_g10_firmware | * |
| hp | z240_tower_firmware | * |
| hp | probook_455_g9_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | elitedesk_805_g6_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | prodesk_400_g5_firmware | * |
| hp | zhan_66_pro_a_14_g4_firmware | * |
| hp | probook_450_g4_firmware | * |
| hp | prodesk_400_g7_firmware | * |
| hp | engage_flex_mini_retail_system_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | z2_mini_g5_firmware | * |
| hp | eliteone_800_g5_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | zbook_firefly_g8_firmware | * |
| hp | proone_600_g3_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | mt44_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | probook_445r_g6_firmware | * |
| hp | prodesk_680_g6_pci_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | z2_mini_g9_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | prodesk_600_g6_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | z1_g8_tower_firmware | * |
| hp | eliteone_800_g4_healthcare_edition_firmware | * |
| hp | zbook_fury_16_g9_firmware | * |
| hp | prodesk_480_g4_firmware | * |
| hp | z238_microtower_firmware | * |
| hp | elitebook_645_g9_firmware | * |
| hp | elitebook_655_g9_firmware | * |
| hp | z2_small_form_factor_g9_firmware | * |
| hp | elite_mini_600_g9_firmware | * |
| hp | prodesk_600_g3_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | pro_x360_fortis_g9_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_445_g9_firmware | * |
| hp | zbook_studio_g8_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | proone_400_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | probook_445_g8_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | probook_445_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | mt22_firmware | * |
| hp | eliteone_840_g9_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | proone_440_g6_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | prodesk_480_g6_firmware | * |
| hp | prodesk_405_g8_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | zhan_66_pro_a_14_g5_firmware | * |
| hp | prodesk_480_g5_firmware | * |
| hp | prodesk_600_g5_firmware | * |
| hp | z2_tower_g4_firmware | * |
| hp | z240_small_form_factor_firmware | * |
| hp | eliteone_800_g4_firmware | * |
| hp | z2_tower_g8_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | elite_sff_600_g9_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | probook_455r_g6_firmware | * |
| hp | prodesk_600_g4_firmware | * |
| hp | proone_600_g6_firmware | * |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | zbook_fury_17_g7_firmware | * |
| hp | engage_flex_pro-c_retail_system_firmware | * |
| hp | probook_470_g4_firmware | * |
| hp | elite_dragonfly_g3_firmware | * |
| hp | mp9_g4_retail_system_firmware | * |
| hp | prodesk_400_g6_firmware | * |
| hp | z1_g9_tower_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | elitedesk_800_g3_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | probook_440_g4_firmware | * |
| hp | probook_455_g8_firmware | * |
| hp | mt21_firmware | * |
| hp | elite_tower_800_g9_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | elitebook_1040_g9_firmware | * |
| hp | elite_slice_g2_firmware | * |
| hp | proone_440_g9_firmware | * |
| hp | pro_mini_400_g9_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | proone_600_g4_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | elitedesk_880_g6_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | elitebook_845_g9_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | elitedesk_705_g4_firmware | * |
| hp | prodesk_405_g4_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | eliteone_800_g8_firmware | * |
| hp | eliteone_870_g9_firmware | * |
| hp | elitedesk_880_g8_firmware | * |
| hp | proone_440_g4_firmware | * |
| hp | prodesk_680_g4_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | zhan_66_pro_g5_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | probook_430_g4_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_800_g4_firmware | * |
| hp | elitebook_x360_1040_g8_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | elite_x360_1040_g9_firmware | * |
| hp | elitedesk_705_g5_firmware | * |
| hp | elitebook_830_g9_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | elitebook_835_g9_firmware | * |
| hp | eliteone_1000_g1_firmware | * |
| hp | eliteone_1000_g2_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | elitedesk_800_g6_firmware | * |
| hp | elitebook_640_g9_firmware | * |
| hp | eliteone_800_g3_healthcare_edition_firmware | * |
| hp | zbook_power_g9_firmware | * |
| hp | engage_flex_pro_retail_system_firmware | * |
| hp | elitebook_650_g9_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | probook_635_aero_g8_firmware | * |
| hp | proone_400_g6_firmware | * |
| hp | prodesk_480_g7_pci_firmware | * |
| hp | elite_tower_680_g9_firmware | * |
| hp | elite_mini_800_g9_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | eliteone_800_g5_healthcare_edition_firmware | * |
| hp | proone_440_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | prodesk_400_g3_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | z2_mini_g3_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | elitedesk_880_g5_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | mt46_firmware | * |
| hp | elite_x360_830_g9_firmware | * |
| hp | elitebook_865_g9_firmware | * |
| hp | proone_400_g5_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | prodesk_400_g4_firmware | * |
| hp | elitedesk_800_g5_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | prodesk_405_g6_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | eliteone_800_g6_firmware | * |
| hp | probook_440_g8_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | probook_440_g9_firmware | * |
| hp | probook_fortis_g10_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | proone_600_g5_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | proone_480_g3_firmware | * |
| hp | mt32_firmware | * |
| hp | elitebook_846_g5_healthcare_edition_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | elitedesk_800_g8_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | elite_tower_600_g9_firmware | * |
| hp | zbook_fury_g8_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | mt31_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_680_g3_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | eliteone_800_g3_firmware | * |
| hp | zbook_studio_g9_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | elitebook_860_g9_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | zbook_power_g8_firmware | * |
| hp | proone_400_g3_firmware | * |
| hp | elite_tower_880_g9_firmware | * |
| hp | pro_tower_480_g9_firmware | * |
| hp | pro_tower_400_g9_firmware | * |
| hp | z2_tower_g9_firmware | * |
| hp | elitedesk_880_g4_firmware | * |
| hp | pro_sff_400_g9_firmware | * |
| hp | probook_450_g9_firmware | * |
| hp | z2_small_form_factor_g8_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z2_mini_g4_firmware | * |
| hp | z2_small_form_factor_g4_firmware | * |
| hp | z1_all-in-one_g3_firmware | * |
| hp | elite_x2_g8__firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | mini_conferencing_firmware | * |
| hp | probook_630_g8_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | probook_440_g5_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | zhan_66_pro_g3_firmware | * |
| hp | engage_one_pro_aio_system_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elitebook_840_g9_firmware | * |
| hp | probook_450_g8_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | elitedesk_880_g3_firmware | * |
| hp | probook_455_g5_firmware | * |
| hp | probook_440_g6_firmware | * |
| hp | zbook_firefly_g9_firmware | * |
| hp | elitebook_846r_g4_firmware | * |
| hp | elitedesk_805_g8_firmware | * |
| hp | elitebook_x360_830_g8_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | elitebook_630_g9_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | mt45_firmware | * |
| hp | z2_small_form_factor_g5_firmware | * |
| hp | probook_fortis_g9_firmware | * |
| hp | z2_tower_g5_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | mt43_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | probook_x360_435_g8_firmware | * |
| hp | elite_sff_800_g9_firmware | * |
| hp | pro_mt440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | zhan_66_pro_14_g4_firmware | * |
| hp | pro_x360_fortis_g10_firmware | * |
| hp | z240_tower_firmware | * |
| hp | probook_455_g9_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | probook_650_g8_firmware | * |
| hp | elitedesk_805_g6_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | prodesk_400_g5_firmware | * |
| hp | zhan_66_pro_a_14_g4_firmware | * |
| hp | probook_450_g4_firmware | * |
| hp | prodesk_400_g7_firmware | * |
| hp | engage_flex_mini_retail_system_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | z2_mini_g5_firmware | * |
| hp | eliteone_800_g5_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | zbook_firefly_g8_firmware | * |
| hp | proone_600_g3_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | mt44_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | probook_445r_g6_firmware | * |
| hp | prodesk_680_g6_pci_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | z2_mini_g9_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | prodesk_600_g6_firmware | * |
| hp | probook_450_g6_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | z1_g8_tower_firmware | * |
| hp | eliteone_800_g4_healthcare_edition_firmware | * |
| hp | zbook_fury_16_g9_firmware | * |
| hp | prodesk_480_g4_firmware | * |
| hp | z238_microtower_firmware | * |
| hp | elitebook_645_g9_firmware | * |
| hp | elitebook_655_g9_firmware | * |
| hp | z2_small_form_factor_g9_firmware | * |
| hp | elite_mini_600_g9_firmware | * |
| hp | prodesk_600_g3_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | pro_x360_fortis_g9_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_445_g9_firmware | * |
| hp | zbook_studio_g8_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | proone_400_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | probook_430_g8_firmware | * |
| hp | probook_445_g8_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | probook_445_g6_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | mt22_firmware | * |
| hp | eliteone_840_g9_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | proone_440_g6_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | prodesk_480_g6_firmware | * |
| hp | prodesk_405_g8_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | zhan_66_pro_a_14_g5_firmware | * |
| hp | prodesk_480_g5_firmware | * |
| hp | prodesk_600_g5_firmware | * |
| hp | z2_tower_g4_firmware | * |
| hp | z240_small_form_factor_firmware | * |
| hp | eliteone_800_g4_firmware | * |
| hp | z2_tower_g8_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | elite_sff_600_g9_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | probook_455r_g6_firmware | * |
| hp | prodesk_600_g4_firmware | * |
| hp | proone_600_g6_firmware | * |
A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential vulnerability.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | elitedesk_805_g8_firmware | 02.05.02 |
| hp | zhan_66_pro_a_14_g5_firmware | 01.08.01 |
| hp | elite_x360_1040_g9_firmware | 01.03.01 |
| hp | zbook_fury_16_g9_firmware | 01.03.02 |
| hp | zbook_power_g8_firmware | 01.10.00 |
| hp | pro_tower_400_g9_firmware | 02.05.00 |
| hp | elite_mini_600_g9_firmware | 02.05.00 |
| hp | elitebook_855_g8_firmware | 01.10.00 |
| hp | probook_x360_11_g7_ee_firmware | 01.10.00 |
| hp | probook_635_aero_g8_firmware | 01.10.00 |
| hp | elitebook_835_g8_firmware | 01.10.00 |
| hp | elitedesk_800_g8_firmware | 02.09.01 |
| hp | elitebook_645_g9_firmware | 01.08.01 |
| hp | probook_455_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_g5_firmware | 01.04.00 |
| hp | probook_450_g8_firmware | 01.10.00 |
| hp | elite_x360_830_g9_firmware | 01.03.01 |
| hp | elitebook_655_g9_firmware | 01.08.01 |
| hp | zhan_66_pro_a_14_g4_firmware | 01.10.00 |
| hp | elitebook_630_g9_firmware | 01.04.00 |
| hp | elitebook_850_g8_firmware | 01.10.00 |
| hp | elitebook_x360_830_g8_firmware | 01.10.00 |
| hp | z1_g9_tower_firmware | 02.05.01 |
| hp | hp_z2_tower_g8_firmware | 01.05.02 |
| hp | probook_640_g8_firmware | 01.10.00 |
| hp | elite_mt645_g7_firmware | 01.10.01 |
| hp | probook_455_g9_firmware | 01.08.01 |
| hp | elitebook_840_aero_g8_firmware | 01.10.00 |
| hp | hp_z2_tower_g9_firmware | 01.04.00 |
| hp | dragonfly_folio_g3_firmware | 01.03.01 |
| hp | elitebook_830_g8_firmware | 01.10.00 |
| hp | eliteone_870_g9_firmware | 02.06.00 |
| hp | elitebook_830_g9_firmware | 01.03.01 |
| hp | elitebook_840_g8_firmware | 01.10.00 |
| hp | elitebook_840_g9_firmware | 01.03.01 |
| hp | elite_sff_600_g9_firmware | 02.05.01 |
| hp | eliteone_800_g8_24_firmware | 02.09.01 |
| hp | probook_440_g8_firmware | 01.10.00 |
| hp | elite_dragonfly_g3_firmware | 01.03.01 |
| hp | pro_x360_fortis_g9_firmware | 01.03.00 |
| hp | elitebook_845_g9_firmware | 01.02.01 |
| hp | z1_g8_tower_firmware | 02.09.01 |
| hp | elite_sff_800_g9_firmware | 02.05.01 |
| hp | eliteone_840_g9_firmware | 02.06.00 |
| hp | elitebook_860_g9_firmware | 01.03.01 |
| hp | zbook_firefly_g9_firmware | 01.03.01 |
| hp | zbook_studio_g9_firmware | 01.03.01 |
| hp | pro_x360_fortis_g10_firmware | 01.03.00 |
| hp | zbook_power_g9_firmware | 01.03.00 |
| hp | elite_tower_880_g9_firmware | 02.05.01 |
| hp | eliteone_800_g8_27_firmware | 02.09.01 |
| hp | probook_445_g9_firmware | 01.08.01 |
| hp | elitedesk_880_g8_firmware | 02.09.01 |
| hp | elite_x2_g8_firmware | 01.10.00 |
| hp | probook_440_g9_firmware | 01.04.00 |
| hp | probook_fortis_g9_firmware | 01.03.00 |
| hp | elite_dragonfly_max_firmware | 01.10.00 |
| hp | probook_630_g8_firmware | 01.10.00 |
| hp | probook_x360_435_g8_firmware | 01.10.00 |
| hp | engage_go_10_firmware | 01.10.00 |
| hp | elite_tower_680_g9_firmware | 02.05.01 |
| hp | elite_tower_600_g9_firmware | 02.05.01 |
| hp | zbook_fury_g8_firmware | 01.10.00 |
| hp | elitebook_865_g9_firmware | 01.02.01 |
| hp | elite_tower_800_g9_firmware | 02.05.01 |
| hp | elitebook_x360_1040_g8_firmware | 01.10.00 |
| hp | hp_z2_mini_g9_firmware | 01.04.00 |
| hp | hp_z2_small_form_factor_g8_firmware | 01.05.02 |
| hp | probook_430_g8_firmware | 01.10.00 |
| hp | prodesk_405_g8_firmware | 02.05.02 |
| hp | probook_fortis_g10_firmware | 01.03.00 |
| hp | pro_mini_400_g9_firmware | 02.05.00 |
| hp | elitebook_x360_1030_g8_firmware | 01.10.00 |
| hp | pro_sff_400_g9_firmware | 02.05.00 |
| hp | zbook_firefly_g8_firmware | 01.10.00 |
| hp | probook_445_g8_firmware | 01.10.00 |
| hp | elite_dragonfly_g2_firmware | 01.10.00 |
| hp | elitebook_1040_g9_firmware | 01.03.01 |
| hp | probook_650_g8_firmware | 01.10.00 |
| hp | elitebook_845_g8_firmware | 01.10.00 |
| hp | pro_tower_480_g9_firmware | 02.05.00 |
| hp | elitebook_650_g9_firmware | 01.04.00 |
| hp | zbook_studio_g8_firmware | 01.10.00 |
| hp | elite_mini_800_g9_firmware | 02.05.00 |
| hp | elitebook_835_g9_firmware | 01.02.01 |
| hp | pro_mt440_g3_firmware | 01.05.00 |
| hp | hp_z2_small_form_factor_g9_firmware | 01.04.00 |
| hp | probook_450_g9_firmware | 01.04.00 |
| hp | proone_440_g9_firmware | 02.05.00 |
| hp | elitebook_640_g9_firmware | 01.04.00 |
| hp | mini_conferencing_pc_firmware | 02.05.00 |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | z1_entry_tower_g6_workstation_firmware | 02.12.01 |
| hp | probook_445_g7_firmware | 01.10.00 |
| hp | zbook_fury_16_g9_firmware | 01.03.02 |
| hp | probook_450_g5_firmware | 01.21.01 |
| hp | elitebook_836_g6_firmware | 01.21.01 |
| hp | elite_slice_g2_firmware | 2.59 |
| hp | elitebook_645_g9_firmware | 01.08.01 |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_880_g3_tower_firmware | 2.44 |
| hp | probook_430_g6_firmware | 01.21.01 |
| hp | engage_go_10_mobile_system_firmware | 01.10.00 |
| hp | elitebook_845_g7_firmware | 01.10.00 |
| hp | zhan_x_13_g2_firmware | 01.21.01 |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_800_g6_desktop_mini_firmware | 02.12.01 |
| hp | probook_470_g5_firmware | 01.21.01 |
| hp | elitebook_735_g6_firmware | 01.21.01 |
| hp | prodesk_405_g8_desktop_mini_firmware | 02.05.02 |
| hp | elitedesk_705_g5_desktop_mini_firmware | 02.15.00 |
| hp | elite_x2_1013_g3_firmware | 01.21.01 |
| hp | elitedesk_800_g8_desktop_mini_firmware | 02.09.01 |
| hp | probook_440_g6_firmware | 01.21.01 |
| hp | prodesk_405_g6_desktop_mini_firmware | 02.09.01 |
| hp | engage_go_mobile_system_firmware | 01.21.01 |
| hp | mt44_mobile_thin_client_firmware | 01.21.01 |
| hp | elitebook_855_g7_firmware | 01.10.00 |
| hp | engage_flex_mini_retail_system_firmware | 02.12.01 |
| hp | prodesk_600_g5_small_form_factor_firmware | 02.15.00 |
| hp | z2_tower_g8_workstation_firmware | 01.06.00 |
| hp | z1_g8_tower_firmware | 02.09.01 |
| hp | elitebook_850_g5_firmware | 01.21.01 |
| hp | probook_430_g5_firmware | 01.21.01 |
| hp | zbook_14u_g6_firmware | 01.21.01 |
| hp | probook_440_g5_firmware | 01.21.01 |
| hp | elitedesk_800_65w_g2_desktop_mini_firmware | 2.59 |
| hp | elitebook_830_g7_firmware | 01.10.00 |
| hp | zbook_15_g5_firmware | 01.21.02 |
| hp | probook_440_g7_firmware | 01.14.00 |
| hp | probook_fortis_g9_firmware | 01.03.00 |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_800_g4_workstation_firmware | 02.20.01 |
| hp | elite_x2_1012_g1_firmware | 1.57 |
| hp | elite_x2_g4_firmware | 01.21.01 |
| hp | elitedesk_800_35w_g2_desktop_mini_firmware | 2.59 |
| hp | prodesk_405_g6_small_form_factor_firmware | 02.09.01 |
| hp | elitedesk_800_g5_desktop_mini_firmware | 02.15.00 |
| hp | elitedesk_880_g6_tower_firmware | 02.12.01 |
| hp | probook_650_g4_firmware | 01.21.01 |
| hp | prodesk_400_g4_desktop_mini_firmware | 02.21.00 |
| hp | elitebook_745_g6_firmware | 01.21.01 |
| hp | prodesk_405_g4_desktop_mini_firmware | 02.20.00 |
| hp | prodesk_405_g4_small_form_factor_firmware | 02.20.00 |
| hp | pro_mini_400_g9_firmware | 02.05.00 |
| hp | elitebook_1040_g4_firmware | 1.44 |
| hp | prodesk_400_g6_desktop_mini_firmware | 02.12.01 |
| hp | proone_600_g5_21.5-in_all-in-one_business_firmware | 02.15.00 |
| hp | elitebook_x360_1030_g8_firmware | 01.10.00 |
| hp | z2_small_form_factor_g8_workstation_firmware | 01.06.00 |
| hp | zhan_66_pro_14_g4_firmware | 01.10.00 |
| hp | elitedesk_800_g6_tower_firmware | 02.12.01 |
| hp | probook_x360_11_g4_ee_firmware | 01.16.00 |
| hp | elitedesk_880_g8_tower_firmware | 02.09.01 |
| hp | prodesk_600_g4_microtower_firmware | 02.21.00 |
| hp | elitedesk_880_g4_tower_firmware | 02.21.00 |
| hp | pro_tower_480_g9_firmware | 02.05.00 |
| hp | elitebook_x360_1040_g7_firmware | 01.10.00 |
| hp | zhan_66_pro_g1_firmware | 01.21.01 |
| hp | zbook_17_g5_firmware | 01.21.02 |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_firmware | 02.21.00 |
| hp | zhan_66_pro_g3_24_all-in-one_firmware | 02.12.01 |
| hp | zbook_firefly_15_g7_firmware | 01.10.00 |
| hp | zhan_66_pro_13_g2_firmware | 01.21.01 |
| hp | prodesk_600_g3_microtower_firmware | 2.44 |
| hp | prodesk_600_g6_small_form_factor_firmware | 02.12.01 |
| hp | elitebook_x360_1030_g4_firmware | 01.21.01 |
| hp | engage_one_pro_aio_system_firmware | 02.12.01 |
| hp | elitebook_840_g7_firmware | 01.10.00 |
| hp | elite_mini_600_g9_firmware | 02.05.00 |
| hp | elitebook_855_g8_firmware | 01.10.00 |
| hp | probook_635_aero_g8_firmware | 01.10.00 |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | 02.15.00 |
| hp | prodesk_600_g5_microtower_firmware | 02.15.00 |
| hp | elitebook_835_g8_firmware | 01.10.00 |
| hp | probook_640_g7_firmware | 01.10.00 |
| hp | proone_440_g6_24_all-in-one_firmware | 02.12.01 |
| hp | probook_455_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_g5_firmware | 01.04.00 |
| hp | probook_450_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_15_g2_firmware | 01.21.01 |
| hp | elitebook_1050_g1_firmware | 01.22.00 |
| hp | elitebook_735_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_firmware | 2.44 |
| hp | elitebook_655_g9_firmware | 01.08.01 |
| hp | z2_small_form_factor_g5_workstation_firmware | 01.04.07 |
| hp | prodesk_480_g6_microtower_firmware | 02.15.00 |
| hp | elitedesk_800_g4_tower_firmware | 02.21.00 |
| hp | prodesk_400_g6_microtower_firmware | 02.15.00 |
| hp | elitedesk_800_g8_tower_firmware | 02.09.01 |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | probook_650_g7_firmware | 01.10.00 |
| hp | elitedesk_805_g6_small_form_factor_firmware | 02.09.01 |
| hp | z2_mini_g4_workstation_firmware | 01.08.03 |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | elitedesk_800_65w_g4_desktop_mini_firmware | 02.20.01 |
| hp | engage_flex_pro_retail_system_firmware | 02.21.00 |
| hp | elitebook_x360_1040_g6_firmware | 01.21.01 |
| hp | prodesk_680_g2_microtower_firmware | 2.59 |
| hp | elitedesk_880_g5_tower_firmware | 02.15.00 |
| hp | prodesk_600_g6_firmware | 02.12.01 |
| hp | probook_x360_11_g3_ee_firmware | 01.20.00 |
| hp | proone_400_g6_20_all-in-one_firmware | 02.12.01 |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | dragonfly_folio_g3_2-in-1_firmware | 01.01.03 |
| hp | elitebook_845_g9_firmware | 01.02.01 |
| hp | elite_sff_800_g9_firmware | 02.05.01 |
| hp | prodesk_600_g3_desktop_mini_firmware | 2.44 |
| hp | eliteone_800_g5_23.8-in_all-in-one_firmware | 02.15.00 |
| hp | zbook_power_g7_firmware | 01.10.00 |
| hp | proone_400_g5_20-inch_all-in-one_business_firmware | 02.15.00 |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_firmware | 02.21.00 |
| hp | eliteone_800_g3_23.8_non-touch_all-in-one_business_firmware | 2.44 |
| hp | eliteone_800_g6_24_all-in-one_firmware | 02.12.01 |
| hp | zbook_power_g9_firmware | 01.03.00 |
| hp | zbook_15_g6_firmware | 01.21.02 |
| hp | elite_x2_g8_firmware | 01.10.00 |
| hp | elite_x360_830_g9_2-in-1_firmware | 01.03.01 |
| hp | prodesk_600_g6_microtower_firmware | 02.12.01 |
| hp | probook_630_g8_firmware | 01.10.00 |
| hp | elitedesk_805_g8_small_form_factor_firmware | 02.05.02 |
| hp | elitebook_1040_g3_firmware | 1.57 |
| hp | zbook_15u_g5_firmware | 01.21.01 |
| hp | prodesk_600_g6_desktop_mini_firmware | 02.12.01 |
| hp | zbook_create_g7_firmware | 01.10.00 |
| hp | prodesk_680_g6_firmware | 02.12.01 |
| hp | elitebook_x360_1040_g5_firmware | 01.21.01 |
| hp | elitebook_865_g9_firmware | 01.02.01 |
| hp | elitedesk_800_g3_small_form_factor_firmware | 2.44 |
| hp | elitedesk_705_g4_small_form_factor_firmware | 02.20.00 |
| hp | zbook_fury_15_g7_firmware | 01.10.00 |
| hp | elitebook_x360_1040_g8_firmware | 01.10.00 |
| hp | mp9_g2_retail_system_firmware | 2.59 |
| hp | rp9_g1_retail_system_firmware | 2.59 |
| hp | prodesk_405_g8_small_form_factor_firmware | 02.05.02 |
| hp | probook_445r_g6_firmware | 01.21.01 |
| hp | elitebook_850_g6_firmware | 01.21.01 |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_firmware | 02.21.00 |
| hp | elitebook_1040_g9_firmware | 01.03.01 |
| hp | proone_400_g3_20-inch_touch_all-in-one_firmware | 2.44 |
| hp | z2_mini_g5_workstation_firmware | 01.04.07 |
| hp | elitebook_835_g9_firmware | 01.02.01 |
| hp | elitebook_x360_830_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_firmware | 2.44 |
| hp | proone_400_g5_23.8-inch_all-in-one_business_firmware | 02.15.00 |
| hp | proone_600_g6_22_all-in-one_firmware | 02.12.01 |
| hp | elite_dragonfly_firmware | 01.21.01 |
| hp | zbook_studio_x360_g5_firmware | 01.21.02 |
| hp | elitedesk_800_g5_tower_firmware | 02.15.00 |
| hp | probook_445_g6_firmware | 01.21.01 |
| hp | eliteone_800_g8_24_all-in-one_firmware | 02.09.01 |
| hp | zhan_66_pro_a_14_g5_firmware | 01.08.01 |
| hp | prodesk_600_g2_small_form_factor_firmware | 2.59 |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | zhan_66_pro_14_g2_firmware | 01.21.01 |
| hp | probook_x360_11_g7_ee_firmware | 01.10.00 |
| hp | zbook_studio_g7_firmware | 01.10.00 |
| hp | prodesk_600_g3_small_form_factor_firmware | 2.44 |
| hp | zhan_66_pro_a_14_g4_firmware | 01.10.00 |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitebook_630_g9_firmware | 01.04.00 |
| hp | elitebook_850_g8_firmware | 01.10.00 |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | elitebook_x360_830_g8_firmware | 01.10.00 |
| hp | probook_640_g5_firmware | 01.21.01 |
| hp | probook_640_g8_firmware | 01.10.00 |
| hp | prodesk_400_g5_desktop_mini_firmware | 02.15.00 |
| hp | probook_455_g9_firmware | 01.08.01 |
| hp | prodesk_600_g4_small_form_factor_firmware | 02.21.00 |
| hp | elitebook_840_aero_g8_firmware | 01.10.00 |
| hp | elitedesk_800_g6_small_form_factor_firmware | 02.12.01 |
| hp | elitedesk_800_35w_g4_desktop_mini_firmware | 02.21.00 |
| hp | z2_tower_g5_workstation_firmware | 01.04.07 |
| hp | elitebook_x360_830_g6_firmware | 01.21.01 |
| hp | probook_645_g4_firmware | 01.21.01 |
| hp | elite_x360_1040_g9_2-in-1_firmware | 01.03.01 |
| hp | elitebook_830_g5_firmware | 01.21.01 |
| hp | probook_455r_g6_firmware | 01.21.01 |
| hp | prodesk_400_g7_small_form_factor_firmware | 02.12.01 |
| hp | elitebook_830_g8_firmware | 01.10.00 |
| hp | probook_x360_11_g6_ee_firmware | 01.12.00 |
| hp | elitebook_830_g9_firmware | 01.03.01 |
| hp | elitebook_840_g8_firmware | 01.10.00 |
| hp | elitebook_840_g9_firmware | 01.03.01 |
| hp | probook_x360_440_g1_firmware | 01.21.01 |
| hp | elitebook_835_g7_firmware | 01.10.00 |
| hp | probook_440_g8_firmware | 01.10.00 |
| hp | pro_x360_fortis_g9_firmware | 01.03.00 |
| hp | z1_entry_tower_g5_workstation_firmware | 02.15.00 |
| hp | elitedesk_800_g2_small_form_factor_firmware | 2.59 |
| hp | elitebook_840_g6_firmware | 01.21.01 |
| hp | mt45_mobile_thin_client_firmware | 01.21.10 |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_firmware | 02.21.00 |
| hp | prodesk_480_g4_microtower_firmware | 2.44 |
| hp | zbook_studio_g9_firmware | 01.03.01 |
| hp | eliteone_840_23.8_inch_g9_all-in-one_firmware | 02.06.00 |
| hp | proone_440_g5_23.8-in_all-in-one_business_firmware | 02.15.00 |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | elitedesk_800_g4_small_form_factor_firmware | 02.21.00 |
| hp | elite_tower_880_g9_firmware | 02.05.01 |
| hp | probook_445_g9_firmware | 01.08.01 |
| hp | zbook_firefly_15_g8_firmware | 01.10.00 |
| hp | eliteone_800_g6_27_all-in-one_firmware | 02.12.01 |
| hp | elitedesk_800_35w_g3_desktop_mini_firmware | 2.44 |
| hp | probook_440_g9_firmware | 01.04.00 |
| hp | proone_400_g6_24_all-in-one_firmware | 02.12.01 |
| hp | prodesk_400_g5_small_form_factor_firmware | 02.21.00 |
| hp | elite_dragonfly_max_firmware | 01.10.00 |
| hp | elitedesk_805_g6_desktop_mini_firmware | 02.09.01 |
| hp | prodesk_400_g4_microtower_firmware | 2.44 |
| hp | probook_x360_11_g5_ee_firmware | 01.11.00 |
| hp | probook_x360_435_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_14_g3_firmware | 01.14.00 |
| hp | elitedesk_800_95w_g4_desktop_mini_firmware | 02.20.01 |
| hp | prodesk_600_g2_desktop_mini_firmware | 2.59 |
| hp | probook_455_g7_firmware | 01.10.00 |
| hp | probook_x360_435_g7_firmware | 01.10.01 |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_firmware | 02.21.00 |
| hp | probook_650_g5_firmware | 01.21.01 |
| hp | elitedesk_800_g3_tower_firmware | 2.44 |
| hp | mp9_g4_retail_system_firmware | 02.21.00 |
| hp | zbook_fury_17_g8_firmware | 01.10.00 |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_firmware | 2.44 |
| hp | mt46_mobile_thin_client_firmware | 01.10.00 |
| hp | zhan_66_pro_g3_22_all-in-one_firmware | 02.12.01 |
| hp | elitebook_1030_g1_firmware | 1.57 |
| hp | prodesk_600_g2_microtower_firmware | 2.59 |
| hp | probook_fortis_g10_firmware | 01.03.00 |
| hp | zbook_15u_g6_firmware | 01.21.01 |
| hp | z2_tower_g4_workstation_firmware | 01.08.03 |
| hp | pro_sff_400_g9_firmware | 02.05.00 |
| hp | engage_flex_pro-c_retail_system_firmware | 02.21.00 |
| hp | elitedesk_705_g4_workstation_firmware | 02.19.01 |
| hp | eliteone_800_g8_27_all-in-one_firmware | 02.09.01 |
| hp | prodesk_400_g4_small_form_factor_firmware | 2.44 |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_firmware | 02.21.00 |
| hp | probook_650_g8_firmware | 01.10.00 |
| hp | prodesk_600_g4_desktop_mini_firmware | 02.21.00 |
| hp | zbook_studio_g8_firmware | 01.10.00 |
| hp | elite_mini_800_g9_firmware | 02.05.00 |
| hp | prodesk_480_g7_firmware | 02.12.01 |
| hp | prodesk_400_g7_microtower_firmware | 02.12.01 |
| hp | eliteone_800_g4_23.8-in_all-in-one_business_firmware | 02.21.00 |
| hp | probook_450_g6_firmware | 01.21.01 |
| hp | zbook_power_g8_firmware | 01.10.00 |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_firmware | 2.44 |
| hp | pro_tower_400_g9_firmware | 02.05.00 |
| hp | prodesk_600_g5_desktop_mini_firmware | 02.15.00 |
| hp | prodesk_400_g5_microtower_firmware | 02.21.00 |
| hp | probook_455_g6_firmware | 01.21.01 |
| hp | elite_slice_firmware | 2.59 |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_firmware | 2.44 |
| hp | zhan_66_pro_a_14_g3_firmware | 01.10.00 |
| hp | z1_g9_tower_firmware | 02.05.01 |
| hp | elitedesk_705_g5_small_form_factor_firmware | 02.15.00 |
| hp | elitebook_840r_g4_firmware | 01.21.01 |
| hp | elitebook_840_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_firmware | 2.44 |
| hp | prodesk_680_g3_microtower_firmware | 2.44 |
| hp | elite_sff_600_g9_firmware | 02.05.01 |
| hp | probook_455_g5_firmware | 01.21.01 |
| hp | zbook_studio_g5_firmware | 01.21.02 |
| hp | zbook_firefly_14_g9_firmware | 01.03.01 |
| hp | elitedesk_705_g3_firmware | 2.41 |
| hp | elite_dragonfly_g3_firmware | 01.03.01 |
| hp | elitebook_745_g5_firmware | 01.21.01 |
| hp | elitebook_860_g9_firmware | 01.03.01 |
| hp | zhan_66_pro_15_g3_firmware | 01.14.00 |
| hp | elitedesk_800_g8_small_form_factor_firmware | 02.09.01 |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_firmware | 2.44 |
| hp | zbook_firefly_16_g9_firmware | 01.03.01 |
| hp | elitebook_755_g5_firmware | 01.21.01 |
| hp | pro_x360_fortis_g10_firmware | 01.03.00 |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_firmware | 2.44 |
| hp | zbook_firefly_14_g8_firmware | 01.10.00 |
| hp | elite_folio_2-in-1_firmware | not_impacted |
| hp | elite_x2_1012_g2_firmware | 1.43 |
| hp | elitebook_x360_830_g7_firmware | 01.10.00 |
| hp | prodesk_480_g5_microtower_firmware | 02.21.00 |
| hp | elitebook_846_g5_firmware | 01.21.01 |
| hp | elitebook_x360_1030_g7_firmware | 01.10.00 |
| hp | prodesk_400_g3_desktop_mini_firmware | 2.44 |
| hp | elite_tower_680_g9_firmware | 02.05.01 |
| hp | elitebook_850_g7_firmware | 01.10.00 |
| hp | elite_tower_600_g9_firmware | 02.05.01 |
| hp | z2_small_form_factor_g4_workstation_firmware | 01.08.03 |
| hp | zbook_17_g6_firmware | 01.21.02 |
| hp | proone_400_g2_20-inch_touch_all-in-one_firmware | 2.59 |
| hp | prodesk_680_g4_microtower_firmware | 02.21.00 |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | probook_450_g7_firmware | 01.14.00 |
| hp | elite_tower_800_g9_firmware | 02.05.01 |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_firmware | 2.59 |
| hp | prodesk_400_g6_small_form_factor_firmware | 02.15.00 |
| hp | probook_430_g8_firmware | 01.10.00 |
| hp | elitedesk_800_g5_small_form_factor_firmware | 02.15.00 |
| hp | elitedesk_705_g4_desktop_mini_firmware | 02.20.00 |
| hp | zbook_14u_g5_firmware | 01.21.01 |
| hp | proone_440_23.8_inch_g9_all-in-one_firmware | 02.05.00 |
| hp | probook_640_g4_firmware | 01.21.01 |
| hp | engage_one_aio_system_firmware | 2.44 |
| hp | probook_430_g7_firmware | 01.14.00 |
| hp | elitedesk_800_65w_g3_desktop_mini_firmware | 2.44 |
| hp | probook_445_g8_firmware | 01.10.00 |
| hp | elite_dragonfly_g2_firmware | 01.10.00 |
| hp | elitebook_845_g8_firmware | 01.10.00 |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitebook_830_g6_firmware | 01.21.01 |
| hp | elitebook_x360_1030_g3_firmware | 01.21.01 |
| hp | elitedesk_705_g4_microtower_firmware | 02.20.00 |
| hp | elitebook_650_g9_firmware | 01.04.00 |
| hp | zbook_fury_17_g7_firmware | 01.10.00 |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_firmware | 2.59 |
| hp | zbook_fury_15_g8_firmware | 01.10.00 |
| hp | probook_450_g9_firmware | 01.04.00 |
| hp | elitedesk_805_g8_desktop_mini_firmware | 02.05.02 |
| hp | elitebook_640_g9_firmware | 01.04.00 |
| hp | elitebook_836_g5_firmware | 01.21.01 |
| hp | zbook_firefly_14_g7_firmware | 01.10.00 |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | z1_entry_tower_g6_workstation_firmware | 02.12.01 |
| hp | probook_445_g7_firmware | 01.10.00 |
| hp | zbook_fury_16_g9_firmware | 01.03.02 |
| hp | probook_450_g5_firmware | 01.21.01 |
| hp | elitebook_836_g6_firmware | 01.21.01 |
| hp | elite_slice_g2_firmware | 2.59 |
| hp | elitebook_645_g9_firmware | 01.08.01 |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_880_g3_tower_firmware | 2.44 |
| hp | probook_430_g6_firmware | 01.21.01 |
| hp | engage_go_10_mobile_system_firmware | 01.10.00 |
| hp | elitebook_845_g7_firmware | 01.10.00 |
| hp | zhan_x_13_g2_firmware | 01.21.01 |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_800_g6_desktop_mini_firmware | 02.12.01 |
| hp | probook_470_g5_firmware | 01.21.01 |
| hp | elitebook_735_g6_firmware | 01.21.01 |
| hp | prodesk_405_g8_desktop_mini_firmware | 02.05.02 |
| hp | elitedesk_705_g5_desktop_mini_firmware | 02.15.00 |
| hp | elite_x2_1013_g3_firmware | 01.21.01 |
| hp | elitedesk_800_g8_desktop_mini_firmware | 02.09.01 |
| hp | probook_440_g6_firmware | 01.21.01 |
| hp | prodesk_405_g6_desktop_mini_firmware | 02.09.01 |
| hp | engage_go_mobile_system_firmware | 01.21.01 |
| hp | mt44_mobile_thin_client_firmware | 01.21.01 |
| hp | elitebook_855_g7_firmware | 01.10.00 |
| hp | engage_flex_mini_retail_system_firmware | 02.12.01 |
| hp | prodesk_600_g5_small_form_factor_firmware | 02.15.00 |
| hp | z2_tower_g8_workstation_firmware | 01.06.00 |
| hp | z1_g8_tower_firmware | 02.09.01 |
| hp | elitebook_850_g5_firmware | 01.21.01 |
| hp | probook_430_g5_firmware | 01.21.01 |
| hp | zbook_14u_g6_firmware | 01.21.01 |
| hp | probook_440_g5_firmware | 01.21.01 |
| hp | elitedesk_800_65w_g2_desktop_mini_firmware | 2.59 |
| hp | elitebook_830_g7_firmware | 01.10.00 |
| hp | zbook_15_g5_firmware | 01.21.02 |
| hp | probook_440_g7_firmware | 01.14.00 |
| hp | probook_fortis_g9_firmware | 01.03.00 |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_800_g4_workstation_firmware | 02.20.01 |
| hp | elite_x2_1012_g1_firmware | 1.57 |
| hp | elite_x2_g4_firmware | 01.21.01 |
| hp | elitedesk_800_35w_g2_desktop_mini_firmware | 2.59 |
| hp | prodesk_405_g6_small_form_factor_firmware | 02.09.01 |
| hp | elitedesk_800_g5_desktop_mini_firmware | 02.15.00 |
| hp | elitedesk_880_g6_tower_firmware | 02.12.01 |
| hp | probook_650_g4_firmware | 01.21.01 |
| hp | prodesk_400_g4_desktop_mini_firmware | 02.21.00 |
| hp | elitebook_745_g6_firmware | 01.21.01 |
| hp | prodesk_405_g4_desktop_mini_firmware | 02.20.00 |
| hp | prodesk_405_g4_small_form_factor_firmware | 02.20.00 |
| hp | pro_mini_400_g9_firmware | 02.05.00 |
| hp | elitebook_1040_g4_firmware | 1.44 |
| hp | prodesk_400_g6_desktop_mini_firmware | 02.12.01 |
| hp | proone_600_g5_21.5-in_all-in-one_business_firmware | 02.15.00 |
| hp | elitebook_x360_1030_g8_firmware | 01.10.00 |
| hp | z2_small_form_factor_g8_workstation_firmware | 01.06.00 |
| hp | zhan_66_pro_14_g4_firmware | 01.10.00 |
| hp | elitedesk_800_g6_tower_firmware | 02.12.01 |
| hp | probook_x360_11_g4_ee_firmware | 01.16.00 |
| hp | elitedesk_880_g8_tower_firmware | 02.09.01 |
| hp | prodesk_600_g4_microtower_firmware | 02.21.00 |
| hp | elitedesk_880_g4_tower_firmware | 02.21.00 |
| hp | pro_tower_480_g9_firmware | 02.05.00 |
| hp | elitebook_x360_1040_g7_firmware | 01.10.00 |
| hp | zhan_66_pro_g1_firmware | 01.21.01 |
| hp | zbook_17_g5_firmware | 01.21.02 |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_firmware | 02.21.00 |
| hp | zhan_66_pro_g3_24_all-in-one_firmware | 02.12.01 |
| hp | zbook_firefly_15_g7_firmware | 01.10.00 |
| hp | zhan_66_pro_13_g2_firmware | 01.21.01 |
| hp | prodesk_600_g3_microtower_firmware | 2.44 |
| hp | prodesk_600_g6_small_form_factor_firmware | 02.12.01 |
| hp | elitebook_x360_1030_g4_firmware | 01.21.01 |
| hp | engage_one_pro_aio_system_firmware | 02.12.01 |
| hp | elitebook_840_g7_firmware | 01.10.00 |
| hp | elite_mini_600_g9_firmware | 02.05.00 |
| hp | elitebook_855_g8_firmware | 01.10.00 |
| hp | probook_635_aero_g8_firmware | 01.10.00 |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | 02.15.00 |
| hp | prodesk_600_g5_microtower_firmware | 02.15.00 |
| hp | elitebook_835_g8_firmware | 01.10.00 |
| hp | probook_640_g7_firmware | 01.10.00 |
| hp | proone_440_g6_24_all-in-one_firmware | 02.12.01 |
| hp | probook_455_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_g5_firmware | 01.04.00 |
| hp | probook_450_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_15_g2_firmware | 01.21.01 |
| hp | elitebook_1050_g1_firmware | 01.22.00 |
| hp | elitebook_735_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_firmware | 2.44 |
| hp | elitebook_655_g9_firmware | 01.08.01 |
| hp | z2_small_form_factor_g5_workstation_firmware | 01.04.07 |
| hp | prodesk_480_g6_microtower_firmware | 02.15.00 |
| hp | elitedesk_800_g4_tower_firmware | 02.21.00 |
| hp | prodesk_400_g6_microtower_firmware | 02.15.00 |
| hp | elitedesk_800_g8_tower_firmware | 02.09.01 |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | probook_650_g7_firmware | 01.10.00 |
| hp | elitedesk_805_g6_small_form_factor_firmware | 02.09.01 |
| hp | z2_mini_g4_workstation_firmware | 01.08.03 |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | elitedesk_800_65w_g4_desktop_mini_firmware | 02.20.01 |
| hp | engage_flex_pro_retail_system_firmware | 02.21.00 |
| hp | elitebook_x360_1040_g6_firmware | 01.21.01 |
| hp | prodesk_680_g2_microtower_firmware | 2.59 |
| hp | elitedesk_880_g5_tower_firmware | 02.15.00 |
| hp | prodesk_600_g6_firmware | 02.12.01 |
| hp | probook_x360_11_g3_ee_firmware | 01.20.00 |
| hp | proone_400_g6_20_all-in-one_firmware | 02.12.01 |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | dragonfly_folio_g3_2-in-1_firmware | 01.01.03 |
| hp | elitebook_845_g9_firmware | 01.02.01 |
| hp | elite_sff_800_g9_firmware | 02.05.01 |
| hp | prodesk_600_g3_desktop_mini_firmware | 2.44 |
| hp | eliteone_800_g5_23.8-in_all-in-one_firmware | 02.15.00 |
| hp | zbook_power_g7_firmware | 01.10.00 |
| hp | proone_400_g5_20-inch_all-in-one_business_firmware | 02.15.00 |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_firmware | 02.21.00 |
| hp | eliteone_800_g3_23.8_non-touch_all-in-one_business_firmware | 2.44 |
| hp | eliteone_800_g6_24_all-in-one_firmware | 02.12.01 |
| hp | zbook_power_g9_firmware | 01.03.00 |
| hp | zbook_15_g6_firmware | 01.21.02 |
| hp | elite_x2_g8_firmware | 01.10.00 |
| hp | elite_x360_830_g9_2-in-1_firmware | 01.03.01 |
| hp | prodesk_600_g6_microtower_firmware | 02.12.01 |
| hp | probook_630_g8_firmware | 01.10.00 |
| hp | elitedesk_805_g8_small_form_factor_firmware | 02.05.02 |
| hp | elitebook_1040_g3_firmware | 1.57 |
| hp | zbook_15u_g5_firmware | 01.21.01 |
| hp | prodesk_600_g6_desktop_mini_firmware | 02.12.01 |
| hp | zbook_create_g7_firmware | 01.10.00 |
| hp | prodesk_680_g6_firmware | 02.12.01 |
| hp | elitebook_x360_1040_g5_firmware | 01.21.01 |
| hp | elitebook_865_g9_firmware | 01.02.01 |
| hp | elitedesk_800_g3_small_form_factor_firmware | 2.44 |
| hp | elitedesk_705_g4_small_form_factor_firmware | 02.20.00 |
| hp | zbook_fury_15_g7_firmware | 01.10.00 |
| hp | elitebook_x360_1040_g8_firmware | 01.10.00 |
| hp | mp9_g2_retail_system_firmware | 2.59 |
| hp | rp9_g1_retail_system_firmware | 2.59 |
| hp | prodesk_405_g8_small_form_factor_firmware | 02.05.02 |
| hp | probook_445r_g6_firmware | 01.21.01 |
| hp | elitebook_850_g6_firmware | 01.21.01 |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_firmware | 02.21.00 |
| hp | elitebook_1040_g9_firmware | 01.03.01 |
| hp | proone_400_g3_20-inch_touch_all-in-one_firmware | 2.44 |
| hp | z2_mini_g5_workstation_firmware | 01.04.07 |
| hp | elitebook_835_g9_firmware | 01.02.01 |
| hp | elitebook_x360_830_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_firmware | 2.44 |
| hp | proone_400_g5_23.8-inch_all-in-one_business_firmware | 02.15.00 |
| hp | proone_600_g6_22_all-in-one_firmware | 02.12.01 |
| hp | elite_dragonfly_firmware | 01.21.01 |
| hp | zbook_studio_x360_g5_firmware | 01.21.02 |
| hp | elitedesk_800_g5_tower_firmware | 02.15.00 |
| hp | probook_445_g6_firmware | 01.21.01 |
| hp | eliteone_800_g8_24_all-in-one_firmware | 02.09.01 |
| hp | zhan_66_pro_a_14_g5_firmware | 01.08.01 |
| hp | prodesk_600_g2_small_form_factor_firmware | 2.59 |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | zhan_66_pro_14_g2_firmware | 01.21.01 |
| hp | probook_x360_11_g7_ee_firmware | 01.10.00 |
| hp | zbook_studio_g7_firmware | 01.10.00 |
| hp | prodesk_600_g3_small_form_factor_firmware | 2.44 |
| hp | zhan_66_pro_a_14_g4_firmware | 01.10.00 |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitebook_630_g9_firmware | 01.04.00 |
| hp | elitebook_850_g8_firmware | 01.10.00 |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | elitebook_x360_830_g8_firmware | 01.10.00 |
| hp | probook_640_g5_firmware | 01.21.01 |
| hp | probook_640_g8_firmware | 01.10.00 |
| hp | prodesk_400_g5_desktop_mini_firmware | 02.15.00 |
| hp | probook_455_g9_firmware | 01.08.01 |
| hp | prodesk_600_g4_small_form_factor_firmware | 02.21.00 |
| hp | elitebook_840_aero_g8_firmware | 01.10.00 |
| hp | elitedesk_800_g6_small_form_factor_firmware | 02.12.01 |
| hp | elitedesk_800_35w_g4_desktop_mini_firmware | 02.21.00 |
| hp | z2_tower_g5_workstation_firmware | 01.04.07 |
| hp | elitebook_x360_830_g6_firmware | 01.21.01 |
| hp | probook_645_g4_firmware | 01.21.01 |
| hp | elite_x360_1040_g9_2-in-1_firmware | 01.03.01 |
| hp | elitebook_830_g5_firmware | 01.21.01 |
| hp | probook_455r_g6_firmware | 01.21.01 |
| hp | prodesk_400_g7_small_form_factor_firmware | 02.12.01 |
| hp | elitebook_830_g8_firmware | 01.10.00 |
| hp | probook_x360_11_g6_ee_firmware | 01.12.00 |
| hp | elitebook_830_g9_firmware | 01.03.01 |
| hp | elitebook_840_g8_firmware | 01.10.00 |
| hp | elitebook_840_g9_firmware | 01.03.01 |
| hp | probook_x360_440_g1_firmware | 01.21.01 |
| hp | elitebook_835_g7_firmware | 01.10.00 |
| hp | probook_440_g8_firmware | 01.10.00 |
| hp | pro_x360_fortis_g9_firmware | 01.03.00 |
| hp | z1_entry_tower_g5_workstation_firmware | 02.15.00 |
| hp | elitedesk_800_g2_small_form_factor_firmware | 2.59 |
| hp | elitebook_840_g6_firmware | 01.21.01 |
| hp | mt45_mobile_thin_client_firmware | 01.21.10 |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_firmware | 02.21.00 |
| hp | prodesk_480_g4_microtower_firmware | 2.44 |
| hp | zbook_studio_g9_firmware | 01.03.01 |
| hp | eliteone_840_23.8_inch_g9_all-in-one_firmware | 02.06.00 |
| hp | proone_440_g5_23.8-in_all-in-one_business_firmware | 02.15.00 |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | elitedesk_800_g4_small_form_factor_firmware | 02.21.00 |
| hp | elite_tower_880_g9_firmware | 02.05.01 |
| hp | probook_445_g9_firmware | 01.08.01 |
| hp | zbook_firefly_15_g8_firmware | 01.10.00 |
| hp | eliteone_800_g6_27_all-in-one_firmware | 02.12.01 |
| hp | elitedesk_800_35w_g3_desktop_mini_firmware | 2.44 |
| hp | probook_440_g9_firmware | 01.04.00 |
| hp | proone_400_g6_24_all-in-one_firmware | 02.12.01 |
| hp | prodesk_400_g5_small_form_factor_firmware | 02.21.00 |
| hp | elite_dragonfly_max_firmware | 01.10.00 |
| hp | elitedesk_805_g6_desktop_mini_firmware | 02.09.01 |
| hp | prodesk_400_g4_microtower_firmware | 2.44 |
| hp | probook_x360_11_g5_ee_firmware | 01.11.00 |
| hp | probook_x360_435_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_14_g3_firmware | 01.14.00 |
| hp | elitedesk_800_95w_g4_desktop_mini_firmware | 02.20.01 |
| hp | prodesk_600_g2_desktop_mini_firmware | 2.59 |
| hp | probook_455_g7_firmware | 01.10.00 |
| hp | probook_x360_435_g7_firmware | 01.10.01 |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_firmware | 02.21.00 |
| hp | probook_650_g5_firmware | 01.21.01 |
| hp | elitedesk_800_g3_tower_firmware | 2.44 |
| hp | mp9_g4_retail_system_firmware | 02.21.00 |
| hp | zbook_fury_17_g8_firmware | 01.10.00 |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_firmware | 2.44 |
| hp | mt46_mobile_thin_client_firmware | 01.10.00 |
| hp | zhan_66_pro_g3_22_all-in-one_firmware | 02.12.01 |
| hp | elitebook_1030_g1_firmware | 1.57 |
| hp | prodesk_600_g2_microtower_firmware | 2.59 |
| hp | probook_fortis_g10_firmware | 01.03.00 |
| hp | zbook_15u_g6_firmware | 01.21.01 |
| hp | z2_tower_g4_workstation_firmware | 01.08.03 |
| hp | pro_sff_400_g9_firmware | 02.05.00 |
| hp | engage_flex_pro-c_retail_system_firmware | 02.21.00 |
| hp | elitedesk_705_g4_workstation_firmware | 02.19.01 |
| hp | eliteone_800_g8_27_all-in-one_firmware | 02.09.01 |
| hp | prodesk_400_g4_small_form_factor_firmware | 2.44 |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_firmware | 02.21.00 |
| hp | probook_650_g8_firmware | 01.10.00 |
| hp | prodesk_600_g4_desktop_mini_firmware | 02.21.00 |
| hp | zbook_studio_g8_firmware | 01.10.00 |
| hp | elite_mini_800_g9_firmware | 02.05.00 |
| hp | prodesk_480_g7_firmware | 02.12.01 |
| hp | prodesk_400_g7_microtower_firmware | 02.12.01 |
| hp | eliteone_800_g4_23.8-in_all-in-one_business_firmware | 02.21.00 |
| hp | probook_450_g6_firmware | 01.21.01 |
| hp | zbook_power_g8_firmware | 01.10.00 |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_firmware | 2.44 |
| hp | pro_tower_400_g9_firmware | 02.05.00 |
| hp | prodesk_600_g5_desktop_mini_firmware | 02.15.00 |
| hp | prodesk_400_g5_microtower_firmware | 02.21.00 |
| hp | probook_455_g6_firmware | 01.21.01 |
| hp | elite_slice_firmware | 2.59 |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_firmware | 2.44 |
| hp | zhan_66_pro_a_14_g3_firmware | 01.10.00 |
| hp | z1_g9_tower_firmware | 02.05.01 |
| hp | elitedesk_705_g5_small_form_factor_firmware | 02.15.00 |
| hp | elitebook_840r_g4_firmware | 01.21.01 |
| hp | elitebook_840_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_firmware | 2.44 |
| hp | prodesk_680_g3_microtower_firmware | 2.44 |
| hp | elite_sff_600_g9_firmware | 02.05.01 |
| hp | probook_455_g5_firmware | 01.21.01 |
| hp | zbook_studio_g5_firmware | 01.21.02 |
| hp | zbook_firefly_14_g9_firmware | 01.03.01 |
| hp | elitedesk_705_g3_firmware | 2.41 |
| hp | elite_dragonfly_g3_firmware | 01.03.01 |
| hp | elitebook_745_g5_firmware | 01.21.01 |
| hp | elitebook_860_g9_firmware | 01.03.01 |
| hp | zhan_66_pro_15_g3_firmware | 01.14.00 |
| hp | elitedesk_800_g8_small_form_factor_firmware | 02.09.01 |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_firmware | 2.44 |
| hp | zbook_firefly_16_g9_firmware | 01.03.01 |
| hp | elitebook_755_g5_firmware | 01.21.01 |
| hp | pro_x360_fortis_g10_firmware | 01.03.00 |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_firmware | 2.44 |
| hp | zbook_firefly_14_g8_firmware | 01.10.00 |
| hp | elite_folio_2-in-1_firmware | not_impacted |
| hp | elite_x2_1012_g2_firmware | 1.43 |
| hp | elitebook_x360_830_g7_firmware | 01.10.00 |
| hp | prodesk_480_g5_microtower_firmware | 02.21.00 |
| hp | elitebook_846_g5_firmware | 01.21.01 |
| hp | elitebook_x360_1030_g7_firmware | 01.10.00 |
| hp | prodesk_400_g3_desktop_mini_firmware | 2.44 |
| hp | elite_tower_680_g9_firmware | 02.05.01 |
| hp | elitebook_850_g7_firmware | 01.10.00 |
| hp | elite_tower_600_g9_firmware | 02.05.01 |
| hp | z2_small_form_factor_g4_workstation_firmware | 01.08.03 |
| hp | zbook_17_g6_firmware | 01.21.02 |
| hp | proone_400_g2_20-inch_touch_all-in-one_firmware | 2.59 |
| hp | prodesk_680_g4_microtower_firmware | 02.21.00 |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | probook_450_g7_firmware | 01.14.00 |
| hp | elite_tower_800_g9_firmware | 02.05.01 |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_firmware | 2.59 |
| hp | prodesk_400_g6_small_form_factor_firmware | 02.15.00 |
| hp | probook_430_g8_firmware | 01.10.00 |
| hp | elitedesk_800_g5_small_form_factor_firmware | 02.15.00 |
| hp | elitedesk_705_g4_desktop_mini_firmware | 02.20.00 |
| hp | zbook_14u_g5_firmware | 01.21.01 |
| hp | proone_440_23.8_inch_g9_all-in-one_firmware | 02.05.00 |
| hp | probook_640_g4_firmware | 01.21.01 |
| hp | engage_one_aio_system_firmware | 2.44 |
| hp | probook_430_g7_firmware | 01.14.00 |
| hp | elitedesk_800_65w_g3_desktop_mini_firmware | 2.44 |
| hp | probook_445_g8_firmware | 01.10.00 |
| hp | elite_dragonfly_g2_firmware | 01.10.00 |
| hp | elitebook_845_g8_firmware | 01.10.00 |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitebook_830_g6_firmware | 01.21.01 |
| hp | elitebook_x360_1030_g3_firmware | 01.21.01 |
| hp | elitedesk_705_g4_microtower_firmware | 02.20.00 |
| hp | elitebook_650_g9_firmware | 01.04.00 |
| hp | zbook_fury_17_g7_firmware | 01.10.00 |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_firmware | 2.59 |
| hp | zbook_fury_15_g8_firmware | 01.10.00 |
| hp | probook_450_g9_firmware | 01.04.00 |
| hp | elitedesk_805_g8_desktop_mini_firmware | 02.05.02 |
| hp | elitebook_640_g9_firmware | 01.04.00 |
| hp | elitebook_836_g5_firmware | 01.21.01 |
| hp | zbook_firefly_14_g7_firmware | 01.10.00 |
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | z1_entry_tower_g6_workstation_firmware | 02.12.01 |
| hp | probook_445_g7_firmware | 01.10.00 |
| hp | zbook_fury_16_g9_firmware | 01.03.02 |
| hp | probook_450_g5_firmware | 01.21.01 |
| hp | elitebook_836_g6_firmware | 01.21.01 |
| hp | elite_slice_g2_firmware | 2.59 |
| hp | elitebook_645_g9_firmware | 01.08.01 |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_880_g3_tower_firmware | 2.44 |
| hp | probook_430_g6_firmware | 01.21.01 |
| hp | engage_go_10_mobile_system_firmware | 01.10.00 |
| hp | elitebook_845_g7_firmware | 01.10.00 |
| hp | zhan_x_13_g2_firmware | 01.21.01 |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_800_g6_desktop_mini_firmware | 02.12.01 |
| hp | probook_470_g5_firmware | 01.21.01 |
| hp | elitebook_735_g6_firmware | 01.21.01 |
| hp | prodesk_405_g8_desktop_mini_firmware | 02.05.02 |
| hp | elitedesk_705_g5_desktop_mini_firmware | 02.15.00 |
| hp | elite_x2_1013_g3_firmware | 01.21.01 |
| hp | elitedesk_800_g8_desktop_mini_firmware | 02.09.01 |
| hp | probook_440_g6_firmware | 01.21.01 |
| hp | prodesk_405_g6_desktop_mini_firmware | 02.09.01 |
| hp | engage_go_mobile_system_firmware | 01.21.01 |
| hp | mt44_mobile_thin_client_firmware | 01.21.01 |
| hp | elitebook_855_g7_firmware | 01.10.00 |
| hp | engage_flex_mini_retail_system_firmware | 02.12.01 |
| hp | prodesk_600_g5_small_form_factor_firmware | 02.15.00 |
| hp | z2_tower_g8_workstation_firmware | 01.06.00 |
| hp | z1_g8_tower_firmware | 02.09.01 |
| hp | elitebook_850_g5_firmware | 01.21.01 |
| hp | probook_430_g5_firmware | 01.21.01 |
| hp | zbook_14u_g6_firmware | 01.21.01 |
| hp | probook_440_g5_firmware | 01.21.01 |
| hp | elitedesk_800_65w_g2_desktop_mini_firmware | 2.59 |
| hp | elitebook_830_g7_firmware | 01.10.00 |
| hp | zbook_15_g5_firmware | 01.21.02 |
| hp | probook_440_g7_firmware | 01.14.00 |
| hp | probook_fortis_g9_firmware | 01.03.00 |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitedesk_800_g4_workstation_firmware | 02.20.01 |
| hp | elite_x2_1012_g1_firmware | 1.57 |
| hp | elite_x2_g4_firmware | 01.21.01 |
| hp | elitedesk_800_35w_g2_desktop_mini_firmware | 2.59 |
| hp | prodesk_405_g6_small_form_factor_firmware | 02.09.01 |
| hp | elitedesk_800_g5_desktop_mini_firmware | 02.15.00 |
| hp | elitedesk_880_g6_tower_firmware | 02.12.01 |
| hp | probook_650_g4_firmware | 01.21.01 |
| hp | prodesk_400_g4_desktop_mini_firmware | 02.21.00 |
| hp | elitebook_745_g6_firmware | 01.21.01 |
| hp | prodesk_405_g4_desktop_mini_firmware | 02.20.00 |
| hp | prodesk_405_g4_small_form_factor_firmware | 02.20.00 |
| hp | pro_mini_400_g9_firmware | 02.05.00 |
| hp | elitebook_1040_g4_firmware | 1.44 |
| hp | prodesk_400_g6_desktop_mini_firmware | 02.12.01 |
| hp | proone_600_g5_21.5-in_all-in-one_business_firmware | 02.15.00 |
| hp | elitebook_x360_1030_g8_firmware | 01.10.00 |
| hp | z2_small_form_factor_g8_workstation_firmware | 01.06.00 |
| hp | zhan_66_pro_14_g4_firmware | 01.10.00 |
| hp | elitedesk_800_g6_tower_firmware | 02.12.01 |
| hp | probook_x360_11_g4_ee_firmware | 01.16.00 |
| hp | elitedesk_880_g8_tower_firmware | 02.09.01 |
| hp | prodesk_600_g4_microtower_firmware | 02.21.00 |
| hp | elitedesk_880_g4_tower_firmware | 02.21.00 |
| hp | pro_tower_480_g9_firmware | 02.05.00 |
| hp | elitebook_x360_1040_g7_firmware | 01.10.00 |
| hp | zhan_66_pro_g1_firmware | 01.21.01 |
| hp | zbook_17_g5_firmware | 01.21.02 |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_firmware | 02.21.00 |
| hp | zhan_66_pro_g3_24_all-in-one_firmware | 02.12.01 |
| hp | zbook_firefly_15_g7_firmware | 01.10.00 |
| hp | zhan_66_pro_13_g2_firmware | 01.21.01 |
| hp | prodesk_600_g3_microtower_firmware | 2.44 |
| hp | prodesk_600_g6_small_form_factor_firmware | 02.12.01 |
| hp | elitebook_x360_1030_g4_firmware | 01.21.01 |
| hp | engage_one_pro_aio_system_firmware | 02.12.01 |
| hp | elitebook_840_g7_firmware | 01.10.00 |
| hp | elite_mini_600_g9_firmware | 02.05.00 |
| hp | elitebook_855_g8_firmware | 01.10.00 |
| hp | probook_635_aero_g8_firmware | 01.10.00 |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | 02.15.00 |
| hp | prodesk_600_g5_microtower_firmware | 02.15.00 |
| hp | elitebook_835_g8_firmware | 01.10.00 |
| hp | probook_640_g7_firmware | 01.10.00 |
| hp | proone_440_g6_24_all-in-one_firmware | 02.12.01 |
| hp | probook_455_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_g5_firmware | 01.04.00 |
| hp | probook_450_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_15_g2_firmware | 01.21.01 |
| hp | elitebook_1050_g1_firmware | 01.22.00 |
| hp | elitebook_735_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_firmware | 2.44 |
| hp | elitebook_655_g9_firmware | 01.08.01 |
| hp | z2_small_form_factor_g5_workstation_firmware | 01.04.07 |
| hp | prodesk_480_g6_microtower_firmware | 02.15.00 |
| hp | elitedesk_800_g4_tower_firmware | 02.21.00 |
| hp | prodesk_400_g6_microtower_firmware | 02.15.00 |
| hp | elitedesk_800_g8_tower_firmware | 02.09.01 |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | probook_650_g7_firmware | 01.10.00 |
| hp | elitedesk_805_g6_small_form_factor_firmware | 02.09.01 |
| hp | z2_mini_g4_workstation_firmware | 01.08.03 |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | elitedesk_800_65w_g4_desktop_mini_firmware | 02.20.01 |
| hp | engage_flex_pro_retail_system_firmware | 02.21.00 |
| hp | elitebook_x360_1040_g6_firmware | 01.21.01 |
| hp | prodesk_680_g2_microtower_firmware | 2.59 |
| hp | elitedesk_880_g5_tower_firmware | 02.15.00 |
| hp | prodesk_600_g6_firmware | 02.12.01 |
| hp | probook_x360_11_g3_ee_firmware | 01.20.00 |
| hp | proone_400_g6_20_all-in-one_firmware | 02.12.01 |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | dragonfly_folio_g3_2-in-1_firmware | 01.01.03 |
| hp | elitebook_845_g9_firmware | 01.02.01 |
| hp | elite_sff_800_g9_firmware | 02.05.01 |
| hp | prodesk_600_g3_desktop_mini_firmware | 2.44 |
| hp | eliteone_800_g5_23.8-in_all-in-one_firmware | 02.15.00 |
| hp | zbook_power_g7_firmware | 01.10.00 |
| hp | proone_400_g5_20-inch_all-in-one_business_firmware | 02.15.00 |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_firmware | 02.21.00 |
| hp | eliteone_800_g3_23.8_non-touch_all-in-one_business_firmware | 2.44 |
| hp | eliteone_800_g6_24_all-in-one_firmware | 02.12.01 |
| hp | zbook_power_g9_firmware | 01.03.00 |
| hp | zbook_15_g6_firmware | 01.21.02 |
| hp | elite_x2_g8_firmware | 01.10.00 |
| hp | elite_x360_830_g9_2-in-1_firmware | 01.03.01 |
| hp | prodesk_600_g6_microtower_firmware | 02.12.01 |
| hp | probook_630_g8_firmware | 01.10.00 |
| hp | elitedesk_805_g8_small_form_factor_firmware | 02.05.02 |
| hp | elitebook_1040_g3_firmware | 1.57 |
| hp | zbook_15u_g5_firmware | 01.21.01 |
| hp | prodesk_600_g6_desktop_mini_firmware | 02.12.01 |
| hp | zbook_create_g7_firmware | 01.10.00 |
| hp | prodesk_680_g6_firmware | 02.12.01 |
| hp | elitebook_x360_1040_g5_firmware | 01.21.01 |
| hp | elitebook_865_g9_firmware | 01.02.01 |
| hp | elitedesk_800_g3_small_form_factor_firmware | 2.44 |
| hp | elitedesk_705_g4_small_form_factor_firmware | 02.20.00 |
| hp | zbook_fury_15_g7_firmware | 01.10.00 |
| hp | elitebook_x360_1040_g8_firmware | 01.10.00 |
| hp | mp9_g2_retail_system_firmware | 2.59 |
| hp | rp9_g1_retail_system_firmware | 2.59 |
| hp | prodesk_405_g8_small_form_factor_firmware | 02.05.02 |
| hp | probook_445r_g6_firmware | 01.21.01 |
| hp | elitebook_850_g6_firmware | 01.21.01 |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_firmware | 02.21.00 |
| hp | elitebook_1040_g9_firmware | 01.03.01 |
| hp | proone_400_g3_20-inch_touch_all-in-one_firmware | 2.44 |
| hp | z2_mini_g5_workstation_firmware | 01.04.07 |
| hp | elitebook_835_g9_firmware | 01.02.01 |
| hp | elitebook_x360_830_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_firmware | 2.44 |
| hp | proone_400_g5_23.8-inch_all-in-one_business_firmware | 02.15.00 |
| hp | proone_600_g6_22_all-in-one_firmware | 02.12.01 |
| hp | elite_dragonfly_firmware | 01.21.01 |
| hp | zbook_studio_x360_g5_firmware | 01.21.02 |
| hp | elitedesk_800_g5_tower_firmware | 02.15.00 |
| hp | probook_445_g6_firmware | 01.21.01 |
| hp | eliteone_800_g8_24_all-in-one_firmware | 02.09.01 |
| hp | zhan_66_pro_a_14_g5_firmware | 01.08.01 |
| hp | prodesk_600_g2_small_form_factor_firmware | 2.59 |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | zhan_66_pro_14_g2_firmware | 01.21.01 |
| hp | probook_x360_11_g7_ee_firmware | 01.10.00 |
| hp | zbook_studio_g7_firmware | 01.10.00 |
| hp | prodesk_600_g3_small_form_factor_firmware | 2.44 |
| hp | zhan_66_pro_a_14_g4_firmware | 01.10.00 |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitebook_630_g9_firmware | 01.04.00 |
| hp | elitebook_850_g8_firmware | 01.10.00 |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_firmware | 2.59 |
| hp | elitebook_x360_830_g8_firmware | 01.10.00 |
| hp | probook_640_g5_firmware | 01.21.01 |
| hp | probook_640_g8_firmware | 01.10.00 |
| hp | prodesk_400_g5_desktop_mini_firmware | 02.15.00 |
| hp | probook_455_g9_firmware | 01.08.01 |
| hp | prodesk_600_g4_small_form_factor_firmware | 02.21.00 |
| hp | elitebook_840_aero_g8_firmware | 01.10.00 |
| hp | elitedesk_800_g6_small_form_factor_firmware | 02.12.01 |
| hp | elitedesk_800_35w_g4_desktop_mini_firmware | 02.21.00 |
| hp | z2_tower_g5_workstation_firmware | 01.04.07 |
| hp | elitebook_x360_830_g6_firmware | 01.21.01 |
| hp | probook_645_g4_firmware | 01.21.01 |
| hp | elite_x360_1040_g9_2-in-1_firmware | 01.03.01 |
| hp | elitebook_830_g5_firmware | 01.21.01 |
| hp | probook_455r_g6_firmware | 01.21.01 |
| hp | prodesk_400_g7_small_form_factor_firmware | 02.12.01 |
| hp | elitebook_830_g8_firmware | 01.10.00 |
| hp | probook_x360_11_g6_ee_firmware | 01.12.00 |
| hp | elitebook_830_g9_firmware | 01.03.01 |
| hp | elitebook_840_g8_firmware | 01.10.00 |
| hp | elitebook_840_g9_firmware | 01.03.01 |
| hp | probook_x360_440_g1_firmware | 01.21.01 |
| hp | elitebook_835_g7_firmware | 01.10.00 |
| hp | probook_440_g8_firmware | 01.10.00 |
| hp | pro_x360_fortis_g9_firmware | 01.03.00 |
| hp | z1_entry_tower_g5_workstation_firmware | 02.15.00 |
| hp | elitedesk_800_g2_small_form_factor_firmware | 2.59 |
| hp | elitebook_840_g6_firmware | 01.21.01 |
| hp | mt45_mobile_thin_client_firmware | 01.21.10 |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_firmware | 02.21.00 |
| hp | prodesk_480_g4_microtower_firmware | 2.44 |
| hp | zbook_studio_g9_firmware | 01.03.01 |
| hp | eliteone_840_23.8_inch_g9_all-in-one_firmware | 02.06.00 |
| hp | proone_440_g5_23.8-in_all-in-one_business_firmware | 02.15.00 |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | elitedesk_800_g4_small_form_factor_firmware | 02.21.00 |
| hp | elite_tower_880_g9_firmware | 02.05.01 |
| hp | probook_445_g9_firmware | 01.08.01 |
| hp | zbook_firefly_15_g8_firmware | 01.10.00 |
| hp | eliteone_800_g6_27_all-in-one_firmware | 02.12.01 |
| hp | elitedesk_800_35w_g3_desktop_mini_firmware | 2.44 |
| hp | probook_440_g9_firmware | 01.04.00 |
| hp | proone_400_g6_24_all-in-one_firmware | 02.12.01 |
| hp | prodesk_400_g5_small_form_factor_firmware | 02.21.00 |
| hp | elite_dragonfly_max_firmware | 01.10.00 |
| hp | elitedesk_805_g6_desktop_mini_firmware | 02.09.01 |
| hp | prodesk_400_g4_microtower_firmware | 2.44 |
| hp | probook_x360_11_g5_ee_firmware | 01.11.00 |
| hp | probook_x360_435_g8_firmware | 01.10.00 |
| hp | zhan_66_pro_14_g3_firmware | 01.14.00 |
| hp | elitedesk_800_95w_g4_desktop_mini_firmware | 02.20.01 |
| hp | prodesk_600_g2_desktop_mini_firmware | 2.59 |
| hp | probook_455_g7_firmware | 01.10.00 |
| hp | probook_x360_435_g7_firmware | 01.10.01 |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_firmware | 02.21.00 |
| hp | probook_650_g5_firmware | 01.21.01 |
| hp | elitedesk_800_g3_tower_firmware | 2.44 |
| hp | mp9_g4_retail_system_firmware | 02.21.00 |
| hp | zbook_fury_17_g8_firmware | 01.10.00 |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_firmware | 2.44 |
| hp | mt46_mobile_thin_client_firmware | 01.10.00 |
| hp | zhan_66_pro_g3_22_all-in-one_firmware | 02.12.01 |
| hp | elitebook_1030_g1_firmware | 1.57 |
| hp | prodesk_600_g2_microtower_firmware | 2.59 |
| hp | probook_fortis_g10_firmware | 01.03.00 |
| hp | zbook_15u_g6_firmware | 01.21.01 |
| hp | z2_tower_g4_workstation_firmware | 01.08.03 |
| hp | pro_sff_400_g9_firmware | 02.05.00 |
| hp | engage_flex_pro-c_retail_system_firmware | 02.21.00 |
| hp | elitedesk_705_g4_workstation_firmware | 02.19.01 |
| hp | eliteone_800_g8_27_all-in-one_firmware | 02.09.01 |
| hp | prodesk_400_g4_small_form_factor_firmware | 2.44 |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_firmware | 02.21.00 |
| hp | probook_650_g8_firmware | 01.10.00 |
| hp | prodesk_600_g4_desktop_mini_firmware | 02.21.00 |
| hp | zbook_studio_g8_firmware | 01.10.00 |
| hp | elite_mini_800_g9_firmware | 02.05.00 |
| hp | prodesk_480_g7_firmware | 02.12.01 |
| hp | prodesk_400_g7_microtower_firmware | 02.12.01 |
| hp | eliteone_800_g4_23.8-in_all-in-one_business_firmware | 02.21.00 |
| hp | probook_450_g6_firmware | 01.21.01 |
| hp | zbook_power_g8_firmware | 01.10.00 |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_firmware | 2.44 |
| hp | pro_tower_400_g9_firmware | 02.05.00 |
| hp | prodesk_600_g5_desktop_mini_firmware | 02.15.00 |
| hp | prodesk_400_g5_microtower_firmware | 02.21.00 |
| hp | probook_455_g6_firmware | 01.21.01 |
| hp | elite_slice_firmware | 2.59 |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_firmware | 2.44 |
| hp | zhan_66_pro_a_14_g3_firmware | 01.10.00 |
| hp | z1_g9_tower_firmware | 02.05.01 |
| hp | elitedesk_705_g5_small_form_factor_firmware | 02.15.00 |
| hp | elitebook_840r_g4_firmware | 01.21.01 |
| hp | elitebook_840_g5_firmware | 01.21.01 |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_firmware | 2.44 |
| hp | prodesk_680_g3_microtower_firmware | 2.44 |
| hp | elite_sff_600_g9_firmware | 02.05.01 |
| hp | probook_455_g5_firmware | 01.21.01 |
| hp | zbook_studio_g5_firmware | 01.21.02 |
| hp | zbook_firefly_14_g9_firmware | 01.03.01 |
| hp | elitedesk_705_g3_firmware | 2.41 |
| hp | elite_dragonfly_g3_firmware | 01.03.01 |
| hp | elitebook_745_g5_firmware | 01.21.01 |
| hp | elitebook_860_g9_firmware | 01.03.01 |
| hp | zhan_66_pro_15_g3_firmware | 01.14.00 |
| hp | elitedesk_800_g8_small_form_factor_firmware | 02.09.01 |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_firmware | 2.44 |
| hp | zbook_firefly_16_g9_firmware | 01.03.01 |
| hp | elitebook_755_g5_firmware | 01.21.01 |
| hp | pro_x360_fortis_g10_firmware | 01.03.00 |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_firmware | 2.44 |
| hp | zbook_firefly_14_g8_firmware | 01.10.00 |
| hp | elite_folio_2-in-1_firmware | not_impacted |
| hp | elite_x2_1012_g2_firmware | 1.43 |
| hp | elitebook_x360_830_g7_firmware | 01.10.00 |
| hp | prodesk_480_g5_microtower_firmware | 02.21.00 |
| hp | elitebook_846_g5_firmware | 01.21.01 |
| hp | elitebook_x360_1030_g7_firmware | 01.10.00 |
| hp | prodesk_400_g3_desktop_mini_firmware | 2.44 |
| hp | elite_tower_680_g9_firmware | 02.05.01 |
| hp | elitebook_850_g7_firmware | 01.10.00 |
| hp | elite_tower_600_g9_firmware | 02.05.01 |
| hp | z2_small_form_factor_g4_workstation_firmware | 01.08.03 |
| hp | zbook_17_g6_firmware | 01.21.02 |
| hp | proone_400_g2_20-inch_touch_all-in-one_firmware | 2.59 |
| hp | prodesk_680_g4_microtower_firmware | 02.21.00 |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_firmware | 2.44 |
| hp | probook_450_g7_firmware | 01.14.00 |
| hp | elite_tower_800_g9_firmware | 02.05.01 |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_firmware | 2.59 |
| hp | prodesk_400_g6_small_form_factor_firmware | 02.15.00 |
| hp | probook_430_g8_firmware | 01.10.00 |
| hp | elitedesk_800_g5_small_form_factor_firmware | 02.15.00 |
| hp | elitedesk_705_g4_desktop_mini_firmware | 02.20.00 |
| hp | zbook_14u_g5_firmware | 01.21.01 |
| hp | proone_440_23.8_inch_g9_all-in-one_firmware | 02.05.00 |
| hp | probook_640_g4_firmware | 01.21.01 |
| hp | engage_one_aio_system_firmware | 2.44 |
| hp | probook_430_g7_firmware | 01.14.00 |
| hp | elitedesk_800_65w_g3_desktop_mini_firmware | 2.44 |
| hp | probook_445_g8_firmware | 01.10.00 |
| hp | elite_dragonfly_g2_firmware | 01.10.00 |
| hp | elitebook_845_g8_firmware | 01.10.00 |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_firmware | 02.21.00 |
| hp | elitebook_830_g6_firmware | 01.21.01 |
| hp | elitebook_x360_1030_g3_firmware | 01.21.01 |
| hp | elitedesk_705_g4_microtower_firmware | 02.20.00 |
| hp | elitebook_650_g9_firmware | 01.04.00 |
| hp | zbook_fury_17_g7_firmware | 01.10.00 |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_firmware | 2.59 |
| hp | zbook_fury_15_g8_firmware | 01.10.00 |
| hp | probook_450_g9_firmware | 01.04.00 |
| hp | elitedesk_805_g8_desktop_mini_firmware | 02.05.02 |
| hp | elitebook_640_g9_firmware | 01.04.00 |
| hp | elitebook_836_g5_firmware | 01.21.01 |
| hp | zbook_firefly_14_g7_firmware | 01.10.00 |
A potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerability.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | prodesk_400_g3_dm_firmware | * |
| hp | proone_400_g3_aio_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | probook_470_g4_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | prodesk_600_g2_sff_firmware | * |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | z2_mini_g3_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | probook_440_g4_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | eliteone_800_g2_aio_firmware | * |
| hp | elitedesk_800_g2_sff_firmware | * |
| hp | prodesk_680_g3_microtower_pc_firmware | * |
| hp | prodesk_600_g2_microtower_pc_firmware | * |
| hp | proone_400_g2_aio_firmware | * |
| hp | z238_microtower_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | probook_11_g2_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | prodesk_600_g3_sff_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | prodesk_400_g4_sff_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | proone_600_g2_aio_firmware | * |
| hp | proone_480_g3_firmware | * |
| hp | probook_430_g4_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | mp9_g2_retail_system_firmware | * |
| hp | z240_tower_firmware | * |
| hp | prodesk_600_g3_desktop_mini_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | prodesk_400_g4_microtower_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | z1_g3_firmware | * |
| hp | probook_x360_11_g2_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | engage_one_aio_system_firmware | * |
| hp | elite_slice_firmware | * |
| hp | probook_450_g4_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | zbook_15u_g4_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | eliteone_800_g3_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | * |
| hp | z240_sff_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | prodesk_680_g2_microtower_pc_firmware | * |
| hp | proone_600_g3_firmware | * |
| hp | prodesk_600_g2_dm_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | zbook_studio_x2_g4_firmware | * |
Potential vulnerabilities have been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | elitebook_848_g3_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | mp9_g2_retail_system_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elite_slice_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | zbook_17_g3_firmware | * |
Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | elitebook_848_g3_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | mp9_g2_retail_system_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elite_slice_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | zbook_17_g3_firmware | * |
A vulnerability in NetBatch-Plus software allows unauthorized access to the application. HPE has provided a workaround and fix. Please refer to HPE Security Bulletin HPESBNS04388 for details.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | nonstop_netbatch-plus | * |
A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series. The vulnerability could be remotely exploited to allow remote directory traversal in HPE OfficeConnect 1820 switch series version PT.02.17 and below, HPE OfficeConnect 1850 switch series version PC.01.23 and below, and HPE OfficeConnect 1850 (10G aggregator) switch version PO.01.22 and below.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hpe | officeconnect_1850_24g_2xgt_poe+_firmware | * |
| hpe | officeconnect_1850_2xgt/spf+_firmware | * |
| hp | officeconnect_1820_24g_poe+_(185w)_switch_j9983a_firmware | * |
| hpe | officeconnect_1850_48g_4xgt_firmware | * |
| hpe | officeconnect_1850_48g_4xgt_poe+_firmware | * |
| hp | officeconnect_1820_8g_poe+_(65w)_switch_j9982a_firmware | * |
| hpe | officeconnect_1850_6xgt_firmware | * |
| hp | officeconnect_1820_8g_switch_j9979a_firmware | * |
| hp | officeconnect_1820_48g_poe+_(370w)_switch_j9984a_firmware | * |
| hpe | officeconnect_1850_24g_2xgt_firmware | * |
HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview_for_vmware_vcenter | 9.6 |
| hp | oneview_for_vmware_vcenter | * |
HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
| hp | fusion | * |
HPSFViewer might allow Escalation of Privilege. This potential vulnerability was remediated on July 29th, 2022. Customers who opted for automatic updates should have already received the remediation.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hpsfviewer | * |
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mp9_g4_retail_system_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z2_small_form_factor_g8_workstation_firmware | * |
| hp | pro_tower_480_g9_desktop_pc_firmware | * |
| hp | zbook_firefly_14_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elite_x360_1040_14_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | prodesk_405_g6_desktop_mini_pc_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | * |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_pc_firmware | * |
| hp | zbook_studio_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | elitebook_755_g3_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | elitedesk_705_g3_microtower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | z2_mini_g5_workstation_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_445_14_inch_g9_notebook_pc_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elitedesk_705_g4_workstation_edition_firmware | * |
| hp | pro_mt440_g3_mobile_thin_client_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | probook_fortis_14_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_725_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | z1_all-in-one_g3_workstation_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | elitebook_865_16_inch_g9_notebook_pc_firmware | * |
| hp | zbook_power_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_mini_600_g9_desktop_pc_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | mini_conferencing_pc_with_zoom_rooms_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | probook_fortis_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmware | * |
| hp | eliteone_870_27_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | elitebook_640_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_440_14_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | elite_tower_800_g9_desktop_pc_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_405_g6_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | mt21_mobile_thin_client_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | zbook_firefly_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_15u_g4_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_450_15.6_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | prodesk_400_g4_microtower_pc_firmware | * |
| hp | probook_x360_435_g8_notebook_pc_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | * |
| hp | elite_sff_600_g9_desktop_pc_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g3_microtower_pc_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | z2_small_form_factor_g9_workstation_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | zbook_firefly_14_inch_g8_mobile_workstation_pc_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | elite_x2_1012_g1_tablet_with_travel_keyboard_firmware | * |
| hp | prodesk_405_g4_small_form_factor_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | * |
| hp | z2_tower_g4_workstation_firmware | * |
| hp | pro_sff_400_g9_desktop_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | z2_tower_g5_workstation_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | elite_x360_830_13_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | mt31_mobile_thin_client_firmware | * |
| hp | z840_workstation_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | zbook_power_15.6_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | mt22_mobile_thin_client_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | pro_x360_fortis_11_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_1040_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_tower_680_g9_desktop_pc_firmware | * |
| hp | zcentral_4r_workstation_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | zhan_66_pro_a_14_g4_notebook_pc_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | mt46_mobile_thin_client_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | elitebook_645_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_745_g3_firmware | * |
| hp | elite_slice_g2_with_intel_unite_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | * |
| hp | proone_400_g2_20-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | pro_tower_400_g9_desktop_pc_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_a_14_g5_notebook_pc_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | zbook_fury_17_g7_firmware | * |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g2_desktop_mini_pc_firmware | * |
| hp | z2_small_form_factor_g5_workstation_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_450_g3_firmware | * |
| hp | prodesk_680_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | zbook_fury_16_g9_mobile_workstation_pc_firmware | * |
| hp | probook_455_15.6_inch_g9_notebook_pc_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_with_zoom_rooms_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | probook_645_g2_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | z440_workstation_firmware | * |
| hp | elite_x2_1012_g1_tablet_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | elitebook_650_15.6_inch_g9_notebook_pc_firmware | * |
| hp | mt43_mobile_thin_client_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | dragonfly_folio_13.5_inch_g3_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | pro_x360_fortis_11_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | mt44_mobile_thin_client_firmware | * |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | mt42_mobile_thin_client_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | elite_slice_firmware | * |
| hp | z1_g9_tower_desktop_pc_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | z2_small_form_factor_g4_workstation_firmware | * |
| hp | zbook_fury_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zhan_66_pro_14_inch_g5_notebook_pc_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_-_audio_ready_with_zoom_rooms_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | elite_mini_800_g9_desktop_pc_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | mt32_mobile_thin_client_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | elite_tower_880_g9_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | elite_dragonfly_13.5_inch_g3_notebook_pc_firmware | * |
| hp | elitedesk_705_g4_microtower_pc_firmware | * |
| hp | mt45_mobile_thin_client_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_835_13_inch_g9_notebook_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_400_g2_desktop_mini_pc_firmware | * |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_sff_800_g9_desktop_pc_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | elitebook_830_13.3_inch_g9_notebook_pc_firmware | * |
| hp | z2_mini_g9_workstation_firmware | * |
| hp | zbook_firefly_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | z2_mini_g4_workstation_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitedesk_705_g3_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | * |
| hp | zbook_studio_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | z2_tower_g8_workstation_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | prodesk_600_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zbook_fury_17.3_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | elitedesk_800_g3_tower_pc_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | proone_440_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z640_workstation_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | elitedesk_705_g3_small_form_factor_pc_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | eliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_pc_firmware | * |
| hp | probook_11_ee_g2_firmware | * |
| hp | elitebook_630_13_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_with_microsoft_teams_rooms_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | pro_mini_400_g9_desktop_pc_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | probook_455_g3_firmware | * |
| hp | elitebook_860_16_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | z2_tower_g9_workstation_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_655_g2_firmware | * |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_845_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | elite_tower_600_g9_desktop_pc_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | * |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_14_g4_notebook_pc_firmware | * |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_655_15.6_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | probook_455r_g6_firmware | * |
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | mp9_g4_retail_system_firmware | * |
| hp | zbook_15_g3_firmware | * |
| hp | z2_small_form_factor_g8_workstation_firmware | * |
| hp | pro_tower_480_g9_desktop_pc_firmware | * |
| hp | zbook_firefly_14_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_1000_g2_23.8-in_all-in-one_business_pc_firmware | * |
| hp | elite_x360_1040_14_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_x360_1030_g4_firmware | * |
| hp | prodesk_405_g6_desktop_mini_pc_firmware | * |
| hp | zbook_firefly_15_g7_firmware | * |
| hp | elitedesk_800_35w_g2_desktop_mini_pc_firmware | * |
| hp | probook_470_g3_firmware | * |
| hp | proone_400_g3_20-inch_touch_all-in-one_pc_firmware | * |
| hp | eliteone_800_g2_23-inch_touch_all-in-one_pc_firmware | * |
| hp | zbook_studio_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | elitebook_755_g3_firmware | * |
| hp | eliteone_1000_g2_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g5_small_form_factor_pc_firmware | * |
| hp | elitedesk_880_g5_tower_pc_firmware | * |
| hp | elitedesk_705_g3_microtower_pc_firmware | * |
| hp | zbook_14u_g6_firmware | * |
| hp | zhan_66_pro_14_g3_firmware | * |
| hp | z2_mini_g5_workstation_firmware | * |
| hp | elitebook_1030_g1_firmware | * |
| hp | probook_645_g4_firmware | * |
| hp | elitebook_1040_g4_firmware | * |
| hp | engage_one_all-in-one_system_firmware | * |
| hp | zhan_66_pro_13_g2_firmware | * |
| hp | elitebook_735_g6_firmware | * |
| hp | prodesk_680_g6_pci_microtower_pc_firmware | * |
| hp | probook_430_g3_firmware | * |
| hp | proone_480_g3_20-inch_non-touch_all-in_one_pc_firmware | * |
| hp | prodesk_400_g6_desktop_mini_pc_firmware | * |
| hp | probook_445_14_inch_g9_notebook_pc_firmware | * |
| hp | elitedesk_800_95w_g4_desktop_mini_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elitedesk_705_g4_workstation_edition_firmware | * |
| hp | pro_mt440_g3_mobile_thin_client_firmware | * |
| hp | zbook_15u_g5_firmware | * |
| hp | probook_fortis_14_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_725_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_(with_pci_slot)_firmware | * |
| hp | eliteone_1000_g1_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_desktop_mini_pc_firmware | * |
| hp | zbook_studio_g3_firmware | * |
| hp | elitebook_840_g6_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | probook_650_g7_firmware | * |
| hp | z1_all-in-one_g3_workstation_firmware | * |
| hp | probook_640_g2_firmware | * |
| hp | elitebook_865_16_inch_g9_notebook_pc_firmware | * |
| hp | zbook_power_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zbook_17_g3_firmware | * |
| hp | elitebook_848_g3_firmware | * |
| hp | zhan_66_pro_14_g2_firmware | * |
| hp | elitebook_x360_830_g6_firmware | * |
| hp | zbook_studio_g7_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_mini_600_g9_desktop_pc_firmware | * |
| hp | elite_dragonfly_g2_firmware | * |
| hp | probook_x360_11_g7_ee_firmware | * |
| hp | elitebook_845_g7_firmware | * |
| hp | prodesk_400_g7_microtower_pc_firmware | * |
| hp | elitebook_x360_1030_g8_firmware | * |
| hp | probook_450_g5_firmware | * |
| hp | mini_conferencing_pc_with_zoom_rooms_firmware | * |
| hp | rp9_g1_retail_system_firmware | * |
| hp | probook_fortis_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_-_partner_ready_with_microsoft_teams_rooms_firmware | * |
| hp | eliteone_870_27_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | z8_g4_workstation_firmware | * |
| hp | elitebook_640_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_440_14_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_480_g4_microtower_pc_firmware | * |
| hp | elite_tower_800_g9_desktop_pc_firmware | * |
| hp | zbook_17_g5_firmware | * |
| hp | prodesk_405_g6_small_form_factor_pc_firmware | * |
| hp | zhan_66_pro_a_14_g3_firmware | * |
| hp | mt21_mobile_thin_client_firmware | * |
| hp | prodesk_600_g4_small_form_factor_pc_firmware | * |
| hp | zbook_firefly_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_max_firmware | * |
| hp | probook_640_g7_firmware | * |
| hp | probook_640_g3_firmware | * |
| hp | zhan_66_pro_15_g2_firmware | * |
| hp | elitebook_840_g8_firmware | * |
| hp | zbook_15u_g4_firmware | * |
| hp | elitedesk_800_g4_tower_pc_firmware | * |
| hp | elitebook_820_g4_firmware | * |
| hp | elitebook_830_g5_firmware | * |
| hp | proone_400_g5_20-inch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g4_23.8-inch_touch_gpu_all-in-one_pc_firmware | * |
| hp | elitebook_840_g6_healthcare_edition_firmware | * |
| hp | probook_450_15.6_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_desktop_mini_pc_firmware | * |
| hp | elitebook_1040_g3_firmware | * |
| hp | prodesk_400_g4_microtower_pc_firmware | * |
| hp | probook_x360_435_g8_notebook_pc_firmware | * |
| hp | prodesk_400_g3_desktop_mini_pc_firmware | * |
| hp | elite_sff_600_g9_desktop_pc_firmware | * |
| hp | zbook_14u_g5_firmware | * |
| hp | elitebook_855_g7_firmware | * |
| hp | z1_g8_tower_desktop_pc_firmware | * |
| hp | prodesk_600_g6_pci_microtower_pc_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_pc_firmware | * |
| hp | prodesk_680_g3_microtower_pc_firmware | * |
| hp | proone_400_g5_23.8-inch_all-in-one_business_pc_firmware | * |
| hp | probook_640_g4_firmware | * |
| hp | probook_440_g7_firmware | * |
| hp | probook_450_g7_firmware | * |
| hp | elitedesk_800_g5_tower_pc_firmware | * |
| hp | z2_small_form_factor_g9_workstation_firmware | * |
| hp | prodesk_600_g3_microtower_pc_firmware | * |
| hp | elitebook_835_g8_firmware | * |
| hp | prodesk_480_g5_microtower_pc_firmware | * |
| hp | zbook_firefly_14_inch_g8_mobile_workstation_pc_firmware | * |
| hp | probook_645_g3_firmware | * |
| hp | elite_x2_1012_g1_tablet_with_travel_keyboard_firmware | * |
| hp | prodesk_405_g4_small_form_factor_pc_firmware | * |
| hp | proone_400_g6_24_all-in-one_pc_firmware | * |
| hp | proone_600_g4_21.5-inch_touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_820_g3_firmware | * |
| hp | probook_455_g7_firmware | * |
| hp | elitedesk_705_g5_desktop_mini_pc_firmware | * |
| hp | z2_tower_g4_workstation_firmware | * |
| hp | pro_sff_400_g9_desktop_pc_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_pc_firmware | * |
| hp | elitedesk_800_g5_desktop_mini_pc_firmware | * |
| hp | elite_x2_1013_g3_firmware | * |
| hp | z238_microtower_workstation_firmware | * |
| hp | z2_tower_g5_workstation_firmware | * |
| hp | elitedesk_805_g8_desktop_mini_pc_firmware | * |
| hp | elite_x360_830_13_inch_g9_2-in-1_notebook_pc_firmware | * |
| hp | zbook_fury_15_g7_firmware | * |
| hp | zbook_x2_g4_firmware | * |
| hp | mt31_mobile_thin_client_firmware | * |
| hp | z840_workstation_firmware | * |
| hp | elitebook_745_g6_firmware | * |
| hp | proone_440_g6_24_all-in-one_pc_firmware | * |
| hp | eliteone_800_g4_23.8-in_healthcare_edition_all-in-one_business_pc_firmware | * |
| hp | elitebook_840_14_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g4_firmware | * |
| hp | zbook_power_15.6_inch_g9_mobile_workstation_pc_firmware | * |
| hp | eliteone_800_g5_23.8-inch_all-in-one_firmware | * |
| hp | elitebook_830_g7_firmware | * |
| hp | elitedesk_800_g6_desktop_mini_pc_firmware | * |
| hp | probook_650_g4_firmware | * |
| hp | elitedesk_805_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g4_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g3_desktop_mini_pc_firmware | * |
| hp | z2_mini_g3_workstation_firmware | * |
| hp | mt22_mobile_thin_client_firmware | * |
| hp | elite_x2_g8_tablet_firmware | * |
| hp | zhan_x_13_g2_firmware | * |
| hp | pro_x360_fortis_11_inch_g9_notebook_pc_firmware | * |
| hp | probook_455_g6_firmware | * |
| hp | proone_600_g5_21.5-in_all-in-one_business_pc_firmware | * |
| hp | elitebook_1040_14_inch_g9_notebook_pc_firmware | * |
| hp | elite_tower_680_g9_desktop_pc_firmware | * |
| hp | zcentral_4r_workstation_firmware | * |
| hp | elitebook_840_g5_healthcare_edition_firmware | * |
| hp | eliteone_800_g6_27_all-in-one_pc_firmware | * |
| hp | zhan_66_pro_a_14_g4_notebook_pc_firmware | * |
| hp | prodesk_600_g5_desktop_mini_pc_firmware | * |
| hp | mt46_mobile_thin_client_firmware | * |
| hp | elitedesk_880_g3_tower_pc_firmware | * |
| hp | elitedesk_805_g6_desktop_mini_pc_firmware | * |
| hp | z240_tower_workstation_firmware | * |
| hp | elitebook_745_g4_firmware | * |
| hp | elitebook_645_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_745_g3_firmware | * |
| hp | elite_slice_g2_with_intel_unite_firmware | * |
| hp | zbook_17_g4_firmware | * |
| hp | zbook_15u_g6_firmware | * |
| hp | zbook_power_g7_firmware | * |
| hp | elitebook_755_g4_firmware | * |
| hp | elitedesk_800_g3_small_form_factor_pc_firmware | * |
| hp | proone_400_g2_20-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_830_g8_firmware | * |
| hp | elitebook_x360_1030_g7_firmware | * |
| hp | pro_tower_400_g9_desktop_pc_firmware | * |
| hp | elitebook_836_g5_firmware | * |
| hp | elitedesk_800_35w_g4_desktop_mini_pc_firmware | * |
| hp | proone_440_g5_23.8-in_all-in-one_business_pc_firmware | * |
| hp | prodesk_600_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_a_14_g5_notebook_pc_firmware | * |
| hp | zbook_firefly_14_g7_firmware | * |
| hp | elitebook_855_g8_firmware | * |
| hp | elitedesk_800_35w_g3_desktop_mini_pc_firmware | * |
| hp | elitedesk_800_g4_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g6_tower_pc_firmware | * |
| hp | zbook_fury_17_g7_firmware | * |
| hp | elitedesk_800_65w_g3_desktop_mini_pc_firmware | * |
| hp | prodesk_600_g2_desktop_mini_pc_firmware | * |
| hp | z2_small_form_factor_g5_workstation_firmware | * |
| hp | elitebook_850_g8_firmware | * |
| hp | probook_635_aero_g7_firmware | * |
| hp | elitebook_x360_1030_g2_firmware | * |
| hp | eliteone_800_g2_23-inch_non-touch_all-in-one_pc_firmware | * |
| hp | probook_450_g3_firmware | * |
| hp | prodesk_680_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_1000_g1_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | zbook_fury_16_g9_mobile_workstation_pc_firmware | * |
| hp | probook_455_15.6_inch_g9_notebook_pc_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_with_zoom_rooms_firmware | * |
| hp | prodesk_405_g8_small_form_factor_pc_firmware | * |
| hp | elitebook_836_g6_firmware | * |
| hp | probook_645_g2_firmware | * |
| hp | prodesk_400_g5_small_form_factor_pc_firmware | * |
| hp | z440_workstation_firmware | * |
| hp | elite_x2_1012_g1_tablet_firmware | * |
| hp | engage_go_mobile_system_firmware | * |
| hp | engage_go_10_mobile_system_firmware | * |
| hp | zbook_studio_x360_g5_firmware | * |
| hp | elitebook_650_15.6_inch_g9_notebook_pc_firmware | * |
| hp | mt43_mobile_thin_client_firmware | * |
| hp | probook_x360_440_g1_firmware | * |
| hp | elitebook_840r_g4_firmware | * |
| hp | eliteone_800_g4_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | dragonfly_folio_13.5_inch_g3_2-in-1_notebook_pc_firmware | * |
| hp | elitebook_828_g4_firmware | * |
| hp | elitedesk_705_g4_desktop_mini_pc_firmware | * |
| hp | zbook_15_g4_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_all-in-one_pc_firmware | * |
| hp | prodesk_400_g6_microtower_pc_firmware | * |
| hp | pro_x360_fortis_11_inch_g10_notebook_pc_firmware | * |
| hp | elitebook_folio_g1_firmware | * |
| hp | mt44_mobile_thin_client_firmware | * |
| hp | elitedesk_705_g4_small_form_factor_pc_firmware | * |
| hp | elitebook_850_g7_firmware | * |
| hp | prodesk_600_g6_small_form_factor_pc_firmware | * |
| hp | mt42_mobile_thin_client_firmware | * |
| hp | elitebook_840_g7_firmware | * |
| hp | eliteone_1000_g2_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | elite_slice_firmware | * |
| hp | z1_g9_tower_desktop_pc_firmware | * |
| hp | elitedesk_880_g4_tower_pc_firmware | * |
| hp | elitebook_x360_1040_g6_firmware | * |
| hp | z2_small_form_factor_g4_workstation_firmware | * |
| hp | zbook_fury_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | zhan_66_pro_14_inch_g5_notebook_pc_firmware | * |
| hp | elitedesk_800_g6_small_form_factor_pc_firmware | * |
| hp | elitedesk_800_g8_tower_pc_firmware | * |
| hp | probook_640_g5_firmware | * |
| hp | elitebook_x360_830_g5_firmware | * |
| hp | zhan_66_pro_g1_firmware | * |
| hp | proone_400_g3_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_slice_g2_-_audio_ready_with_zoom_rooms_firmware | * |
| hp | zbook_15_g6_firmware | * |
| hp | elite_mini_800_g9_desktop_pc_firmware | * |
| hp | probook_445_g7_firmware | * |
| hp | probook_430_g6_firmware | * |
| hp | mt32_mobile_thin_client_firmware | * |
| hp | elitebook_840_g3_firmware | * |
| hp | elitebook_840_aero_g8_firmware | * |
| hp | probook_x360_11_g3_ee_firmware | * |
| hp | eliteone_800_g3_23.8-inch_non-touch_gpu_all-in-one_pc_firmware | * |
| hp | elite_x2_g4_firmware | * |
| hp | elitebook_x360_1040_g7_firmware | * |
| hp | elite_tower_880_g9_desktop_pc_firmware | * |
| hp | eliteone_1000_g2_27-in_4k_uhd_all-in-one_business_pc_firmware | * |
| hp | elite_dragonfly_13.5_inch_g3_notebook_pc_firmware | * |
| hp | elitedesk_705_g4_microtower_pc_firmware | * |
| hp | mt45_mobile_thin_client_firmware | * |
| hp | elitebook_850_g5_firmware | * |
| hp | elitebook_835_13_inch_g9_notebook_pc_firmware | * |
| hp | proone_440_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | elitebook_x360_1040_g5_firmware | * |
| hp | elitedesk_800_g5_small_form_factor_pc_firmware | * |
| hp | zbook_create_g7_firmware | * |
| hp | elitebook_828_g3_firmware | * |
| hp | elitebook_755_g5_firmware | * |
| hp | elitebook_x360_1030_g3_firmware | * |
| hp | elitebook_840_g4_firmware | * |
| hp | prodesk_400_g2_desktop_mini_pc_firmware | * |
| hp | proone_600_g2_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_sff_800_g9_desktop_pc_firmware | * |
| hp | probook_655_g3_firmware | * |
| hp | zhan_66_pro_15_g3_firmware | * |
| hp | prodesk_600_g5_microtower_pc_firmware | * |
| hp | probook_x360_11_g2_ee_firmware | * |
| hp | proone_600_g6_22_all-in-one_pc_firmware | * |
| hp | zbook_17_g6_firmware | * |
| hp | proone_400_g4_20-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | eliteone_800_g5_23.8-in_healthcare_edition_all-in-one_firmware | * |
| hp | elitebook_830_13.3_inch_g9_notebook_pc_firmware | * |
| hp | z2_mini_g9_workstation_firmware | * |
| hp | zbook_firefly_16_inch_g9_mobile_workstation_pc_firmware | * |
| hp | z2_mini_g4_workstation_firmware | * |
| hp | zhan_66_pro_g3_24_all-in-one_pc_firmware | * |
| hp | elitebook_846_g5_firmware | * |
| hp | elitedesk_800_65w_g4_desktop_mini_pc_firmware | * |
| hp | elitedesk_805_g8_small_form_factor_pc_firmware | * |
| hp | eliteone_800_g6_24_all-in-one_pc_firmware | * |
| hp | probook_650_g3_firmware | * |
| hp | elitedesk_705_g3_desktop_mini_pc_firmware | * |
| hp | elitebook_x360_1020_g2_firmware | * |
| hp | elite_slice_for_meeting_rooms_firmware | * |
| hp | zbook_studio_15.6_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elitebook_850_g6_firmware | * |
| hp | elitebook_745_g5_firmware | * |
| hp | proone_600_g3_21.5-inch_non-touch_all-in-one_pc_firmware | * |
| hp | eliteone_1000_g1_34-in_curved_all-in-one_business_pc_firmware | * |
| hp | proone_400_g2_20-inch_non-touch_all-in-one_pc_firmware | * |
| hp | elite_x2_1012_g2_firmware | * |
| hp | probook_470_g5_firmware | * |
| hp | prodesk_400_g4_desktop_mini_pc_firmware | * |
| hp | elitebook_1050_g1_firmware | * |
| hp | elitedesk_880_g8_tower_pc_firmware | * |
| hp | probook_x360_435_g7_firmware | * |
| hp | probook_650_g5_firmware | * |
| hp | z2_tower_g8_workstation_firmware | * |
| hp | elitebook_850_g3_firmware | * |
| hp | proone_400_g6_20_all-in-one_pc_firmware | * |
| hp | probook_440_g3_firmware | * |
| hp | elitebook_835_g7_firmware | * |
| hp | prodesk_600_g4_microtower_pc_(with_pci_slot)_firmware | * |
| hp | z4_g4_workstation_(xeon_w)_firmware | * |
| hp | zbook_fury_17.3_inch_g8_mobile_workstation_pc_firmware | * |
| hp | elite_dragonfly_firmware | * |
| hp | elitedesk_800_65w_g2_desktop_mini_pc_firmware | * |
| hp | probook_x360_11_g4_ee_firmware | * |
| hp | z1_entry_tower_g5_firmware | * |
| hp | proone_600_g2_21.5-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_845_g8_firmware | * |
| hp | elitedesk_800_g3_tower_pc_firmware | * |
| hp | elitebook_840_g5_firmware | * |
| hp | elitebook_850_g4_firmware | * |
| hp | proone_440_23.8_inch_g9_all-in-one_desktop_pc_firmware | * |
| hp | prodesk_480_g7_pci_microtower_pc_firmware | * |
| hp | z640_workstation_firmware | * |
| hp | z4_g4_workstation_(core-x)_firmware | * |
| hp | prodesk_400_g5_desktop_mini_pc_firmware | * |
| hp | z1_entry_tower_g6_firmware | * |
| hp | elitedesk_800_g4_workstation_edition_firmware | * |
| hp | probook_x360_11_g5_ee_firmware | * |
| hp | pro_x2_612_g2_firmware | * |
| hp | elitedesk_705_g3_small_form_factor_pc_firmware | * |
| hp | z240_small_form_factor_workstation_firmware | * |
| hp | zbook_14u_g4_firmware | * |
| hp | probook_446_g3_firmware | * |
| hp | eliteone_800_g3_23.8_non-touch_healthcare_edition_all-in-one_pc_firmware | * |
| hp | probook_11_ee_g2_firmware | * |
| hp | elitebook_630_13_inch_g9_notebook_pc_firmware | * |
| hp | elite_slice_g2_with_microsoft_teams_rooms_firmware | * |
| hp | prodesk_480_g6_microtower_pc_firmware | * |
| hp | pro_mini_400_g9_desktop_pc_firmware | * |
| hp | probook_650_g2_firmware | * |
| hp | elitebook_735_g5_firmware | * |
| hp | probook_455_g3_firmware | * |
| hp | elitebook_860_16_inch_g9_notebook_pc_firmware | * |
| hp | prodesk_600_g6_microtower_pc_firmware | * |
| hp | z2_tower_g9_workstation_firmware | * |
| hp | prodesk_400_g7_small_form_factor_pc_firmware | * |
| hp | elite_x2_1012_g1_firmware | * |
| hp | zbook_studio_g4_firmware | * |
| hp | probook_655_g2_firmware | * |
| hp | prodesk_600_g3_small_form_factor_pc_firmware | * |
| hp | probook_430_g5_firmware | * |
| hp | probook_640_g8_firmware | * |
| hp | elitebook_x360_830_g7_firmware | * |
| hp | elitebook_725_g4_firmware | * |
| hp | prodesk_400_g5_microtower_pc_firmware | * |
| hp | elitebook_845_14_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_830_g6_firmware | * |
| hp | zbook_studio_g5_firmware | * |
| hp | proone_400_g4_23.8-inch_non-touch_all-in-one_business_pc_firmware | * |
| hp | probook_x360_11_g6_ee_firmware | * |
| hp | elite_tower_600_g9_desktop_pc_firmware | * |
| hp | prodesk_400_g6_small_form_factor_pc_firmware | * |
| hp | prodesk_405_g8_desktop_mini_pc_firmware | * |
| hp | elitedesk_705_g5_small_form_factor_pc_firmware | * |
| hp | prodesk_400_g4_small_form_factor_pc_firmware | * |
| hp | zbook_15_g5_firmware | * |
| hp | prodesk_680_g4_microtower_pc_firmware | * |
| hp | zhan_66_pro_14_g4_notebook_pc_firmware | * |
| hp | eliteone_1000_g1_23.8-in_touch_all-in-one_business_pc_firmware | * |
| hp | elitedesk_880_g6_tower_pc_firmware | * |
| hp | probook_430_g7_firmware | * |
| hp | zhan_66_pro_g3_22_all-in-one_pc_firmware | * |
| hp | eliteone_800_g3_23.8-inch_touch_all-in-one_pc_firmware | * |
| hp | elitebook_655_15.6_inch_g9_notebook_pc_firmware | * |
| hp | elitebook_848_g4_firmware | * |
| hp | zbook_15u_g3_firmware | * |
| hp | probook_455r_g6_firmware | * |
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | desktop_pro_300_g3_firmware | * |
| hp | zhan_66_pro_g1_r_microtower_firmware | * |
| hp | 280_g3_microtower_pc_firmware | * |
| hp | 290_g1_microtower_firmware | * |
| hp | desktop_pro_g3_microtower_firmware | * |
| hp | desktop_pro_a_g3_microtower_firmware | * |
| hp | desktop_pro_a_300_g3_firmware | * |
| hp | 260_g3_desktop_mini_firmware | * |
| hp | zhan_66_pro_a_g1_r_microtower_firmware | * |
| hp | 260_g4_desktop_mini_firmware | * |
| hp | 280_g3_pci_microtower_pc_firmware | * |
| hp | rp2_retail_system_2020_firmware | * |
| hp | 348_g4_firmware | * |
| hp | desktop_pro_a_g2_microtower_firmware | * |
| hp | desktop_pro_microtower_firmware | * |
| hp | rp2_retail_system_2000_firmware | * |
| hp | 260_g2_desktop_mini_firmware | * |
| hp | zhan_66_pro_a_g1_microtower_firmware | * |
| hp | zhan_86_pro_g1_microtower_firmware | * |
| hp | 288_pro_g3_microtower_pc_firmware | * |
| hp | 218_pro_g5_mt_firmware | * |
| hp | rp2_retail_system_2030_firmware | * |
| hp | desktop_pro_g3_firmware | * |
| hp | desktop_pro_a_g3_firmware | * |
| hp | desktop_pro_a_g2_firmware | * |
Certain HP ENVY, OfficeJet, and DeskJet printers may be vulnerable to a Denial of Service attack.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | m2u86b_firmware | * |
| hp | z4a54a_firmware | * |
| hp | z4a73a_firmware | * |
| hp | z4a69a_firmware | * |
| hp | z4a71a_firmware | * |
| hp | m2u84a_firmware | * |
| hp | m2u84b_firmware | * |
| hp | m2u81b_firmware | * |
| hp | m2u82a_firmware | * |
| hp | m2u87b_firmware | * |
| hp | z4b14a_firmware | * |
| hp | z4b29a_firmware | * |
| hp | m2u94b_firmware | * |
| hp | z4b12a_firmware | * |
| hp | m2u88b_firmware | * |
| hp | z4b18a_firmware | * |
| hp | m2u82b_firmware | * |
| hp | m2u92b_firmware | * |
| hp | z4a61b_firmware | * |
| hp | m2u77a_firmware | * |
| hp | z4a70a_firmware | * |
| hp | z4a59a_firmware | * |
| hp | m2u81a_firmware | * |
| hp | z4b13a_firmware | * |
| hp | z4a61a_firmware | * |
| hp | z4b28a_firmware | * |
| hp | m2u76a_firmware | * |
| hp | m2u85b_firmware | * |
| hp | m2u89b_firmware | * |
| hp | m2u86a_firmware | * |
| hp | m2u91a_firmware | * |
| hp | z4b27a_firmware | * |
| hp | m2u86c_firmware | * |
| hp | m2u92a_firmware | * |
| hp | m2u87a_firmware | * |
| hp | m2u91b_firmware | * |
| hp | m2u75a_firmware | * |
| hp | z4a74a_firmware | * |
| hp | m2u94a_firmware | * |
| hp | m2u85a_firmware | * |
| hp | z4a60a_firmware | * |
Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | security_manager | * |
Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | security_manager | * |
Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | security_manager | * |
Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | security_manager | * |
Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | z2_tower_g9_firmware | * |
| hp | pro_sff_400_g9_firmware | * |
| hp | elite_tower_680_g9_firmware | * |
| hp | z2_small_form_factor_g8_firmware | * |
| hp | z2_mini_g9_firmware | * |
| hp | elite_mini_800_g9_firmware | * |
| hp | z1_g9_tower_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_firmware | * |
| hp | pro_mini_260_g9_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_firmware | * |
| hp | elite_sff_800_g9_firmware | * |
| hp | z1_g8_tower_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_firmware | * |
| hp | elite_tower_600_g9_firmware | * |
| hp | z2_small_form_factor_g9_firmware | * |
| hp | elite_mini_600_g9_firmware | * |
| hp | elite_tower_800_g9_firmware | * |
| hp | elitedesk_880_g8_tower_firmware | * |
| hp | z2_tower_g8_firmware | * |
| hp | pro_mini_400_g9_firmware | * |
| hp | elite_sff_600_g9_firmware | * |
| hp | elitedesk_800_g8_tower_firmware | * |
| hp | elite_tower_880_g9_firmware | * |
| hp | pro_tower_480_g9_firmware | * |
| hp | pro_tower_400_g9_firmware | * |
| hp | mini_conferencing_pc_firmware | * |
Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | z2_tower_g9_firmware | * |
| hp | pro_sff_400_g9_firmware | * |
| hp | elite_tower_680_g9_firmware | * |
| hp | z2_small_form_factor_g8_firmware | * |
| hp | z2_mini_g9_firmware | * |
| hp | elite_mini_800_g9_firmware | * |
| hp | z1_g9_tower_firmware | * |
| hp | eliteone_800_g8_24_all-in-one_firmware | * |
| hp | pro_mini_260_g9_firmware | * |
| hp | elitedesk_800_g8_desktop_mini_firmware | * |
| hp | elite_sff_800_g9_firmware | * |
| hp | z1_g8_tower_firmware | * |
| hp | eliteone_800_g8_27_all-in-one_firmware | * |
| hp | elitedesk_800_g8_small_form_factor_firmware | * |
| hp | elite_tower_600_g9_firmware | * |
| hp | z2_small_form_factor_g9_firmware | * |
| hp | elite_mini_600_g9_firmware | * |
| hp | elite_tower_800_g9_firmware | * |
| hp | elitedesk_880_g8_tower_firmware | * |
| hp | z2_tower_g8_firmware | * |
| hp | pro_mini_400_g9_firmware | * |
| hp | elite_sff_600_g9_firmware | * |
| hp | elitedesk_800_g8_tower_firmware | * |
| hp | elite_tower_880_g9_firmware | * |
| hp | pro_tower_480_g9_firmware | * |
| hp | pro_tower_400_g9_firmware | * |
| hp | mini_conferencing_pc_firmware | * |
**UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H | 2.3 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | deskjet_2540_a9u23b_firmware | cep1fn1418br |
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | 1.3 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 714z9a_firmware | - |
| samsung | ss153f_firmware | - |
| samsung | ss397p_firmware | - |
| samsung | 7gf48a#ab1_firmware | - |
| samsung | ss210h_firmware | - |
| samsung | ss229a_firmware | - |
| samsung | ss272f_firmware | - |
| samsung | ss359k_firmware | - |
| samsung | ss398d_firmware | - |
| samsung | ss380b_firmware | - |
| samsung | ss211d_firmware | - |
| samsung | ss271k_firmware | - |
| samsung | ss404c_firmware | - |
| samsung | 7fq97a#ab1_firmware | - |
| samsung | ss257q_firmware | - |
| samsung | ss041c_firmware | - |
| samsung | ss353c_firmware | - |
| samsung | ss272d_firmware | - |
| samsung | ss107f_firmware | - |
| hp | 6hu12a_firmware | - |
| samsung | ss378b_firmware | - |
| samsung | ss106j_firmware | - |
| samsung | ss383l_firmware | - |
| samsung | ss152d_firmware | - |
| samsung | ss391e_firmware | - |
| samsung | st679c_firmware | - |
| samsung | ss388l_firmware | - |
| samsung | ss256z_firmware | - |
| samsung | 3b0c5a#ab1_firmware | - |
| samsung | ss343g_firmware | - |
| samsung | ss397h_firmware | - |
| samsung | ss107c_firmware | - |
| samsung | ss388b_firmware | - |
| samsung | 7fr02a#ab1_firmware | - |
| samsung | ss033c_firmware | - |
| samsung | ss230h_firmware | - |
| samsung | ss378d_firmware | - |
| samsung | ss257f_firmware | - |
| samsung | ss230z_firmware | - |
| samsung | ss204m_firmware | - |
| samsung | ss043c_firmware | - |
| samsung | ss204j_firmware | - |
| samsung | ss272p_firmware | - |
| samsung | 7gf49a#ab1_firmware | - |
| samsung | ss058b_firmware | - |
| samsung | ss359j_firmware | - |
| samsung | ss377h_firmware | - |
| samsung | sw176b_firmware | - |
| samsung | ss234a_firmware | - |
| hp | 6hu10a_firmware | - |
| samsung | ss340a_firmware | - |
| samsung | ss335a_firmware | - |
| samsung | ss378e_firmware | - |
| samsung | ss335f_firmware | - |
| samsung | ss390h_firmware | - |
| samsung | ss389h_firmware | - |
| samsung | ss205a_firmware | - |
| samsung | ss150s_firmware | - |
| samsung | ss044d_firmware | - |
| samsung | ss043k_firmware | - |
| samsung | ss033m_firmware | - |
| samsung | ss377j_firmware | - |
| samsung | ss357a_firmware | - |
| samsung | ss395k_firmware | - |
| samsung | ss076d_firmware | - |
| samsung | ss210e_firmware | - |
| samsung | ss368a_firmware | - |
| samsung | ss033d_firmware | - |
| samsung | ss353b_firmware | - |
| samsung | ss389j_firmware | - |
| samsung | ss106a_firmware | - |
| samsung | ss044f_firmware | - |
| samsung | ss153l_firmware | - |
| samsung | ss367d_firmware | - |
| samsung | ss106g_firmware | - |
| samsung | ss153k_firmware | - |
| samsung | ss108a_firmware | - |
| samsung | ss352j_firmware | - |
| samsung | ss265a_firmware | - |
| samsung | 7fq87a#ab1_firmware | - |
| hp | 715a0a_firmware | - |
| samsung | ss389n_firmware | - |
| samsung | st693a_firmware | - |
| samsung | sw116b_firmware | - |
| samsung | ss398f_firmware | - |
| samsung | ss041d_firmware | - |
| samsung | ss353e_firmware | - |
| hp | 6hu11a_firmware | - |
| samsung | ss107l_firmware | - |
| samsung | ss352k_firmware | - |
| samsung | ss108j_firmware | - |
| samsung | ss059j_firmware | - |
| samsung | ss404m_firmware | - |
| hp | 8af50a_firmware | - |
| samsung | ss198a_firmware | - |
| samsung | ss342e_firmware | - |
| samsung | ss150m_firmware | - |
| samsung | ss353k_firmware | - |
| samsung | 7fq88a#ab1_firmware | - |
| samsung | ss396f_firmware | - |
| samsung | ss386b_firmware | - |
| samsung | ss195b_firmware | - |
| samsung | ss383g_firmware | - |
| samsung | ss378c_firmware | - |
| samsung | ss379a_firmware | - |
| samsung | ss383m_firmware | - |
| samsung | st683a_firmware | - |
| samsung | ss352a_firmware | - |
| samsung | ss205u_firmware | - |
| samsung | ss352n_firmware | - |
| samsung | ss353j_firmware | - |
| samsung | ss196b_firmware | - |
| samsung | ss102a_firmware | - |
| samsung | st694a_firmware | - |
| samsung | ss264a_firmware | - |
| samsung | ss377k_firmware | - |
| samsung | ss368j_firmware | - |
| samsung | ss329a_firmware | - |
| hp | 4zb90a_firmware | - |
| hp | 4zb92a_firmware | - |
| samsung | ss233a_firmware | - |
| samsung | ss378g_firmware | - |
| samsung | ss396h_firmware | - |
| samsung | ss404d_firmware | - |
| samsung | ss256c_firmware | - |
| samsung | ss106t_firmware | - |
| samsung | ss389l_firmware | - |
| samsung | ss076v_firmware | - |
| samsung | 7fq98a#ab1_firmware | - |
| samsung | ss058g_firmware | - |
| samsung | ss059b_firmware | - |
| samsung | ss153a_firmware | - |
| samsung | ss108h_firmware | - |
| samsung | 3b0d1a#ab1_firmware | - |
| samsung | ss386a_firmware | - |
| samsung | 8pa14a#302_firmware | - |
| samsung | ss272k_firmware | - |
| samsung | ss390f_firmware | - |
| samsung | ss275a_firmware | - |
| samsung | ss281a_firmware | - |
| samsung | ss076a_firmware | - |
| samsung | ss273a_firmware | - |
| samsung | st688f_firmware | - |
| samsung | ss383q_firmware | - |
| samsung | st683e_firmware | - |
| samsung | ss216n_firmware | - |
| samsung | ss272l_firmware | - |
| samsung | ss390d_firmware | - |
| samsung | ss327b_firmware | - |
| samsung | ss349e_firmware | - |
| samsung | ss196a_firmware | - |
| samsung | ss323a_firmware | - |
| samsung | ss204c_firmware | - |
| samsung | ss150c_firmware | - |
| samsung | ss059g_firmware | - |
| samsung | ss395e_firmware | - |
| samsung | ss396g_firmware | - |
| samsung | ss365k_firmware | - |
| hp | 2zn49a_firmware | - |
| samsung | ss338a_firmware | - |
| samsung | ss287a_firmware | - |
| samsung | ss105e_firmware | - |
| samsung | ss205d_firmware | - |
| samsung | ss211l_firmware | - |
| samsung | ss150f_firmware | - |
| samsung | ss377f_firmware | - |
| samsung | ss352h_firmware | - |
| samsung | ss322c_firmware | - |
| samsung | st683b_firmware | - |
| samsung | ss075e_firmware | - |
| samsung | ss339d_firmware | - |
| samsung | ss076m_firmware | - |
| samsung | 3b0c1a#304_firmware | - |
| samsung | ss204f_firmware | - |
| samsung | ss076u_firmware | - |
| samsung | ss107m_firmware | - |
| samsung | ss255b_firmware | - |
| samsung | ss211m_firmware | - |
| samsung | ss378c#304_firmware | - |
| samsung | ss343a_firmware | - |
| samsung | ss229j_firmware | - |
| hp | 7zb19a_firmware | - |
| samsung | ss204h_firmware | - |
| samsung | ss395b_firmware | - |
| samsung | ss337a_firmware | - |
| samsung | ss218e_firmware | - |
| samsung | ss383w_firmware | - |
| samsung | ss229h_firmware | - |
| samsung | ss216q_firmware | - |
| samsung | 7fq93a#ab1_firmware | - |
| samsung | ss272g_firmware | - |
| samsung | ss378h_firmware | - |
| samsung | ss328b_firmware | - |
| samsung | ss353h_firmware | - |
| samsung | ss105a_firmware | - |
| samsung | ss105b_firmware | - |
| samsung | ss404f_firmware | - |
| samsung | st688c_firmware | - |
| samsung | ss041j_firmware | - |
| samsung | ss213d_firmware | - |
| samsung | ss342g_firmware | - |
| samsung | ss326c_firmware | - |
| samsung | ss254g_firmware | - |
| hp | 7zb72a_firmware | - |
| samsung | ss389e_firmware | - |
| samsung | ss394a_firmware | - |
| samsung | ss059a_firmware | - |
| samsung | ss150e_firmware | - |
| samsung | ss367f_firmware | - |
| samsung | ss397c_firmware | - |
| samsung | ss150a_firmware | - |
| samsung | ss105h_firmware | - |
| samsung | ss075h_firmware | - |
| samsung | ss326b_firmware | - |
| samsung | st686d_firmware | - |
| samsung | ss210k_firmware | - |
| samsung | ss210f_firmware | - |
| samsung | ss043e_firmware | - |
| samsung | ss049d_firmware | - |
| samsung | st673c_firmware | - |
| samsung | ss390b_firmware | - |
| samsung | ss153d_firmware | - |
| samsung | ss106h_firmware | - |
| samsung | ss255c_firmware | - |
| samsung | ss359g_firmware | - |
| samsung | ss058f_firmware | - |
| samsung | ss033f_firmware | - |
| samsung | ss216k_firmware | - |
| samsung | ss107g_firmware | - |
| samsung | ss368b_firmware | - |
| samsung | ss279a_firmware | - |
| samsung | 7fr05a#ab1_firmware | - |
| samsung | ss281b_firmware | - |
| samsung | ss076n_firmware | - |
| samsung | ss150g_firmware | - |
| samsung | 7fq99a#ab1_firmware | - |
| samsung | ss378a_firmware | - |
| samsung | ss076b_firmware | - |
| samsung | ss149a_firmware | - |
| samsung | ss388g_firmware | - |
| samsung | ss254f_firmware | - |
| samsung | ss335g_firmware | - |
| samsung | ss395j_firmware | - |
| samsung | st673a_firmware | - |
| hp | 4zb89a_firmware | - |
| samsung | ss359e_firmware | - |
| samsung | ss390g_firmware | - |
| samsung | ss349b_firmware | - |
| samsung | ss041a_firmware | - |
| samsung | ss204a_firmware | - |
| samsung | ss398g_firmware | - |
| samsung | ss204d_firmware | - |
| samsung | ss340c_firmware | - |
| samsung | ss219c_firmware | - |
| samsung | ss404g_firmware | - |
| samsung | 8pa12a#302_firmware | - |
| samsung | ss230j_firmware | - |
| samsung | ss218c_firmware | - |
| samsung | 7fq91a#ab1_firmware | - |
| samsung | ss343d_firmware | - |
| samsung | st683d_firmware | - |
| hp | 4zb86a_firmware | - |
| samsung | ss152c_firmware | - |
| samsung | ss340d_firmware | - |
| samsung | ss257d_firmware | - |
| samsung | st673d_firmware | - |
| samsung | ss216v_firmware | - |
| samsung | ss349d_firmware | - |
| samsung | ss197a_firmware | - |
| samsung | ss076t_firmware | - |
| samsung | 3a9x8a#ab1_firmware | - |
| samsung | ss384c_firmware | - |
| samsung | ss237a_firmware | - |
| samsung | ss368c_firmware | - |
| samsung | ss204k_firmware | - |
| samsung | ss277b_firmware | - |
| samsung | ss219b_firmware | - |
| samsung | ss352p_firmware | - |
| samsung | ss150k_firmware | - |
| hp | 8af51a_firmware | - |
| samsung | ss042j_firmware | - |
| samsung | ss043j_firmware | - |
| samsung | ss153b_firmware | - |
| samsung | ss076s_firmware | - |
| samsung | ss059c_firmware | - |
| samsung | ss333a_firmware | - |
| samsung | ss033l_firmware | - |
| samsung | 3b0c0a#301_firmware | - |
| samsung | ss211g_firmware | - |
| samsung | ss377b_firmware | - |
| samsung | ss397q_firmware | - |
| samsung | ss027e_firmware | - |
| samsung | 7fq89a#ab1_firmware | - |
| samsung | ss271s_firmware | - |
| samsung | ss044e_firmware | - |
| samsung | ss213g_firmware | - |
| samsung | ss404p_firmware | - |
| samsung | ss352f_firmware | - |
| samsung | ss075a_firmware | - |
| samsung | ss211f_firmware | - |
| samsung | ss210j_firmware | - |
| samsung | ss367b_firmware | - |
| samsung | ss391f_firmware | - |
| samsung | st690c_firmware | - |
| samsung | ss076f_firmware | - |
| samsung | ss271f_firmware | - |
| samsung | ss033a_firmware | - |
| samsung | ss075b_firmware | - |
| samsung | ss042h_firmware | - |
| samsung | ss359f_firmware | - |
| samsung | ss271h_firmware | - |
| samsung | ss043h_firmware | - |
| samsung | ss278a_firmware | - |
| samsung | ss339f_firmware | - |
| samsung | ss389t_firmware | - |
| samsung | ss210n_firmware | - |
| samsung | ss359z_firmware | - |
| samsung | ss349f_firmware | - |
| hp | 9vv52a_firmware | - |
| samsung | ss359m_firmware | - |
| samsung | st682b_firmware | - |
| samsung | ss271p_firmware | - |
| samsung | ss331a_firmware | - |
| samsung | ss256p_firmware | - |
| samsung | ss106p_firmware | - |
| samsung | ss204e_firmware | - |
| samsung | ss397a_firmware | - |
| samsung | ss218b_firmware | - |
| samsung | ss348a_firmware | - |
| samsung | ss335b_firmware | - |
| samsung | ss324a_firmware | - |
| samsung | ss383j_firmware | - |
| samsung | ss393c_firmware | - |
| samsung | ss389g_firmware | - |
| samsung | ss229b_firmware | - |
| samsung | ss257c_firmware | - |
| samsung | ss229e_firmware | - |
| samsung | ss326e_firmware | - |
| samsung | ss254b_firmware | - |
| samsung | ss106z_firmware | - |
| samsung | ss106e_firmware | - |
| samsung | st694c_firmware | - |
| samsung | ss153e_firmware | - |
| samsung | ss230l_firmware | - |
| samsung | ss377l_firmware | - |
| samsung | ss389s_firmware | - |
| samsung | ss058d_firmware | - |
| hp | 4zb88a_firmware | - |
| hp | 1vr14a_firmware | - |
| samsung | ss404a_firmware | - |
| samsung | ss378k_firmware | - |
| samsung | ss343e_firmware | - |
| samsung | ss367e_firmware | - |
| samsung | ss204n_firmware | - |
| hp | 715a6a_firmware | - |
| samsung | ss205c_firmware | - |
| samsung | ss049l_firmware | - |
| samsung | ss041f_firmware | - |
| samsung | ss341a_firmware | - |
| samsung | ss276a_firmware | - |
| samsung | ss058h_firmware | - |
| samsung | st688b_firmware | - |
| samsung | st694b_firmware | - |
| samsung | ss268b_firmware | - |
| hp | 6hu09a_firmware | - |
| samsung | ss404z_firmware | - |
| samsung | ss205g_firmware | - |
| samsung | ss196h_firmware | - |
| samsung | ss150t_firmware | - |
| samsung | ss340b_firmware | - |
| samsung | ss377p_firmware | - |
| samsung | ss322a_firmware | - |
| samsung | ss211h_firmware | - |
| samsung | sv531a_firmware | - |
| samsung | ss395f_firmware | - |
| samsung | ss384e_firmware | - |
| samsung | ss254a_firmware | - |
| samsung | ss042f_firmware | - |
| samsung | ss395d_firmware | - |
| samsung | ss219d_firmware | - |
| samsung | st687a_firmware | - |
| samsung | ss365c_firmware | - |
| samsung | st682c_firmware | - |
| samsung | 7fq96a#ab1_firmware | - |
| samsung | ss256l_firmware | - |
| samsung | ss396e_firmware | - |
| samsung | ss275b_firmware | - |
| samsung | ss272m_firmware | - |
| samsung | ss348c_firmware | - |
| samsung | ss205k_firmware | - |
| samsung | ss389u_firmware | - |
| samsung | ss210c_firmware | - |
| samsung | ss033k_firmware | - |
| samsung | st686g_firmware | - |
| samsung | ss108c_firmware | - |
| samsung | ss152b_firmware | - |
| samsung | ss033h_firmware | - |
| samsung | ss216b_firmware | - |
| samsung | ss349c_firmware | - |
| samsung | ss397d_firmware | - |
| samsung | ss332a_firmware | - |
| samsung | ss283a_firmware | - |
| samsung | st686h_firmware | - |
| samsung | ss396d_firmware | - |
| samsung | ss267a_firmware | - |
| samsung | ss218d_firmware | - |
| samsung | ss288a_firmware | - |
| samsung | ss273b_firmware | - |
| samsung | ss271n_firmware | - |
| samsung | ss196f_firmware | - |
| samsung | ss256b_firmware | - |
| samsung | ss397b_firmware | - |
| samsung | ss059d_firmware | - |
| samsung | ss383b_firmware | - |
| samsung | 8pa10a#301_firmware | - |
| samsung | ss108e_firmware | - |
| samsung | ss377c_firmware | - |
| samsung | ss365e_firmware | - |
| samsung | ss330b_firmware | - |
| samsung | ss150q_firmware | - |
| samsung | ss392c_firmware | - |
| samsung | ss230a_firmware | - |
| samsung | ss027c_firmware | - |
| hp | 4zb94a_firmware | - |
| samsung | ss211p_firmware | - |
| samsung | st683c_firmware | - |
| samsung | ss391d_firmware | - |
| samsung | ss257a_firmware | - |
| samsung | ss262a_firmware | - |
| samsung | ss150n_firmware | - |
| samsung | ss383u_firmware | - |
| hp | 4zb85a_firmware | - |
| samsung | ss271l_firmware | - |
| samsung | ss256e_firmware | - |
| samsung | ss272h_firmware | - |
| samsung | ss257h_firmware | - |
| samsung | ss152a_firmware | - |
| samsung | ss343c_firmware | - |
| samsung | ss276b_firmware | - |
| samsung | st686e_firmware | - |
| samsung | ss103a_firmware | - |
| samsung | ss397m_firmware | - |
| samsung | ss389m_firmware | - |
| samsung | ss033g_firmware | - |
| samsung | ss384b_firmware | - |
| samsung | ss150d_firmware | - |
| samsung | ss383p_firmware | - |
| samsung | ss254c_firmware | - |
| samsung | ss153h_firmware | - |
| samsung | 7fq94a#ab1_firmware | - |
| samsung | ss388j_firmware | - |
| samsung | ss395q_firmware | - |
| samsung | ss342b_firmware | - |
| samsung | st682a_firmware | - |
| samsung | ss108k_firmware | - |
| samsung | ss210b_firmware | - |
| samsung | ss390c_firmware | - |
| samsung | ss230c_firmware | - |
| samsung | ss213h_firmware | - |
| samsung | ss150p_firmware | - |
| samsung | st689a_firmware | - |
| samsung | st673b_firmware | - |
| samsung | ss107j_firmware | - |
| samsung | st693d_firmware | - |
| samsung | 3a9x1a#ab1_firmware | - |
| samsung | ss377d_firmware | - |
| samsung | ss218j_firmware | - |
| samsung | ss042d_firmware | - |
| samsung | ss256g_firmware | - |
| samsung | ss216p_firmware | - |
| samsung | ss271e_firmware | - |
| samsung | ss335h_firmware | - |
| samsung | ss059f_firmware | - |
| samsung | ss043a_firmware | - |
| samsung | ss383t_firmware | - |
| samsung | ss256d_firmware | - |
| samsung | ss108l_firmware | - |
| samsung | ss389f_firmware | - |
| samsung | ss339g_firmware | - |
| samsung | ss044l_firmware | - |
| samsung | ss370a_firmware | - |
| samsung | st688d_firmware | - |
| samsung | 7gf50a#ab1_firmware | - |
| samsung | ss339e_firmware | - |
| samsung | ss044n_firmware | - |
| samsung | st695d_firmware | - |
| samsung | ss282c_firmware | - |
| samsung | ss335e_firmware | - |
| samsung | ss388c_firmware | - |
| samsung | ss107n_firmware | - |
| samsung | ss154a_firmware | - |
| samsung | sw192a_firmware | - |
| samsung | ss352b_firmware | - |
| samsung | ss044h_firmware | - |
| samsung | ss106k_firmware | - |
| samsung | ss266a_firmware | - |
| samsung | ss389c_firmware | - |
| samsung | ss044k_firmware | - |
| hp | 715a2a_firmware | - |
| samsung | sw176c_firmware | - |
| samsung | ss076k_firmware | - |
| samsung | ss204l_firmware | - |
| samsung | st679g_firmware | - |
| samsung | ss342d_firmware | - |
| samsung | ss257n_firmware | - |
| hp | 715a3a_firmware | - |
| samsung | ss343b_firmware | - |
| samsung | ss205h_firmware | - |
| samsung | 3b0c9a#304_firmware | - |
| samsung | ss107b_firmware | - |
| samsung | ss272a_firmware | - |
| samsung | ss263a_firmware | - |
| samsung | ss105j_firmware | - |
| hp | 8af52a_firmware | - |
| samsung | ss369d_firmware | - |
| samsung | ss330c_firmware | - |
| samsung | ss388f_firmware | - |
| samsung | ss353a_firmware | - |
| samsung | ss377e_firmware | - |
| samsung | ss217a_firmware | - |
| samsung | ss396a_firmware | - |
| samsung | ss391b_firmware | - |
| samsung | ss027l_firmware | - |
| samsung | ss386d_firmware | - |
| samsung | 3b0d3a#301_firmware | - |
| samsung | ss041h_firmware | - |
| samsung | ss049e_firmware | - |
| samsung | ss393a_firmware | - |
| samsung | ss378j_firmware | - |
| samsung | ss216u_firmware | - |
| samsung | ss387a_firmware | - |
| samsung | ss335d_firmware | - |
| samsung | ss365l_firmware | - |
| samsung | ss105g_firmware | - |
| samsung | ss383n_firmware | - |
| samsung | ss369a_firmware | - |
| samsung | ss369b_firmware | - |
| samsung | 7fr00a#ab1_firmware | - |
| samsung | ss391a_firmware | - |
| samsung | ss210g_firmware | - |
| hp | 2ky38a_firmware | - |
| samsung | ss383y_firmware | - |
| samsung | ss398a_firmware | - |
| samsung | ss106q_firmware | - |
| samsung | 7gf54a#ab1_firmware | - |
| samsung | ss272n_firmware | - |
| samsung | ss395n_firmware | - |
| samsung | 3b0c8a#ab1_firmware | - |
| samsung | ss049h_firmware | - |
| samsung | ss106m_firmware | - |
| samsung | ss404b_firmware | - |
| samsung | ss392a_firmware | - |
| samsung | ss369c_firmware | - |
| samsung | ss257g_firmware | - |
| samsung | ss210a_firmware | - |
| samsung | ss359d_firmware | - |
| samsung | ss218h_firmware | - |
| samsung | st679a_firmware | - |
| samsung | ss237b_firmware | - |
| samsung | ss216m_firmware | - |
| samsung | ss388h_firmware | - |
| samsung | ss382a_firmware | - |
| samsung | ss256a_firmware | - |
| samsung | ss076q_firmware | - |
| hp | 4zb91a_firmware | - |
| samsung | ss368g_firmware | - |
| samsung | ss205q_firmware | - |
| samsung | ss396c_firmware | - |
| samsung | ss075f_firmware | - |
| samsung | 3a9x3a#ab1_firmware | - |
| samsung | ss153c_firmware | - |
| samsung | ss272e_firmware | - |
| samsung | ss043d_firmware | - |
| samsung | 3b0c6a#312_firmware | - |
| samsung | ss211k_firmware | - |
| samsung | ss272j_firmware | - |
| samsung | ss397g_firmware | - |
| samsung | ss286a_firmware | - |
| samsung | ss107e_firmware | - |
| samsung | 7gf52a#ab1_firmware | - |
| samsung | ss267b_firmware | - |
| hp | 4zb80a_firmware | - |
| samsung | ss254d_firmware | - |
| samsung | ss385a_firmware | - |
| samsung | ss104a_firmware | - |
| samsung | ss336a_firmware | - |
| samsung | ss204b_firmware | - |
| samsung | ss205t_firmware | - |
| samsung | ss049k_firmware | - |
| samsung | st686a_firmware | - |
| samsung | ss334b_firmware | - |
| samsung | ss327d_firmware | - |
| samsung | ss284a_firmware | - |
| samsung | ss271a_firmware | - |
| samsung | ss359q_firmware | - |
| samsung | ss328a_firmware | - |
| samsung | ss076j_firmware | - |
| samsung | ss352d_firmware | - |
| hp | 714z7a_firmware | - |
| samsung | ss044b_firmware | - |
| samsung | ss282a_firmware | - |
| samsung | ss216e_firmware | - |
| samsung | ss326a_firmware | - |
| samsung | ss033n_firmware | - |
| samsung | ss353f_firmware | - |
| samsung | ss106f_firmware | - |
| samsung | 7fr01a#ab1_firmware | - |
| samsung | ss105d_firmware | - |
| samsung | ss342a_firmware | - |
| samsung | ss107q_firmware | - |
| samsung | st688j_firmware | - |
| hp | 7ab26a_firmware | - |
| samsung | ss213b_firmware | - |
| samsung | ss327a_firmware | - |
| samsung | ss388d_firmware | - |
| samsung | ss049j_firmware | - |
| samsung | ss352s_firmware | - |
| samsung | ss393b_firmware | - |
| hp | 4zb81a_firmware | - |
| samsung | st690a_firmware | - |
| samsung | ss383x_firmware | - |
| samsung | ss395c_firmware | - |
| samsung | ss395g_firmware | - |
| samsung | ss216g_firmware | - |
| samsung | ss368h_firmware | - |
| samsung | ss216j_firmware | - |
| samsung | ss367a_firmware | - |
| samsung | ss058c_firmware | - |
| samsung | ss230g_firmware | - |
| samsung | ss322b_firmware | - |
| samsung | ss044m_firmware | - |
| samsung | ss059e_firmware | - |
| samsung | st688h_firmware | - |
| samsung | ss044g_firmware | - |
| samsung | st690d_firmware | - |
| samsung | ss335c_firmware | - |
| samsung | ss397e_firmware | - |
| samsung | ss274a_firmware | - |
| samsung | ss389b_firmware | - |
| samsung | ss042c_firmware | - |
| samsung | ss150h_firmware | - |
| samsung | ss326d_firmware | - |
| samsung | ss404e_firmware | - |
| samsung | ss352g_firmware | - |
| samsung | ss390a_firmware | - |
| samsung | ss260a_firmware | - |
| samsung | ss259a_firmware | - |
| samsung | ss348b_firmware | - |
| samsung | ss271m_firmware | - |
| samsung | ss150b_firmware | - |
| samsung | ss404q_firmware | - |
| samsung | ss383a_firmware | - |
| samsung | ss230k_firmware | - |
| samsung | ss043g_firmware | - |
| samsung | ss075k_firmware | - |
| samsung | ss211e_firmware | - |
| samsung | st688a_firmware | - |
| samsung | ss388e_firmware | - |
| samsung | ss231a_firmware | - |
| hp | 5ue15a_firmware | - |
| samsung | ss327c_firmware | - |
| samsung | ss390e_firmware | - |
| samsung | ss230m_firmware | - |
| samsung | ss211j_firmware | - |
| samsung | ss216a_firmware | - |
| samsung | ss395t_firmware | - |
| samsung | ss365b_firmware | - |
| samsung | st685a_firmware | - |
| samsung | ss389p_firmware | - |
| samsung | ss275c_firmware | - |
| samsung | ss383v_firmware | - |
| samsung | ss076e_firmware | - |
| samsung | st690b_firmware | - |
| samsung | ss271q_firmware | - |
| samsung | ss271t_firmware | - |
| samsung | ss404h_firmware | - |
| samsung | ss397l_firmware | - |
| samsung | ss230t_firmware | - |
| hp | 5ue14a_firmware | - |
| samsung | ss196c_firmware | - |
| samsung | ss076x_firmware | - |
| samsung | ss379b_firmware | - |
| samsung | ss384d_firmware | - |
| samsung | ss342f_firmware | - |
| samsung | ss205e_firmware | - |
| hp | 4zb79a_firmware | - |
| samsung | ss272t_firmware | - |
| samsung | ss280a_firmware | - |
| samsung | ss076z_firmware | - |
| samsung | ss027a_firmware | - |
| samsung | ss211n_firmware | - |
| samsung | st688g_firmware | - |
| samsung | ss216c_firmware | - |
| samsung | ss043l_firmware | - |
| samsung | ss058j_firmware | - |
| samsung | ss367c_firmware | - |
| samsung | 3a9x7a#ab1_firmware | - |
| samsung | 7gf51a#ab1_firmware | - |
| samsung | 3a9x2a#301_firmware | - |
| samsung | ss369e_firmware | - |
| samsung | ss365g_firmware | - |
| samsung | ss229d_firmware | - |
| samsung | ss204g_firmware | - |
| samsung | st679d_firmware | - |
| samsung | ss334d_firmware | - |
| hp | 715a4a_firmware | - |
| samsung | ss106s_firmware | - |
| samsung | ss230p_firmware | - |
| samsung | ss150l_firmware | - |
| samsung | ss058a_firmware | - |
| samsung | ss042b_firmware | - |
| samsung | st688e_firmware | - |
| hp | 4zb82a_firmware | - |
| samsung | ss344b_firmware | - |
| samsung | sw112b_firmware | - |
| samsung | ss216s_firmware | - |
| samsung | ss334f_firmware | - |
| samsung | ss404n_firmware | - |
| samsung | ss365d_firmware | - |
| samsung | ss386e_firmware | - |
| hp | w7u01a_firmware | - |
| samsung | ss106c_firmware | - |
| samsung | st694d_firmware | - |
| samsung | ss076l_firmware | - |
| samsung | ss254e_firmware | - |
| samsung | ss381a_firmware | - |
| samsung | ss042g_firmware | - |
| samsung | ss075c_firmware | - |
| samsung | st679f_firmware | - |
| samsung | ss049c_firmware | - |
| samsung | ss272q_firmware | - |
| samsung | ss377a_firmware | - |
| samsung | ss404j_firmware | - |
| samsung | ss352c_firmware | - |
| samsung | ss235a_firmware | - |
| samsung | ss043f_firmware | - |
| samsung | ss353g_firmware | - |
| samsung | ss205b_firmware | - |
| samsung | ss199a_firmware | - |
| samsung | ss330a_firmware | - |
| samsung | ss389d_firmware | - |
| samsung | ss210l_firmware | - |
| samsung | ss196d_firmware | - |
| samsung | ss108f_firmware | - |
| samsung | ss257p_firmware | - |
| samsung | ss389q_firmware | - |
| samsung | ss256m_firmware | - |
| samsung | ss219a_firmware | - |
| samsung | ss271b_firmware | - |
| samsung | ss215a_firmware | - |
| samsung | ss230n_firmware | - |
| samsung | ss387b_firmware | - |
| samsung | ss043b_firmware | - |
| samsung | ss342c_firmware | - |
| samsung | ss108g_firmware | - |
| samsung | ss395l_firmware | - |
| samsung | ss389k_firmware | - |
| samsung | ss256s_firmware | - |
| samsung | ss151a_firmware | - |
| samsung | ss027f_firmware | - |
| samsung | ss205n_firmware | - |
| samsung | ss218a_firmware | - |
| samsung | ss041e_firmware | - |
| samsung | st695a_firmware | - |
| samsung | ss196e_firmware | - |
| samsung | ss365m_firmware | - |
| samsung | ss153g_firmware | - |
| samsung | 7fq95a#ab1_firmware | - |
| samsung | st684b_firmware | - |
| samsung | ss230d_firmware | - |
| samsung | ss343j_firmware | - |
| samsung | ss368e_firmware | - |
| samsung | ss049n_firmware | - |
| samsung | ss352m_firmware | - |
| samsung | ss213a_firmware | - |
| samsung | ss383h_firmware | - |
| samsung | ss230b_firmware | - |
| samsung | ss359n_firmware | - |
| samsung | ss282b_firmware | - |
| samsung | ss274b_firmware | - |
| samsung | ss216z_firmware | - |
| samsung | ss256n_firmware | - |
| samsung | ss216f_firmware | - |
| samsung | ss044j_firmware | - |
| samsung | ss271g_firmware | - |
| samsung | ss383z_firmware | - |
| samsung | ss075g_firmware | - |
| samsung | ss257j_firmware | - |
| samsung | st693c_firmware | - |
| samsung | ss325a_firmware | - |
| samsung | ss049b_firmware | - |
| samsung | ss354a_firmware | - |
| hp | 714z8a_firmware | - |
| samsung | ss049f_firmware | - |
| samsung | ss107k_firmware | - |
| hp | 4zb87a_firmware | - |
| samsung | ss205m_firmware | - |
| samsung | ss334e_firmware | - |
| samsung | ss027g_firmware | - |
| samsung | ss392b_firmware | - |
| samsung | ss398c_firmware | - |
| samsung | ss216h_firmware | - |
| samsung | 7fr03a#ab1_firmware | - |
| samsung | st695c_firmware | - |
| samsung | st684a_firmware | - |
| samsung | ss205l_firmware | - |
| samsung | ss343h_firmware | - |
| hp | 714z6a_firmware | - |
| samsung | ss027h_firmware | - |
| samsung | ss044c_firmware | - |
| samsung | ss257z_firmware | - |
| samsung | ss356a_firmware | - |
| samsung | ss229f_firmware | - |
| samsung | ss211c_firmware | - |
| samsung | ss256k_firmware | - |
| samsung | ss331b_firmware | - |
| samsung | ss195a_firmware | - |
| samsung | 3b0c7a#301_firmware | - |
| samsung | ss366a_firmware | - |
| samsung | ss359l_firmware | - |
| samsung | ss210d_firmware | - |
| samsung | st679h_firmware | - |
| samsung | ss350a_firmware | - |
| samsung | ss205f_firmware | - |
| hp | 4zb84a_firmware | - |
| samsung | ss258a_firmware | - |
| samsung | ss027k_firmware | - |
| samsung | ss389a_firmware | - |
| samsung | sw176a_firmware | - |
| samsung | ss271d_firmware | - |
| samsung | ss256t_firmware | - |
| samsung | ss213e_firmware | - |
| samsung | ss211a_firmware | - |
| hp | 7zb21a_firmware | - |
| samsung | ss257m_firmware | - |
| samsung | ss352q_firmware | - |
| samsung | ss153j_firmware | - |
| samsung | ss404l_firmware | - |
| samsung | ss216l_firmware | - |
| samsung | ss351a_firmware | - |
| samsung | ss105f_firmware | - |
| samsung | ss075d_firmware | - |
| samsung | ss255a_firmware | - |
| samsung | ss107a_firmware | - |
| samsung | st693b_firmware | - |
| samsung | ss391c_firmware | - |
| samsung | ss150j_firmware | - |
| samsung | ss359c_firmware | - |
| samsung | ss383f_firmware | - |
| samsung | ss395p_firmware | - |
| samsung | ss213c_firmware | - |
| samsung | 3b0c3a#ab1_firmware | - |
| samsung | 7fr04a#ab1_firmware | - |
| samsung | ss352l_firmware | - |
| samsung | ss210m_firmware | - |
| samsung | ss285a_firmware | - |
| samsung | ss211b_firmware | - |
| hp | 4zb97a_firmware | - |
| samsung | ss352e_firmware | - |
| hp | w7u02a_firmware | - |
| hp | 6hu08a_firmware | - |
| samsung | ss263b_firmware | - |
| samsung | st686b_firmware | - |
| hp | 7zb25a_firmware | - |
| samsung | ss383k_firmware | - |
| samsung | ss108d_firmware | - |
| samsung | ss205j_firmware | - |
| samsung | ss397f_firmware | - |
| samsung | ss205z_firmware | - |
| samsung | 7gf47a#ab1_firmware | - |
| samsung | ss219f_firmware | - |
| samsung | ss212a_firmware | - |
| samsung | ss033b_firmware | - |
| samsung | ss359a_firmware | - |
| samsung | ss049a_firmware | - |
| hp | 8af49a_firmware | - |
| hp | 4zb96a_firmware | - |
| samsung | ss334a_firmware | - |
| samsung | ss272b_firmware | - |
| samsung | 3b0c4a#301_firmware | - |
| samsung | ss042a_firmware | - |
| samsung | ss268a_firmware | - |
| samsung | ss236a_firmware | - |
| samsung | ss398e_firmware | - |
| samsung | 7fq90a#ab1_firmware | - |
| samsung | 7fq86a#ab1_firmware | - |
| samsung | ss386f_firmware | - |
| samsung | ss232a_firmware | - |
| samsung | ss213f_firmware | - |
| samsung | ss359b_firmware | - |
| samsung | ss343f_firmware | - |
| samsung | ss353d_firmware | - |
| samsung | ss075j_firmware | - |
| samsung | ss380a_firmware | - |
| samsung | ss389z_firmware | - |
| samsung | ss230s_firmware | - |
| hp | 209u7a_firmware | - |
| samsung | ss383d_firmware | - |
| samsung | ss398b_firmware | - |
| samsung | ss368d_firmware | - |
| samsung | ss395a_firmware | - |
| samsung | ss209a_firmware | - |
| samsung | ss256h_firmware | - |
| samsung | ss106d_firmware | - |
| samsung | ss388k_firmware | - |
| samsung | ss368f_firmware | - |
| hp | 715a5a_firmware | - |
| samsung | 8pa13a#302_firmware | - |
| samsung | ss378f_firmware | - |
| samsung | ss365a_firmware | - |
| samsung | ss205p_firmware | - |
| samsung | ss205s_firmware | - |
| samsung | ss339c_firmware | - |
| samsung | ss106l_firmware | - |
| samsung | 3a9x4a#ab1_firmware | - |
| hp | 2zn50a_firmware | - |
| samsung | ss386c_firmware | - |
| samsung | ss257b_firmware | - |
| samsung | ss277a_firmware | - |
| samsung | ss365f_firmware | - |
| hp | 4zb95a_firmware | - |
| samsung | ss334c_firmware | - |
| samsung | st686f_firmware | - |
| samsung | ss284b_firmware | - |
| samsung | ss287b_firmware | - |
| samsung | ss216d_firmware | - |
| samsung | ss359h_firmware | - |
| samsung | ss027d_firmware | - |
| samsung | ss107d_firmware | - |
| samsung | ss058e_firmware | - |
| samsung | ss383c_firmware | - |
| samsung | 7gf55a#ab1_firmware | - |
| samsung | st695b_firmware | - |
| samsung | ss397n_firmware | - |
| samsung | ss218g_firmware | - |
| samsung | ss033j_firmware | - |
| samsung | ss395s_firmware | - |
| samsung | ss272u_firmware | - |
| samsung | ss336b_firmware | - |
| samsung | ss276c_firmware | - |
| hp | 4zb93a_firmware | - |
| samsung | ss257k_firmware | - |
| samsung | ss256f_firmware | - |
| samsung | ss105c_firmware | - |
| samsung | ss397j_firmware | - |
| samsung | st686c_firmware | - |
| samsung | ss339a_firmware | - |
| samsung | ss384a_firmware | - |
| samsung | ss343k_firmware | - |
| samsung | ss219e_firmware | - |
| samsung | ss230e_firmware | - |
| samsung | ss257l_firmware | - |
| samsung | st679b_firmware | - |
| samsung | ss076h_firmware | - |
| samsung | ss271c_firmware | - |
| samsung | ss404k_firmware | - |
| samsung | ss076c_firmware | - |
| hp | 7zb20a_firmware | - |
| samsung | ss339b_firmware | - |
| samsung | ss272s_firmware | - |
| samsung | ss154b_firmware | - |
| samsung | ss049g_firmware | - |
| samsung | ss377n_firmware | - |
| samsung | ss027b_firmware | - |
| samsung | ss027j_firmware | - |
| samsung | ss216t_firmware | - |
| samsung | ss151b_firmware | - |
| samsung | ss349a_firmware | - |
| samsung | ss359p_firmware | - |
| samsung | ss218k_firmware | - |
| samsung | ss365h_firmware | - |
| hp | 7uq76a_firmware | - |
| samsung | ss044a_firmware | - |
| samsung | ss261a_firmware | - |
| hp | 4zb83a_firmware | - |
| samsung | ss380c_firmware | - |
| samsung | ss230f_firmware | - |
| samsung | ss271j_firmware | - |
| samsung | ss196g_firmware | - |
| samsung | ss388a_firmware | - |
| samsung | st679e_firmware | - |
| samsung | ss344a_firmware | - |
| samsung | ss042e_firmware | - |
| samsung | ss041g_firmware | - |
| samsung | ss041b_firmware | - |
| samsung | ss395h_firmware | - |
| samsung | ss257e_firmware | - |
| samsung | ss383e_firmware | - |
| samsung | ss229c_firmware | - |
| samsung | ss396b_firmware | - |
| samsung | ss383s_firmware | - |
| samsung | sv899d_firmware | - |
| samsung | ss397k_firmware | - |
| samsung | ss256j_firmware | - |
| samsung | ss076g_firmware | - |
| samsung | 7gf53a#ab1_firmware | - |
| samsung | ss049m_firmware | - |
| samsung | ss106n_firmware | - |
| samsung | ss108b_firmware | - |
| samsung | ss272z_firmware | - |
| samsung | ss395m_firmware | - |
| samsung | ss230q_firmware | - |
| samsung | 7fq92a#ab1_firmware | - |
| samsung | ss076p_firmware | - |
| samsung | ss281c_firmware | - |
| samsung | ss355a_firmware | - |
| samsung | ss076w_firmware | - |
| samsung | ss033e_firmware | - |
| samsung | sv901b_firmware | - |
| samsung | ss377g_firmware | - |
| samsung | ss107h_firmware | - |
| samsung | ss204p_firmware | - |
| samsung | ss389v_firmware | - |
| samsung | 8pa11a#301_firmware | - |
| samsung | ss256q_firmware | - |
| samsung | ss229g_firmware | - |
| samsung | ss272c_firmware | - |
| hp | 715a1a_firmware | - |
| samsung | ss365j_firmware | - |
| samsung | sv899c_firmware | - |
| samsung | ss106b_firmware | - |
| samsung | ss377m_firmware | - |
| samsung | ss218f_firmware | - |
A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | color_laserjet_managed_mfp_e67550_l3u69a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5cm66a_firmware | - |
| hp | laserjet_managed_mfp_e73140_5qk02a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a69a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_z8z19a_firmware | - |
| hp | laserjet_managed_mfp_e62665_3gy18a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_2gp22a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs50a_firmware | - |
| hp | color_laserjet_managed_mfp_e87750_3sj19a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a62a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62555_j8j74a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_z8z04a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a71a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_z8z14a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a80a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr97a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_z8z18a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5cm63a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_17f27aw_firmware | - |
| hp | color_laserjet_managed_mfp_e87750_5qk08a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73135_6bs59a_firmware | - |
| hp | pagewide_color_mfp_779_4pz45a_firmware | - |
| hp | laserjet_managed_flow_mfp_m731_6bs57a_firmware | - |
| hp | laserjet_managed_mfp_e82550_5rc83a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfsw_6qn37a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a80a_firmware | - |
| hp | laserjet_managed_mfp_e62555_j8j67a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62565_j8j73a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_z8z15a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_z8z20a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_x3a62a_firmware | - |
| hp | laserjet_managed_mfp_e77428_5rc91a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs13a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_x3a90a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77650_j7z14a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73130_6bs57a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73140_6bs59a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a75a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr96a_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z06a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5rc87a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a75a_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_780f_j7z09a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77660z_j7z13a_firmware | - |
| hp | laserjet_managed_mfp_e82550_z8z23a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87770_3sj38a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m578_7zu86a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5cm76a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m578_7zu85a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs29a_firmware | - |
| hp | laserjet_enterprise_mfp_m634_7ps96a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z07a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_x57945_6qp98a_firmware | - |
| hp | laserjet_managed_flow_mfp_m731_3sj02a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a62a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8pe95a_firmware | - |
| hp | laserjet_managed_mfp_e73135_5qk02a_firmware | - |
| hp | laserjet_managed_e82650_3sj28a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_z8z22a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_z8z22a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77660z_j7z03a_firmware | - |
| hp | scanjet_enterprise_flow_n9120_fn2_document_scanner_l2763a_firmware | - |
| hp | color_laserjet_managed_mfp_e87750_3sj37a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87770_3sj19a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5fm82a_firmware | - |
| hp | laserjet_managed_mfp_e62665_3gy16a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfw+_6qn35a_firmware | - |
| hp | color_laserjet_managed_mfp_e67650_3gy32a_firmware | - |
| hp | color_laserjet_enterprise_mfp_x57945_49k97av_firmware | - |
| hp | laserjet_managed_mfp_e82540_5fm78a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z66a_firmware | - |
| hp | laserjet_managed_mfp_e73130_3sj00a_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z010a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs30a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z14a_firmware | - |
| hp | laserjet_enterprise_mfp_m527_f2a76a_firmware | - |
| hp | laserjet_managed_mfp_e73135_6bs57a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800_configurable_4y279a_firmware | - |
| hp | laserjet_managed_mfp_e731_6bs57a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_x3a92a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67560_l3u69a_firmware | - |
| hp | laserjet_managed_mfp_e82560_z8z23a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a65a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62565_j8j79a_firmware | - |
| hp | laserjet_managed_mfp_e82560_z8z19a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87740_5qk03a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zf_6qn37a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_z8z04a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87750_5qk20a_firmware | - |
| hp | laserjet_managed_mfp_e77422_5rc91a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs44a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m632_j8j70a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a72a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_2gp26a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m578_7zu88a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5cm79a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a72a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800dn_6qn38a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77650_j7z05a_firmware | - |
| hp | color_laserjet_managed_mfp_e87740_5qk20a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_5zp01a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_z8z15a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87750_3sj22a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800_configurable_6qn35a_firmware | - |
| hp | laserjet_managed_e82670_3sj30a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z09a_firmware | - |
| hp | laserjet_managed_e82650_5qk09a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m636_7pt00a_firmware | - |
| hp | color_laserjet_managed_mfp_e67560_l3u69a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_z8z00a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z09a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a72a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr98a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_z8z01a_firmware | - |
| hp | color_laserjet_managed_mfp_e87770_3sj37a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m681_j8a10a_firmware | - |
| hp | laserjet_managed_mfp_e826dn_3sj28a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800_configurable_6qn29a_firmware | - |
| hp | laserjet_managed_mfp_e73130_6bs57a_firmware | - |
| hp | laserjet_managed_mfp_e62555_j8j74a_firmware | - |
| hp | color_laserjet_managed_mfp_e785dn_5qk15a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8pe96a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5fm78a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_z8z20a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_z8z01a_firmware | - |
| hp | pagewide_color_mfp_774_4pz43a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zf_6qn35a_firmware | - |
| hp | laserjet_managed_mfp_e82560_z8z18a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_z8z02a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_9rt92a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_z8z00a_firmware | - |
| hp | laserjet_managed_mfp_e73135_6bs59a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a81a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m577_b5l50a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5cm66a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m578_7zu87a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5cm71a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62575_j8j80a_firmware | - |
| hp | laserjet_enterprise_mfp_m632_j8j72a_firmware | - |
| hp | _laserjet_managed_mfp_e62665_3gy16a_firmware | - |
| hp | color_laserjet_managed_mfp_e87770_3sj21a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87740_3sj19a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr98a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a68a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87740_3sj20a_firmware | - |
| hp | laserjet_managed_flow_mfp_m731_5qk02a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_x3a86a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_z8z15a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a84a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_z8z00a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5fm81a_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_780f_j7z10a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m635_7ps99a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87740_3sj35a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a71a_firmware | - |
| hp | color_laserjet_managed_mfp_e87760_5qk08a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_2gp23a_firmware | - |
| hp | laserjet_managed_flow_mfp_e826z_5qk13a_firmware | - |
| hp | laserjet_managed_e82670_3sj29a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a83a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z06a_firmware | - |
| hp | color_laserjet_managed_mfp_e87740_3sj20a_firmware | - |
| hp | laserjet_managed_mfp_e82540_z8z19a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_z8z16a_firmware | - |
| hp | _laserjet_managed_mfp_e62665_3gy18a_firmware | - |
| hp | laserjet_enterprise_mfp_m528_1pv64a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87770_3sj36a_firmware | - |
| hp | _laserjet_managed_mfp_e62665_3gy14a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_z8z12a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zf_6qn36a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z63a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62555_j8j80a_firmware | - |
| hp | laserjet_managed_mfp_e826dn_3sj29a_firmware | - |
| hp | pagewide_enterprise_color_mfp_780_j7z10a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77660z_z5g77a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs43a_firmware | - |
| hp | laserjet_managed_mfp_e82550_z8z22a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_x3a90a_firmware | - |
| hp | laserjet_enterprise_mfp_m633_j8j78a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z07a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800dn_6qn29a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_z8z01a_firmware | - |
| hp | laserjet_managed_mfp_e72425_5cm70a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_z8z19a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_z8z02a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a72a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a74a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs14a_firmware | - |
| hp | laserjet_enterprise_mfp_m527_f2a78a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z66a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73130_3sj02a_firmware | - |
| hp | color_laserjet_managed_mfp_e87760_3sj22a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5cm69a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m681_j8a10a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_x3a93a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_z8z17a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a71a_firmware | - |
| hp | laserjet_managed_mfp_e82550_5fm78a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_z8z20a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62575_j8j79a_firmware | - |
| hp | laserjet_enterprise_mfp_m635_7ps97a_firmware | - |
| hp | color_laserjet_managed_mfp_e87740_3sj35a_firmware | - |
| hp | laserjet_managed_mfp_e731_5qj98a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z65a_firmware | - |
| hp | laserjet_managed_mfp_e73025_5qj87a_firmware | - |
| hp | laserjet_managed_flow_mfp_m731_5qj98a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a84a_firmware | - |
| hp | laserjet_managed_mfp_e82550_5rc84a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87760_3sj20a_firmware | - |
| hp | laserjet_managed_flow_mfp_e826z_3sj29a_firmware | - |
| hp | laserjet_enterprise_mfp_m527_f2a81a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z05a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_z5g79a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87740_5qk20a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfsw_49k84a_firmware | - |
| hp | laserjet_managed_mfp_e826dn_5qk13a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfw+_6qn36a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a63a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87760_5qk20a_firmware | - |
| hp | laserjet_managed_mfp_e82540_5rc84a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62555_j8j79a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800_configurable_6qn37a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87740_3sj37a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs43a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800dn_6qn36a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800_configurable_6qn31a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_z8z09a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_x3a87a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z68a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a79a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5cm76a_firmware | - |
| hp | color_laserjet_managed_mfp_m577_b5l49a_firmware | - |
| hp | laserjet_managed_mfp_e73130_3sj02a_firmware | - |
| hp | laserjet_managed_flow_mfp_e826z_3sj28a_firmware | - |
| hp | color_laserjet_managed_mfp_e67560_l3u67a_firmware | - |
| hp | color_laserjet_managed_mfp_e87750_5qk20a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m635_7ps98a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62575_j8j66a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_x3a90a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_x57945_6qp99a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_5zn99a_firmware | - |
| hp | laserjet_managed_mfp_e82540_z8z23a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87750_3sj19a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_z8z16a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87760_3sj36a_firmware | - |
| hp | laserjet_managed_mfp_e77422_5cm75a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m527_f2a80a_firmware | - |
| hp | laserjet_managed_mfp_e77422_5cm79a_firmware | - |
| hp | laserjet_managed_e82650_3sj08a_firmware | - |
| hp | color_laserjet_managed_mfp_e78523_5qj83a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_z8z08a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_z8z16a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_5800zf_49k96av_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_785_j7z12a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs28a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_x3a63a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87750_3sj36a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr94a_firmware | - |
| hp | laserjet_managed_mfp_e77428_5rc92a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87760_3sj37a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_2gp22a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_z8z13a_firmware | - |
| hp | laserjet_managed_e82650_3sj29a_firmware | - |
| hp | color_laserjet_managed_mfp_e87740_3sj22a_firmware | - |
| hp | laserjet_managed_mfp_e82550_5fm76a_firmware | - |
| hp | laserjet_managed_mfp_e62675_3gy18a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73135_3sj01a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5fm80a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z68a_firmware | - |
| hp | pagewide_color_mfp_779_4pz46a_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z09a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a66a_firmware | - |
| hp | laserjet_managed_mfp_e52545_3gy19a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a65a_firmware | - |
| hp | laserjet_managed_mfp_e82550_5cm61a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_x3a93a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a84a_firmware | - |
| hp | laserjet_managed_mfp_e52645_1ps55a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800f_58r10a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfsw_4y279a_firmware | - |
| hp | color_laserjet_managed_mfp_e87750_3sj22a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a78a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_5zp00a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m631_j8j65a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m527z_f2a81a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5fm76a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_z8z04a_firmware | - |
| hp | laserjet_managed_mfp_e73030_3sj03a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_x3a86a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5cm78a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_z8z14a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5rc91a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a78a_firmware | - |
| hp | laserjet_enterprise_mfp_m528_1pv65a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5rc88a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_z8z04a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940y3z62a_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z07a_firmware | - |
| hp | laserjet_managed_e82660_3sj07a_firmware | - |
| hp | laserjet_managed_mfp_e82550_5rc85a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5rc87a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfsw_6qn36a_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z011a_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z08a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8pe98a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_x3a65a_firmware | - |
| hp | laserjet_managed_mfp_e73025_3sj03a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67550_l3u67a_firmware | - |
| hp | laserjet_managed_mfp_e72530_x3a66a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73130_3sj00a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j67a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a80a_firmware | - |
| hp | laserjet_managed_mfp_e73130_5qk02a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_z8z02a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a60a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z61a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_z8z16a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5cm63a_firmware | - |
| hp | digital_sender_flow_8500_fn2_document_capture_workstation_l2762a_firmware | - |
| hp | laserjet_managed_mfp_e826dn_3sj09a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m527_f2a79a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8pe97a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62555_j8j73a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a80a_firmware | - |
| hp | laserjet_managed_flow_mfp_e826z_3sj30a_firmware | - |
| hp | laserjet_managed_mfp_e73130_3sj01a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8pe94a_firmware | - |
| hp | laserjet_managed_flow_mfp_m731_3sj00a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zf_6qn38a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m776_t3u56a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m636_7pt01a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m681_j8a11a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_19gsaw_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800f_6qn29a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_x3a87a_firmware | - |
| hp | laserjet_managed_flow_mfp_e826z_3sj09a_firmware | - |
| hp | laserjet_managed_mfp_e826dn_3sj30a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a84a_firmware | - |
| hp | laserjet_managed_e82660_3sj30a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87760_3sj38a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800dn_4y279a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_z8z14a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m577_b5l46a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfsw_6qn35a_firmware | - |
| hp | laserjet_managed_mfp_e73135_3sj00a_firmware | - |
| hp | laserjet_managed_flow_mfp_m527z_f2a80a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800dn_49k84a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_z8z15a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87770_3sj21a_firmware | - |
| hp | color_laserjet_managed_mfp_e67550_l3u67a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5fm77a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67560_l3u67a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m527z_f2a77a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87770_5qk08a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77650_j7z08a_firmware | - |
| hp | laserjet_managed_flow_mfp_e826z_5qk09a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a77a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j80a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_z8z01a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_x3a92a_firmware | - |
| hp | color_laserjet_managed_mfp_e57540_3gy25a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_5zn99a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs27a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87750_3sj21a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m632_j8j71a_firmware | - |
| hp | laserjet_managed_mfp_e62675_3gy14a_firmware | - |
| hp | laserjet_managed_mfp_e82550_5fm77a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_z8z17a_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_586z_g1w39a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5rc91a_firmware | - |
| hp | pagewide_managed_color_mfp_e58650dn_l3u42a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a82a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_z8z16a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a59a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m577_b5l46a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m681_j8a13a_firmware | - |
| hp | laserjet_managed_mfp_e730_3sj04a_firmware | - |
| hp | laserjet_enterprise_mfp_m634_7ps95a_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_785_j7z11a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800zf_6qn31a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z65a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m682_j8a16a_firmware | - |
| hp | color_laserjet_managed_mfp_e78528_5qk15a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77650_j7z07a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5cm65a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_z8z14a_firmware | - |
| hp | laserjet_managed_mfp_e73135_5qj98a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67550_l3u69a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_z8z23a_firmware | - |
| hp | _laserjet_managed_mfp_e62665_3gy17a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800_configurable_58r10a_firmware | - |
| hp | laserjet_enterprise_mfp_m631_j8j65a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5rc92a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z08a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_z8z16a_firmware | - |
| hp | laserjet_managed_mfp_e72530_x3a65a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_5zn98a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e58650z_l3u43a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_x3a89a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62555_j8j66a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62565_j8j66a_firmware | - |
| hp | laserjet_managed_mfp_e82540_5fm77a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_x3a60a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a71a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m681_j8a13a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m577_b5l47a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87760_5qk03a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87750_3sj20a_firmware | - |
| hp | laserjet_enterprise_mfp_m634_7ps94a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a80a_firmware | - |
| hp | laserjet_managed_e82670_5qk13a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfw+_6qn38a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m577_b5l48a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m633_j8j78a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_x3a90a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5cm68a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_x3a90a_firmware | - |
| hp | color_laserjet_managed_mfp_e87740_5qk03a_firmware | - |
| hp | laserjet_managed_mfp_e82540_5rc85a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_5zp00a_firmware | - |
| hp | color_laserjet_managed_mfp_e87760_3sj19a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77660z_j7z08a_firmware | - |
| hp | color_laserjet_managed_mfp_e87760_3sj21a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs37a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a68a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a78a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a78a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_z8z17a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_x3a93a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_x3a89a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a72a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a79a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a74a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs15a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m776_t3u55a_firmware | - |
| hp | laserjet_managed_mfp_e73025_3sj04a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z64a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_x3a87a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_z8z17a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62575_j8j67a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a79a_firmware | - |
| hp | laserjet_managed_mfp_e52545_3gy20a_firmware | - |
| hp | laserjet_managed_flow_mfp_m527z_f2a79a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z011a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a59a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a75a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a77a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62565_j8j67a_firmware | - |
| hp | color_laserjet_managed_mfp_e87740_3sj38a_firmware | - |
| hp | color_laserjet_enterprise_mfp_x57945_6qp98a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfw+_6qn37a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs00a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a63a_firmware | - |
| hp | color_laserjet_managed_mfp_e87760_3sj37a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77660z_z5g79a_firmware | - |
| hp | color_laserjet_managed_mfp_e67660_3gy32a_firmware | - |
| hp | laserjet_managed_mfp_e73140_5qj98a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800zf_58r10a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_x3a92a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_x57945_49k97av_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_2gp23a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs01a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a82a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5rc90a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z07a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800dn_6qn31a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_2gp22a_firmware | - |
| hp | laserjet_managed_mfp_e73140_3sj02a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zf_4y279a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m681_j8a12a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a74a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800f_49k96av_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800_configurable_6qn30a_firmware | - |
| hp | color_laserjet_enterprise_mfp_x57945_6qp99a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_5zp01a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_x3a86a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a69a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfsw_6qn38a_firmware | - |
| hp | laserjet_managed_mfp_e731_6bs59a_firmware | - |
| hp | laserjet_managed_mfp_e82550_z8z19a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j66a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a60a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5rc86a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800dn_6qn35a_firmware | - |
| hp | laserjet_managed_mfp_e77428_5cm76a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a79a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77660z_j7z07a_firmware | - |
| hp | color_laserjet_managed_mfp_e87750_3sj35a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5rc88a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m634_7ps95a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a78a_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z010a_firmware | - |
| hp | laserjet_managed_mfp_e82540_z8z20a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_5zp00a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a71a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z011a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_z8z01a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87770_5qk03a_firmware | - |
| hp | color_laserjet_managed_mfp_e87760_3sj38a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73135_5qk02a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87750_3sj38a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87750_5qk03a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_z8z17a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62575_j8j73a_firmware | - |
| hp | laserjet_managed_mfp_e72425_5cm72a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a68a_firmware | - |
| hp | pagewide_color_mfp_774_4pa44a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62565_j8j80a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr95a_firmware | - |
| hp | laserjet_managed_mfp_e72425_5cm71a_firmware | - |
| hp | laserjet_managed_mfp_e730_3sj03a_firmware | - |
| hp | laserjet_managed_mfp_e82550_x3a75a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5cm78a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73140_5qk02a_firmware | - |
| hp | laserjet_managed_mfp_e82540_5cm58a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a74a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z03a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_z8z14a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_z8z13a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77650_z5g77a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z07a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800zf_6qn29a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs25a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_2gp26a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m578_7zu87a_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z09a_firmware | - |
| hp | pagewide_enterprise_color_mfp_586_g1w39a_firmware | - |
| hp | laserjet_managed_mfp_e72530_x3a59a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a65a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs25a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960y3z62a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs36a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs50a_firmware | - |
| hp | color_laserjet_managed_mfp_e87760_5qk03a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a68a_firmware | - |
| hp | color_laserjet_managed_mfp_e67660_3gy31a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67560_l3u66a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m578_7zu86a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a59a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5cm75a_firmware | - |
| hp | laserjet_managed_mfp_e72425_5cm68a_firmware | - |
| hp | laserjet_enterprise_mfp_m636_7pt01a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73130_6bs59a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950y3z62a_firmware | - |
| hp | laserjet_managed_mfp_e731_3sj01a_firmware | - |
| hp | pagewide_enterprise_color_mfp_780_j7z09a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5fm82a_firmware | - |
| hp | color_laserjet_managed_mfp_e57540_3gy26a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m682_j8a17a_firmware | - |
| hp | laserjet_managed_mfp_e73140_6bs58a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a82a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87740_3sj22a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8pe98a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a80a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m681_j8a11a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m578_7zu85a_firmware | - |
| hp | color_laserjet_managed_mfp_e67560_l3u66a_firmware | - |
| hp | laserjet_managed_mfp_e73135_3sj02a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z08a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5rc92a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a68a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m635_7ps97a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_z8z06a_firmware | - |
| hp | color_laserjet_managed_mfp_e87740_3sj36a_firmware | - |
| hp | color_laserjet_managed_mfp_e87770_3sj36a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr99a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs15a_firmware | - |
| hp | laserjet_managed_mfp_e82540_z8z18a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5cm72a_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_586z_g1w40a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67550_l3u70a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a77a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_z8z01a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5cm77a_firmware | - |
| hp | laserjet_enterprise_mfp_m632_j8j70a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z63a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73130_5qj98a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87770_3sj22a_firmware | - |
| hp | pagewide_managed_color_mfp_e58650dn_l3u43a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z66a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_x3a93a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z09a_firmware | - |
| hp | laserjet_managed_e82650_3sj07a_firmware | - |
| hp | laserjet_managed_mfp_e73030_3sj04a_firmware | - |
| hp | laserjet_managed_e82660_3sj08a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800dn_6qn37a_firmware | - |
| hp | laserjet_enterprise_mfp_m527_f2a77a_firmware | - |
| hp | color_laserjet_managed_mfp_e67550_l3u70a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_9rt92a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_x3a92a_firmware | - |
| hp | laserjet_managed_mfp_e62555_j8j66a_firmware | - |
| hp | laserjet_managed_mfp_e82540_5cm59a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z011a_firmware | - |
| hp | color_laserjet_managed_mfp_e87770_5qk03a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_x3a87a_firmware | - |
| hp | color_laserjet_managed_mfp_e87740_3sj19a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a83a_firmware | - |
| hp | color_laserjet_managed_mfp_e87770_5qk08a_firmware | - |
| hp | color_laserjet_managed_mfp_e78528_5qj81a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs30a_firmware | - |
| hp | laserjet_managed_mfp_e77422_5cm78a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5cm79a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73130_5qk02a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a77a_firmware | - |
| hp | laserjet_managed_mfp_e826dn_5qk09a_firmware | - |
| hp | laserjet_managed_flow_mfp_m731_6bs58a_firmware | - |
| hp | color_laserjet_managed_mfp_e87760_3sj20a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a69a_firmware | - |
| hp | color_laserjet_managed_mfp_e87750_3sj20a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_x3a86a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_x3a87a_firmware | - |
| hp | laserjet_managed_mfp_e73130_6bs59a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a62a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z08a_firmware | - |
| hp | laserjet_managed_e82670_3sj07a_firmware | - |
| hp | color_laserjet_managed_mfp_e87750_3sj36a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73140_5qj98a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_z8z04a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a77a_firmware | - |
| hp | laserjet_enterprise_mfp_m631_j8j64a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z010a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73140_3sj02a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_z8z00a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs12a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5rc86a_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z06a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a79a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m633_j8j76a_firmware | - |
| hp | laserjet_managed_mfp_e73030_5qj87a_firmware | - |
| hp | laserjet_managed_mfp_e731_3sj02a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8pe97a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m632_j8j72a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_z8z02a_firmware | - |
| hp | pagewide_enterprise_color_mfp_586_g1w40a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73140_3sj01a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_x3a89a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a79a_firmware | - |
| hp | laserjet_managed_e82660_5qk13a_firmware | - |
| hp | laserjet_managed_mfp_e82540_5cm61a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z61a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_z8z12a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_x3a92a_firmware | - |
| hp | laserjet_enterprise_mfp_m633_j8j76a_firmware | - |
| hp | color_laserjet_managed_mfp_e77428_5cm77a_firmware | - |
| hp | laserjet_managed_e82660_5qk09a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87770_3sj20a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a82a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5cm61a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a84a_firmware | - |
| hp | laserjet_managed_mfp_e77428_5cm77a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a63a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z010a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a83a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z08a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m634_7ps94a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_z8z12a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_z8z17a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_z8z00a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a74a_firmware | - |
| hp | laserjet_managed_mfp_e77422_5rc92a_firmware | - |
| hp | laserjet_managed_mfp_e72530_x3a63a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_9rt91a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_z8z18a_firmware | - |
| hp | color_laserjet_managed_mfp_e87760_3sj36a_firmware | - |
| hp | laserjet_enterprise_mfp_m528_1pv66a_firmware | - |
| hp | color_laserjet_managed_mfp_e67550_l3u66a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_x3a89a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr94a_firmware | - |
| hp | color_laserjet_managed_mfp_e87770_3sj35a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62555_j8j67a_firmware | - |
| hp | laserjet_enterprise_mfp_m528_1pv67a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800dn_58r10a_firmware | - |
| hp | color_laserjet_managed_mfp_e78523_5qj81a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73135_6bs57a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5cm58a_firmware | - |
| hp | laserjet_managed_mfp_e82540_5fm76a_firmware | - |
| hp | _laserjet_managed_mfp_e62665_3gy15a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_z8z15a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a69a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z65a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a59a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_m577_b5l49a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77650_j7z13a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5cm65a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800_configurable_49k96av_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_z8z12a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs36a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr96a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs27a_firmware | - |
| hp | color_laserjet_managed_mfp_e78523_5qk15a_firmware | - |
| hp | laserjet_managed_mfp_e82540_5rc83a_firmware | - |
| hp | color_laserjet_managed_mfp_e87740_3sj21a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_2gp23a_firmware | - |
| hp | laserjet_managed_mfp_e62555_j8j79a_firmware | - |
| hp | laserjet_managed_e82670_3sj28a_firmware | - |
| hp | laserjet_managed_mfp_e73140_3sj00a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs29a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62575_j8j74a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j73a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_z8z00a_firmware | - |
| hp | laserjet_managed_mfp_e826dn_3sj08a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800zf_6qn30a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_z8z19a_firmware | - |
| hp | laserjet_managed_e82670_3sj08a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e58650z_l3u42a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5cm59a_firmware | - |
| hp | laserjet_managed_mfp_e73135_6bs58a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a83a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a66a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a69a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_z8z13a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_x3a71a_firmware | - |
| hp | laserjet_managed_mfp_e62665_3gy14a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a72a_firmware | - |
| hp | laserjet_managed_flow_mfp_m731_3sj01a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a69a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a83a_firmware | - |
| hp | laserjet_managed_flow_mfp_m731_6bs59a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_z8z23a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_5800zf_6qn31a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_x3a93a_firmware | - |
| hp | laserjet_managed_e82650_5qk13a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800_configurable_6qn38a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zf_49k84a_firmware | - |
| hp | laserjet_managed_mfp_e77422_5cm77a_firmware | - |
| hp | laserjet_managed_mfp_e62675_3gy15a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_y3z63a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_j7z13a_firmware | - |
| hp | laserjet_managed_mfp_e62675_3gy17a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67550_l3u66a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gr95a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs13a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87740_3sj21a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5rc84a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m682_j8a16a_firmware | - |
| hp | pagewide_enterprise_color_flow_mfp_586z_g1w41a_firmware | - |
| hp | color_laserjet_managed_mfp_e87750_3sj21a_firmware | - |
| hp | laserjet_managed_mfp_e72530_x3a62a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a63a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_z8z12a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_x3a90a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_5800zf_6qn29a_firmware | - |
| hp | laserjet_managed_mfp_e62555_j8j73a_firmware | - |
| hp | laserjet_managed_mfp_e82560_z8z22a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5rc83a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a81a_firmware | - |
| hp | laserjet_managed_mfp_e77428_5cm79a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_2gp26a_firmware | - |
| hp | laserjet_enterprise_mfp_m632_j8j71a_firmware | - |
| hp | color_laserjet_managed_mfp_e87760_5qk20a_firmware | - |
| hp | laserjet_managed_mfp_e82550_5cm58a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs26a_firmware | - |
| hp | color_laserjet_managed_mfp_e87770_3sj38a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z61a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87760_3sj21a_firmware | - |
| hp | laserjet_managed_mfp_e82540_x3a82a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_5zp01a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m776_t3u56a_firmware | - |
| hp | laserjet_managed_mfp_e73140_6bs59a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a65a_firmware | - |
| hp | laserjet_managed_mfp_e82560du_5rc85a_firmware | - |
| hp | laserjet_managed_mfp_e72425_5rc90a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_x3a66a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77650_j7z03a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87750_3sj37a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_z8z04a_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z07a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73140_3sj00a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_z8z07a_firmware | - |
| hp | laserjet_managed_mfp_e731_6bs58a_firmware | - |
| hp | laserjet_managed_mfp_e82560_x3a75a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_x3a89a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m776_t3u55a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m682_j8a17a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m577_b5l54a_firmware | - |
| hp | color_laserjet_managed_mfp_e78528_5qj83a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_5800zf_58r10a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a77a_firmware | - |
| hp | pagewide_managed_color_mfp_e77650_z5g77a_firmware | - |
| hp | laserjet_managed_e82660_3sj29a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_z8z02a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs12a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800_configurable_6qn36a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800_configurable_49k84a_firmware | - |
| hp | laserjet_managed_mfp_e72425_5cm69a_firmware | - |
| hp | laserjet_managed_mfp_e82560_z8z20a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87750_5qk08a_firmware | - |
| hp | laserjet_managed_mfp_e82550_5cm59a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_z8z12a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73130_6bs58a_firmware | - |
| hp | laserjet_managed_mfp_e73130_6bs58a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8pe95a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5fm81a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_19gsaw_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m631_j8j64a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_z8z010a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73140_6bs58a_firmware | - |
| hp | laserjet_managed_mfp_e77428_5cm75a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a60a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_z8z13a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfw+_4y279a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs14a_firmware | - |
| hp | laserjet_managed_e82660_3sj28a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87770_3sj35a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87750_3sj35a_firmware | - |
| hp | laserjet_managed_mfp_e77422_5cm76a_firmware | - |
| hp | laserjet_managed_mfp_e72530_x3a60a_firmware | - |
| hp | laserjet_managed_mfp_e826dn_3sj07a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87650_z8z14a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_x3a81a_firmware | - |
| hp | color_laserjet_managed_mfp_e77822_x3a81a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72525_z8z06a_firmware | - |
| hp | laserjet_managed_flow_mfp_e62565_j8j74a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5cm70a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800f_6qn30a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800dn_49k96av_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_2gp25a_firmware | - |
| hp | laserjet_managed_mfp_e72535_x3a66a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73135_3sj02a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_z8z13a_firmware | - |
| hp | laserjet_managed_mfp_e731_3sj00a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87760_5qk08a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_9rt91a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m577_b5l48a_firmware | - |
| hp | laserjet_managed_e82670_5qk09a_firmware | - |
| hp | laserjet_enterprise_mfp_m635_7ps98a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_z8z23a_firmware | - |
| hp | color_laserjet_managed_mfp_e78223_8gs44a_firmware | - |
| hp | laserjet_managed_mfp_e72430_5rc89a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_x3a59a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87740_3sj38a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j79a_firmware | - |
| hp | laserjet_managed_mfp_e73140_3sj01a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5cm64a_firmware | - |
| hp | laserjet_managed_mfp_e82550_z8z18a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z68a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m527z_f2a76a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87770_5qk20a_firmware | - |
| hp | laserjet_managed_mfp_e73135_3sj01a_firmware | - |
| hp | color_laserjet_managed_mfp_e87770_3sj20a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82550_z8z22a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_5800zf_6qn30a_firmware | - |
| hp | laserjet_managed_e82660_3sj09a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87760_3sj19a_firmware | - |
| hp | laserjet_managed_mfp_e77428_5cm78a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73135_5qj98a_firmware | - |
| hp | laserjet_managed_mfp_e82550_z8z20a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77825_z8z02a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_5zn99a_firmware | - |
| hp | laserjet_managed_mfp_e730_5qj87a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_x3a86a_firmware | - |
| hp | laserjet_enterprise_mfp_m631_j8j63a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m631_j8j63a_firmware | - |
| hp | laserjet_managed_mfp_e731_5qk02a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_x3a87a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800dn_6qn30a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73135_3sj00a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77660z_j7z05a_firmware | - |
| hp | color_laserjet_managed_mfp_e77422_5cm75a_firmware | - |
| hp | laserjet_managed_mfp_e72530_z8z08a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800f_6qn31a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a74a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_5zn98a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs00a_firmware | - |
| hp | laserjet_managed_e82650_3sj09a_firmware | - |
| hp | color_laserjet_managed_mfp_e87650_x3a93a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr99a_firmware | - |
| hp | color_laserjet_enterprise_mfp_6800zfw+_49k84a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73140_6bs57a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72535_x3a62a_firmware | - |
| hp | laserjet_managed_mfp_e62665_3gy17a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77830_x3a78a_firmware | - |
| hp | pagewide_enterprise_color_mfp_586_g1w41a_firmware | - |
| hp | color_laserjet_managed_mfp_e87740_3sj37a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gr97a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_x3a66a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e57540_3gy25a_firmware | - |
| hp | laserjet_managed_mfp_e73130_5qj98a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_17f27aw_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e77822_x3a81a_firmware | - |
| hp | color_laserjet_managed_mfp_e87750_3sj38a_firmware | - |
| hp | laserjet_managed_flow_mfp_e826z_3sj08a_firmware | - |
| hp | laserjet_managed_mfp_e62675_3gy16a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_5zn98a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m578_7zu88a_firmware | - |
| hp | color_laserjet_managed_mfp_e87740_5qk08a_firmware | - |
| hp | color_laserjet_managed_mfp_e77830_x3a84a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs01a_firmware | - |
| hp | pagewide_managed_color_mfp_p77950_y3z64a_firmware | - |
| hp | color_laserjet_enterprise_mfp_5800zf_49k96av_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e67560_l3u70a_firmware | - |
| hp | color_laserjet_enterprise_flow_mfp_m577_b5l47a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73135_6bs58a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87740_5qk08a_firmware | - |
| hp | laserjet_enterprise_mfp_m635_7ps99a_firmware | - |
| hp | laserjet_managed_flow_mfp_e52545c_3gy19a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_2gp25a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a81a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_z8z010a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8pe96a_firmware | - |
| hp | color_laserjet_managed_mfp_e87760_3sj35a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m681_j8a12a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77660z_j7z14a_firmware | - |
| hp | color_laserjet_managed_mfp_e785dn_5qj81a_firmware | - |
| hp | color_laserjet_managed_mfp_e785dn_5qj83a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_x3a68a_firmware | - |
| hp | laserjet_managed_mfp_e72525_z8z011a_firmware | - |
| hp | laserjet_managed_mfp_e62565_j8j74a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82560_z8z18a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_z8z13a_firmware | - |
| hp | laserjet_managed_flow_mfp_e826z_3sj07a_firmware | - |
| hp | color_laserjet_managed_mfp_e87770_3sj19a_firmware | - |
| hp | laserjet_managed_mfp_e72535_z8z06a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640_x3a92a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87770_3sj37a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8pe94a_firmware | - |
| hp | color_laserjet_managed_mfp_e77825_x3a83a_firmware | - |
| hp | laserjet_managed_mfp_e82540_z8z22a_firmware | - |
| hp | pagewide_managed_color_mfp_p77940_y3z64a_firmware | - |
| hp | laserjet_managed_mfp_e62665_3gy15a_firmware | - |
| hp | laserjet_enterprise_mfp_m636_7pt00a_firmware | - |
| hp | laserjet_managed_mfp_e62555_j8j80a_firmware | - |
| hp | laserjet_managed_flow_mfp_e72530_z8z011a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a75a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87760_3sj35a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87640_x3a89a_firmware | - |
| hp | laserjet_managed_flow_mfp_e73130_3sj01a_firmware | - |
| hp | color_laserjet_managed_mfp_e87770_3sj22a_firmware | - |
| hp | color_laserjet_enterprise_mfp_m577_b5l54a_firmware | - |
| hp | color_laserjet_managed_mfp_e87750_5qk03a_firmware | - |
| hp | color_laserjet_managed_mfp_e78323_8gs26a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87740_3sj36a_firmware | - |
| hp | color_laserjet_managed_mfp_m577_b5l50a_firmware | - |
| hp | color_laserjet_managed_mfp_e67650_3gy31a_firmware | - |
| hp | laserjet_managed_e82650_3sj30a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m527z_f2a78a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660_x3a86a_firmware | - |
| hp | laserjet_enterprise_flow_mfp_m634_7ps96a_firmware | - |
| hp | color_laserjet_managed_mfp_e87640du_5cm64a_firmware | - |
| hp | color_laserjet_managed_mfp_e78330_8gs28a_firmware | - |
| hp | laserjet_managed_mfp_e52645_1ps54a_firmware | - |
| hp | color_laserjet_managed_mfp_e87660du_5fm80a_firmware | - |
| hp | laserjet_managed_mfp_e72525_x3a60a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87760_3sj22a_firmware | - |
| hp | laserjet_managed_mfp_e72425_5rc89a_firmware | - |
| hp | pagewide_managed_color_flow_mfp_e77650_z5g79a_firmware | - |
| hp | laserjet_managed_mfp_e73140_6bs57a_firmware | - |
| hp | color_laserjet_managed_mfp_e67560_l3u70a_firmware | - |
| hp | color_laserjet_managed_mfp_e78228_8gs37a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e57540_3gy26a_firmware | - |
| hp | laserjet_managed_e82670_3sj09a_firmware | - |
| hp | laserjet_managed_flow_mfp_e52545c_3gy20a_firmware | - |
| hp | pagewide_managed_color_mfp_p77960_2gp25a_firmware | - |
| hp | laserjet_managed_flow_mfp_e82540_x3a82a_firmware | - |
| hp | color_laserjet_managed_mfp_e87770_5qk20a_firmware | - |
| hp | laserjet_enterprise_mfp_m528_1pv49a_firmware | - |
| hp | color_laserjet_managed_flow_mfp_e87660_z8z15a_firmware | - |
Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | designjet_z9+_pro_firmware | - |
| hp | pagewide_xl_4600 | _firmware |
| hp | designjet_z6dr_firmware | * |
| hp | pagewide_xl_4500 | _firmware |
| hp | designjet_z6_firmware | * |
| hp | pagewide_xl_4700 | _firmware |
| hp | designjet_z9dr_firmware | * |
| hp | pagewide_xl_4100 | _firmware |
| hp | designjet_z9_firmware | * |
| hp | pagewide_xl_8000 | _firmware |
Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_5 | * |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| hp | arubaos | * |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| hp | arubaos | * |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| hp | arubaos | * |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| hp | arubaos | * |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| hp | arubaos | * |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| hp | arubaos | * |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| hp | arubaos | * |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| hp | arubaos | * |
An unauthenticated Denial of Service (DoS) vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
A vulnerability exists in Aruba InstantOS and ArubaOS 10 where an edge-case combination of network configuration, a specific WLAN environment and an attacker already possessing valid user credentials on that WLAN can lead to sensitive information being disclosed via the WLAN. The scenarios in which this disclosure of potentially sensitive information can occur are complex and depend on factors that are beyond the control of the attacker.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 5.4 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N | 1.2 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp_device_manager | 5.0.7 |
| hp | hp_device_manager | 5.0.5 |
| hp | hp_device_manager | 5.0.3 |
| hp | hp_device_manager | 5.0.9 |
| hp | hp_device_manager | 5.0.6 |
| hp | hp_device_manager | 5.0.8 |
| hp | hp_device_manager | 5.0.4 |
| hp | hp_device_manager | 5.0.7.1 |
| hp | hp_device_manager | 5.0 |
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp_device_manager | 5.0.7 |
| hp | hp_device_manager | 5.0.5 |
| hp | hp_device_manager | 5.0.3 |
| hp | hp_device_manager | 5.0.9 |
| hp | hp_device_manager | 5.0.6 |
| hp | hp_device_manager | 5.0.8 |
| hp | hp_device_manager | 5.0.4 |
| hp | hp_device_manager | 5.0.7.1 |
| hp | hp_device_manager | 5.0 |
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp_device_manager | 5.0.7 |
| hp | hp_device_manager | 5.0.5 |
| hp | hp_device_manager | 5.0.3 |
| hp | hp_device_manager | 5.0.9 |
| hp | hp_device_manager | 5.0.6 |
| hp | hp_device_manager | 5.0.8 |
| hp | hp_device_manager | 5.0.4 |
| hp | hp_device_manager | 5.0.7.1 |
| hp | hp_device_manager | 5.0 |
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp_device_manager | 5.0.7 |
| hp | hp_device_manager | 5.0.5 |
| hp | hp_device_manager | 5.0.3 |
| hp | hp_device_manager | 5.0.9 |
| hp | hp_device_manager | 5.0.6 |
| hp | hp_device_manager | 5.0.8 |
| hp | hp_device_manager | 5.0.4 |
| hp | hp_device_manager | 5.0.7.1 |
| hp | hp_device_manager | 5.0 |
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp_device_manager | 5.0.7 |
| hp | hp_device_manager | 5.0.5 |
| hp | hp_device_manager | 5.0.3 |
| hp | hp_device_manager | 5.0.9 |
| hp | hp_device_manager | 5.0.6 |
| hp | hp_device_manager | 5.0.8 |
| hp | hp_device_manager | 5.0.4 |
| hp | hp_device_manager | 5.0.7.1 |
| hp | hp_device_manager | 5.0 |
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 349_g7_firmware | * |
| hp | vr_backpack_g2_firmware | * |
| hp | 205_pro_g4_22_all-in-one_firmware | - |
| hp | t628_firmware | * |
| hp | 470_g10_firmware | * |
| hp | 200_g4_22_all-in-one_firmware | - |
| hp | 245_g8_firmware | * |
| hp | 288_g6_firmware | - |
| hp | 247_g8_firmware | * |
| hp | pro_small_form_factor_280_g9_desktop_firmware | - |
| hp | proone_496_g3_firmware | - |
| hp | 280_g3_firmware | - |
| hp | 290_g3_firmware | - |
| hp | 280_g5_firmware | - |
| hp | pro_small_form_factor_290_g9_desktop_firmware | - |
| hp | 245_g6_firmware | * |
| hp | pro_tower_290_g9_desktop_firmware | - |
| hp | z_vr_backpack_g1_workstation_firmware | - |
| hp | zhan_99_pro_g1_microtower_firmware | - |
| hp | 200_pro_g4_22_all-in-one_firmware | - |
| hp | 282_pro_g4_microtower_firmware | - |
| hp | 280_pro_g3_firmware | - |
| hp | proone_490_g3_firmware | - |
| hp | 250_g10_firmware | * |
| hp | 290_g3_small_form_factor_firmware | - |
| hp | zhan_86_pro_g2_microtower_firmware | - |
| hp | zhan_99_g4_firmware | * |
| hp | proone_240_g10_firmware | - |
| hp | 280_g6_firmware | - |
| hp | 255_g10_firmware | * |
| hp | desktop_pro_g1_microtower_firmware | - |
| hp | 240_g10_firmware | * |
| hp | 280_g4_microtower_firmware | - |
| hp | 280_pro_g5_small_form_factor_firmware | - |
| hp | 290_g2_firmware | - |
| hp | 200_g3_firmware | - |
| hp | 280_pro_g4_microtower_firmware | - |
| hp | 282_g6_firmware | - |
| hp | 260_g4_desktop_mini_firmware | * |
| hp | proone_440_g3_firmware | - |
| hp | proone_240_g9_firmware | - |
| hp | zhan_99_g2_firmware | * |
| hp | t430_firmware | * |
| hp | pro_tower_280_g9_desktop_firmware | - |
| hp | 245_g7_firmware | * |
| hp | 280_g4_firmware | - |
| hp | 290_g4_firmware | - |
| hp | 280_g5_small_form_factor_firmware | - |
| hp | pro_tower_zhan_99_g9_desktop_firmware | - |
| hp | 288_g5_firmware | - |
| hp | 282_g5_firmware | - |
| hp | pro_small_form_factor_zhan_66_g9_desktop_firmware | - |
| hp | 290_g1_firmware | - |
| hp | 280_g8_microtower_firmware | - |
| hp | pro_tower_200_g9_desktop_firmware | - |
| hp | 205_g4_22_all-in-one_firmware | - |
| hp | 290_g2_microtower_firmware | - |
| hp | 470_g9_firmware | * |
| hp | 288_pro_g4_microtower_firmware | - |
A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potential vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 200_g4_22_all-in-one_pc_(rom_family_ssid_86f0)_firmware | * |
| hp | 258_g6_firmware | * |
| hp | 205_g8_24_all-in-one_pc_(rom_family_ssid_8924)_firmware | * |
| hp | proone_240_g10_(rom_family_ssid_8b4c)_firmware | * |
| hp | 205_pro_g4_22_all-in-one_pc_(rom_family_ssid_86f2)_firmware | * |
| hp | 245_g10_firmware | * |
| hp | 200_pro_g4_22_all-in-one_pc_(rom_family_ssid_86f3)_firmware | * |
| hp | 285_pro_g8_microtower_(rom_family_ssid_870e)_firmware | * |
| hp | 470_g10_firmware | * |
| hp | zhan_99_g4_mobile_workstation_firmware | * |
| hp | 245_g8_firmware | * |
| hp | pro_tower_290_g9_desktop_(rom_family_ssid_89b3)_firmware | * |
| hp | 255_g8_(rom_family_ssid_8905)_firmware | * |
| hp | 246_g7_firmware | * |
| hp | 247_g8_firmware | * |
| hp | pro_tower_290_g9_desktop_(rom_family_ssid_8bc3)_firmware | * |
| hp | 250_g7_firmware | * |
| hp | stream_11_pro_g4_firmware | * |
| hp | 285_g6_microtower_(rom_family_ssid_871e)_firmware | * |
| hp | 340_g7_firmware | * |
| hp | 295_g8_microtower_(rom_family_ssid_870e)_firmware | * |
| hp | 256_g6_firmware | * |
| hp | 205_g4_22_all-in-one_pc_(rom_family_ssid_86f0)_firmware | * |
| hp | 255_g8_firmware | * |
| hp | 205_g4_22_all-in-one_pc_(rom_family_ssid_86f2)_firmware | * |
| hp | 205_pro_g8_24_all-in-one_pc_(rom_family_ssid_8924)_firmware | * |
| hp | t638_thin_client_firmware | * |
| hp | pro_tower_200_g9_desktop_(rom_family_ssid_8bc3)_firmware | * |
| hp | 240_g9_firmware | * |
| hp | 205_g8_24_all-in-one_pc_(rom_family_ssid_8923)_firmware | * |
| hp | 205_pro_g8_24_all-in-one_pc_(rom_family_ssid_8923)_firmware | * |
| hp | 250_g9_firmware | * |
| hp | 250_g10_firmware | * |
| hp | 255_g6_firmware | * |
| hp | 348_g7_firmware | * |
| hp | vr_backpack_g2_(rom_family_ssid_8590)_firmware | * |
| hp | 285_g8_microtower_(rom_family_ssid_870e)_firmware | * |
| hp | zhan_99_g3_mobile_workstation_firmware | * |
| hp | 200_pro_g4_22_all-in-one_pc_(rom_family_ssid_86f0)_firmware | * |
| hp | 258_g7_firmware | * |
| hp | pro_tower_290_g9_desktop_(rom_family_ssid_89b4)_firmware | * |
| hp | pro_tower_zhan_99_g9_desktop_(rom_family_ssid_89b3)_firmware | * |
| hp | 200_pro_g4_22_all-in-one_pc_(rom_family_ssid_86f2)_firmware | * |
| hp | 205_g4_22_all-in-one_pc_(rom_family_ssid_86f3)_firmware | * |
| hp | 470_g7_firmware | * |
| hp | stream_11_pro_g5_firmware | * |
| hp | 200_g4_22_all-in-one_pc_(rom_family_ssid_86f3)_firmware | * |
| hp | zhan_66_pro_a_g4_all-in-one_pc_(rom_family_ssid_8924)_firmware | * |
| hp | 255_g10_firmware | * |
| hp | 240_g6_firmware | * |
| hp | 240_g10_firmware | * |
| hp | desktop_pro_a_g3_microtower_firmware | * |
| hp | pro_tower_280_g9_desktop_(rom_family_ssid_89b3)_firmware | * |
| hp | desktop_pro_a_300_g3_firmware | * |
| hp | pro_tower_200_g9_desktop_(rom_family_ssid_89b3)_firmware | * |
| hp | zhan_66_pro_a_g1_r_microtower_firmware | * |
| hp | zbook_15_g5_mobile_workstation_firmware | * |
| hp | pro_tower_200_g9_desktop_(rom_family_ssid_89b4)_firmware | * |
| hp | 255_g9_firmware | * |
| hp | pro_tower_zhan_99_g9_desktop_(rom_family_ssid_89b4)_firmware | * |
| hp | pro_sff_290_g9_desktop_(rom_family_ssid_89b4)_firmware | * |
| hp | 245_firmware | * |
| hp | zhan_66_pro_a_g10_(rom_family_ssid_8b4e)_firmware | * |
| hp | 245_g7_firmware | * |
| hp | 200_g4_22_all-in-one_pc_(rom_family_ssid_86f2)_firmware | * |
| hp | 285_pro_g6_microtower_(rom_family_ssid_871e)_firmware | * |
| hp | zhan_99_pro_a_g2_microtower_(rom_family_ssid_871e)_firmware | * |
| hp | 245_g9_firmware | * |
| hp | pro_sff_280_g9_desktop_(rom_family_ssid_8bc3)_firmware | * |
| hp | 240_g7_firmware | * |
| hp | 255_g8_(rom_family_ssid_890e)_firmware | * |
| hp | pro_sff_280_g9_desktop_(rom_family_ssid_89b4)_firmware | * |
| hp | pro_sff_zhan_66_g9_desktop_(rom_family_ssid_89b4)_firmware | * |
| hp | 205_pro_g4_22_all-in-one_pc_(rom_family_ssid_86f3)_firmware | * |
| hp | proone_240_g10_(rom_family_ssid_8b4d)_firmware | * |
| hp | zhan_66_pro_a_g4_all-in-one_pc_(rom_family_ssid_8923)_firmware | * |
| hp | 256_g7_firmware | * |
| hp | pro_sff_290_g9_desktop_(rom_family_ssid_8bc3)_firmware | * |
| hp | pro_tower_280_g9_desktop_(rom_family_ssid_89b4)_firmware | * |
| hp | 255_g7_firmware | * |
| hp | pro_sff_zhan_66_g9_desktop_(rom_family_ssid_8bc3)_firmware | * |
| hp | 255_g8_(rom_family_ssid_87d1)_firmware | * |
| hp | 250_g6_firmware | * |
| hp | 205_pro_g4_22_all-in-one_pc_(rom_family_ssid_86f0)_firmware | * |
| hp | pro_tower_zhan_99_g9_desktop_(rom_family_ssid_8b3c)_firmware | * |
| hp | 246_g6_firmware | * |
| hp | desktop_pro_a_g3_firmware | * |
| hp | proone_240_g9_(rom_family_ssid_89eb)_firmware | * |
| hp | 470_g9_firmware | * |
Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | color_laserjet_pro_mfp_4301-4303_4ra84f_firmware | * |
| hp | color_laserjet_pro_mfp_4301-4303_5hh66a_firmware | * |
| hp | color_laserjet_pro_4201-4203_4ra89a_firmware | * |
| hp | color_laserjet_pro_mfp_4301-4303_4ra82f_firmware | * |
| hp | color_laserjet_pro_mfp_4301-4303_5hh65a_firmware | * |
| hp | color_laserjet_pro_mfp_4301-4303_5hh67a_firmware | * |
| hp | color_laserjet_pro_4201-4203_4ra88f_firmware | * |
| hp | color_laserjet_pro_4201-4203_5hh48a_firmware | * |
| hp | color_laserjet_pro_mfp_4301-4303_5hh72a_firmware | * |
| hp | color_laserjet_pro_4201-4203_5hh59a_firmware | * |
| hp | color_laserjet_pro_mfp_4301-4303_4ra81f_firmware | * |
| hp | color_laserjet_pro_4201-4203_4ra87f_firmware | * |
| hp | color_laserjet_pro_4201-4203_5hh51a_firmware | * |
| hp | color_laserjet_pro_mfp_4301-4303_4ra83f_firmware | * |
| hp | color_laserjet_pro_mfp_4301-4303_5hh64f_firmware | * |
| hp | color_laserjet_pro_mfp_4301-4303_5hh73a_firmware | * |
| hp | color_laserjet_pro_4201-4203_5hh52a_firmware | * |
| hp | color_laserjet_pro_mfp_4301-4303_4ra80f_firmware | * |
| hp | color_laserjet_pro_4201-4203_5hh53a_firmware | * |
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_mfp_m478-m479_w1a78a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y46a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a56a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a51a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a77a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a31a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y44a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a59a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a47a_firmware | * |
| hp | laserjet_pro_m404-m405_93m22a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a33a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y40a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a48a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a53a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a63a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a79a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a52a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y43a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a81a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a66a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a58a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y41a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a60a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a32a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a82a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a28a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a38a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a75a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a30a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a46a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a34a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a35a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y47a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a80a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y45a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a76a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a57a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a29a_firmware | * |
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_mfp_m478-m479_w1a78a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y46a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a56a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a51a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a77a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a31a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y44a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a59a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a47a_firmware | * |
| hp | laserjet_pro_m404-m405_93m22a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a33a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y40a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a48a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a53a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a63a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a79a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a52a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y43a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a81a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a66a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a58a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y41a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a60a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a32a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a82a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a28a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a38a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a75a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a30a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a46a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a34a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a35a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y47a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a80a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y45a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a76a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a57a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a29a_firmware | * |
Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_mfp_m478-m479_w1a78a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y46a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a56a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a51a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a77a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a31a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y44a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a59a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a47a_firmware | * |
| hp | laserjet_pro_m404-m405_93m22a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a33a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y40a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a48a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a53a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a63a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a79a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a52a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y43a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a81a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a66a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a58a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y41a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a60a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a32a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a82a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a28a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a38a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a75a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a30a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a46a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a34a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a35a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y47a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a80a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y45a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a76a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a57a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a29a_firmware | * |
A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
| security-alert@hpe.com | 8.3 | HIGH | CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L | 1.7 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | integrated_lights-out_6 | * |
| hp | integrated_lights-out_4 | * |
| hp | integrated_lights-out_5 | * |
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
| hpe | oneview_global_dashboard | * |
An HPE OneView appliance dump may expose proxy credential settings
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
An HPE OneView appliance dump may expose OneView user accounts
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
An HPE OneView appliance dump may expose SAN switch administrative credentials
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
An HPE OneView appliance dump may expose SNMPv3 read credentials
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
HPE OneView virtual appliance "Migrate server hardware" option may expose sensitive information in an HPE OneView support dump
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 6.1 | MEDIUM | CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L | 0.3 | 5.3 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | proliant_rl300_firmware | 1.12 |
| hp | integrated_lights-out_firmware | 1.05 |
HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | * |
A remote authentication bypass issue exists in a OneView API.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
A remote authentication bypass issue exists in some OneView APIs.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
Certain versions of HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware are potentially vulnerable to elevation of privilege.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | image_assistant | * |
| hp | pc_hardware_diagnostics | * |
| hp | thunderbolt_dock_g2_firmware | - |
Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to buffer overflow.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | pc_hardware_diagnostics | * |
Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_mfp_m478-m479_w1a78a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y46a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a56a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a51a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a77a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a31a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y44a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a59a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a47a_firmware | * |
| hp | laserjet_pro_m404-m405_93m22a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a33a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y40a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a48a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a53a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a63a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a79a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a52a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y43a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a81a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a66a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a58a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y41a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a60a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a32a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a82a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a28a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a38a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a75a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a30a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a46a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a34a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a35a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y47a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a80a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y45a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a76a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a57a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a29a_firmware | * |
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_mfp_m478-m479_w1a78a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y46a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a56a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a51a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a77a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a31a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y44a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a59a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a47a_firmware | * |
| hp | laserjet_pro_m404-m405_93m22a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a33a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y40a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a48a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a53a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a63a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a79a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a52a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y43a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a81a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a66a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a58a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y41a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a60a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a32a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a82a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a28a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a38a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a75a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a30a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a46a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a34a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a35a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y47a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a80a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y45a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a76a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a57a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a29a_firmware | * |
Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_mfp_m478-m479_w1a78a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y46a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a56a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a51a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a77a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a31a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y44a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a59a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a47a_firmware | * |
| hp | laserjet_pro_m404-m405_93m22a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a33a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y40a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a48a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a53a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a63a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a79a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a52a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y43a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a81a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a66a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a58a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y41a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a60a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a32a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a82a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a28a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a38a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a75a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a30a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a46a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a34a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a35a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y47a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a80a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y45a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a76a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a57a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a29a_firmware | * |
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | laserjet_pro_mfp_m478-m479_w1a78a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y46a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a56a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a51a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a77a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a31a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y44a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a59a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a47a_firmware | * |
| hp | laserjet_pro_m404-m405_93m22a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a33a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y40a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a48a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a53a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a63a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a79a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a52a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y43a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a81a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a66a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a58a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y41a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a60a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a32a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a82a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_w1a28a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a38a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a75a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a30a_firmware | * |
| hp | laserjet_pro_m304-m305_w1a46a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a34a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a35a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y47a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a80a_firmware | * |
| hp | laserjet_pro_m453-m454_w1y45a_firmware | * |
| hp | laserjet_pro_mfp_m478-m479_w1a76a_firmware | * |
| hp | laserjet_pro_m404-m405_w1a57a_firmware | * |
| hp | laserjet_pro_mfp_m428-m429_f_w1a29a_firmware | * |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_virtual_intranet_access | * |
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | 1.8 | 5.2 |
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | 1.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | aruba_virtual_intranet_access | * |
Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when using an improper eSCL URL GET request.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3uk84a_firmware | * |
| hp | 3ul05b_firmware | * |
| hp | 3ul00d_firmware | * |
| hp | 1kr46a_firmware | * |
| hp | 1mr75a_firmware | * |
| hp | 1kr54a_firmware | * |
| hp | 1kr48a_firmware | * |
| hp | 1mr66a_firmware | * |
| hp | 3uk83b_firmware | * |
| hp | 3uk90d_firmware | * |
| hp | 1mr74a_firmware | * |
| hp | 1kr42a_firmware | * |
| hp | 1mr72a_firmware | * |
| hp | 3uk99d_firmware | * |
| hp | 3uk97d_firmware | * |
| hp | 1mr73a_firmware | * |
| hp | 1mr78b_firmware | * |
| hp | 1kr55a_firmware | * |
| hp | 1mr78a_firmware | * |
| hp | 1mr70a_firmware | * |
| hp | 1kr49a_firmware | * |
| hp | 1mr69c_firmware | * |
| hp | 1mr71a_firmware | * |
| hp | 1kr45a_firmware | * |
| hp | 1mr69a_firmware | * |
| hp | 1mr67a_firmware | * |
| hp | 1mr68a_firmware | * |
| hp | 1mr79a_firmware | * |
| hp | 1kr55d_firmware | * |
| hp | 1mr80d_firmware | * |
| hp | 3uk86b_firmware | * |
| hp | 1kr55b_firmware | * |
| hp | 3uk93d_firmware | * |
| hp | 3uk91b_firmware | * |
| hp | 1mr76a_firmware | * |
| hp | 1mr73d_firmware | * |
| hp | 3uk85d_firmware | * |
| hp | 3uk96d_firmware | * |
| hp | y8m28d_firmware | * |
| hp | 3uk83a_firmware | * |
| hp | 3uk98d_firmware | * |
| hp | 1mr77a_firmware | * |
A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | thinupdate | * |
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
There are arbitrary file deletion vulnerabilities in the CLI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 3.9 | 4.2 |
| security-alert@hpe.com | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 3.9 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
There are arbitrary file deletion vulnerabilities in the AirWave client service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 3.9 | 4.2 |
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 3.9 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
There is an arbitrary file deletion vulnerability in the RSSI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 3.9 | 4.2 |
| security-alert@hpe.com | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 3.9 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| security-alert@hpe.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| security-alert@hpe.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the BLE daemon service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| security-alert@hpe.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| security-alert@hpe.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the soft ap daemon accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| security-alert@hpe.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
| nvd@nist.gov | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 5.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L | 1.2 | 4.2 |
| nvd@nist.gov | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
An authenticated Denial-of-Service (DoS) vulnerability exists in the CLI service. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
| security-alert@hpe.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.5.0.0 |
Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | officejet_pro_8730_d9l19a_firmware | * |
| hp | officejet_pro_8730_k7s36a_firmware | * |
| hp | officejet_pro_8730_m9l75a_firmware | * |
| hp | officejet_pro_8730_j7a29a_firmware | * |
| hp | officejet_pro_8730_m9l74a_firmware | * |
| hp | officejet_pro_8730_k7s34a_firmware | * |
| hp | officejet_pro_8730_t0g54a_firmware | * |
| hp | officejet_pro_8730_k7s35a_firmware | * |
| hp | officejet_pro_8730_m9l76a_firmware | * |
| hp | officejet_pro_8730_m9l80a_firmware | * |
| hp | officejet_pro_8730_j7a31a_firmware | * |
| hp | officejet_pro_8730_j7a28a_firmware | * |
A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N | 3.9 | 2.7 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_management_homepage | * |
HPE OneView may allow command injection with local privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| security-alert@hpe.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_5 | * |
HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or information disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | life | * |
HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | t430_thin_client_firmware | - |
| hp | t638_thin_client_firmware | - |
A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor’s Theft Deterrence to be deactivated.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | elitedisplay_e243i_24-inch_firmware | - |
| hp | p22va_g4_fhd_firmware | - |
| hp | e24mv_g4_fhd_firmware | * |
| hp | z24nf_g2_23.8-inch_firmware | - |
| hp | e24i_g4_wuxga_firmware | * |
| hp | z24i_g2_24-inch_firmware | - |
| hp | elitedisplay_e230t_23-inch_touch_firmware | - |
| hp | p22_g4_22_fhd_firmware | - |
| hp | e23_g4_fhd_firmware | * |
| hp | m24m_firmware | * |
| hp | m27m_firmware | * |
| hp | z23n_g2_23-inch_firmware | - |
| hp | z24f_g3_fhd_firmware | * |
| hp | e24q_g4_qhd_firmware | * |
| hp | z22n_g2_21.5-inch_firmware | - |
| hp | elitedisplay_e273_27-inch_firmware | - |
| hp | elitedisplay_e273m_27-inch_firmware | - |
| hp | z24n_g3_wuxga_firmware | * |
| hp | e22_g4_fhd_firmware | * |
| hp | m27ha_fhd_firmware | - |
| hp | elitedisplay_e243p_23.8-inch_sure_view_firmware | - |
| hp | p24v_g4_firmware | - |
| hp | e27_g4_fhd_firmware | * |
| hp | elitedisplay_e202_20-inch_firmware | - |
| hp | p27v_g4_firmware | - |
| hp | p22h_g4_fhd_firmware | - |
| hp | e24t_g4_fhd_touch_firmware | * |
| hp | p27h_g4_fhd_firmware | - |
| hp | e27q_g4_qhd_firmware | * |
HP Print and Scan Doctor for Windows may potentially be vulnerable to escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | print_and_scan_doctor | 5.7.2.014 |
Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to elevation of privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | image_assistant | * |
| hp | pc_hardware_diagnostics | * |
| hp | thunderbolt_dock_g2_firmware | - |
A potential security vulnerability has been identified in the system BIOS for certain HP Workstation PCs, which might allow escalation of privilege, arbitrary code execution, or denial of service. HP is releasing mitigation for the potential vulnerability.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | z440_workstation_firmware | * |
| hp | z840_workstation_firmware | * |
| hp | z640_workstation_firmware | * |
HPE OneView may have a missing passphrase during restore.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| security-alert@hpe.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to information disclosure, when connections made by the device back to services enabled by some solutions may have been trusted without the appropriate CA certificate in the device's certificate store.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_4 | - |
| hp | futuresmart_5 | * |
| hp | futuresmart_4 | * |
| hp | futuresmart_3 | * |
Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | cq893c_firmware | * |
| hp | cq891c_firmware | * |
A user with administrative privileges can create a compromised dll file of the same name as the original dll within the HP printer’s Firmware Update Utility (FUU) bundle and place it in the Microsoft Windows default downloads directory which can lead to potential arbitrary code execution.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 4ws04a_firmware | * |
| hp | 7fr61a_firmware | * |
| hp | 5ar85a_firmware | * |
| hp | 3xv19a_firmware | * |
| hp | 297w8a_firmware | * |
| hp | 7fr57a_firmware | * |
| hp | 7fr20a_firmware | * |
| hp | 7fr53a_firmware | * |
| hp | 26k72a_firmware | * |
| hp | 7fr21a_firmware | * |
| hp | 26k70a_firmware | * |
| hp | 26k68b_firmware | * |
| hp | 26k69a_firmware | * |
| hp | 3xv17a_firmware | * |
| hp | 26k68a_firmware | * |
| hp | 5ar84a_firmware | * |
| hp | 5ar83a_firmware | * |
| hp | 297x1a_firmware | * |
| hp | 8rk11a_firmware | * |
| hp | 26k71a_firmware | * |
| hp | 7fr58a_firmware | * |
| hp | 26k67b_firmware | * |
| hp | 2a9q5a_firmware | * |
| hp | 26k70b_firmware | * |
| hp | 26k72b_firmware | * |
| hp | 7fr52a_firmware | * |
| hp | 297x0a_firmware | * |
| hp | 26k67a_firmware | * |
The vulnerability could be remotely exploited to bypass authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 3par_service_processor_firmware | * |
A privilege escalation exists in the updater for Plantronics Hub 3.25.1 and below.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_plantronics_hub | * |
Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages (SoftPaqs).
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | softpaqs | - |
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba's Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 3.9 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
There is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 3.9 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 4.9 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 1.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in CCX devices. A flaw in the firmware build process did not properly restrict access to a resource from an unauthorized actor.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_ccx_700 | * |
| hp | poly_ccx_600 | * |
| hp | poly_ccx_350 | * |
| hp | poly_ccx_400 | * |
| hp | poly_ccx_500 | * |
| hp | poly_ccx_505 | * |
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XSS vulnerabilities in the version of JavaScript used.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly implement access controls.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly sanitize User input.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security-alert@hpe.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | instantos | * |
| arubanetworks | arubaos | * |
| arubanetworks | arubaos | 10.6.0.0 |
This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | oneview | * |
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Spokes Update Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18271.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_plantronics_hub | 3.24.2 |
Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could potentially lead to Remote Code Execution and/or Elevation of Privilege on the PC.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| hp-security-alert@hp.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H | 1.1 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | smart_universal_printing_driver | * |
A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware flaw does not properly sanitize user input. The exploitation of this vulnerability is dependent on a layered attack and cannot be exploited by itself.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| hp-security-alert@hp.com | 7.5 | HIGH | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_tc8_firmware | * |
| hp | poly_studio_g7500_firmware | * |
| hp | poly_studio_x30_firmware | * |
| hp | poly_studio_x52_firmware | * |
| hp | poly_studio_g62_firmware | * |
| hp | poly_tc10_firmware | * |
| hp | poly_studio_x70_firmware | * |
| hp | poly_studio_x50_firmware | * |
A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.47.41.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
HP System Event Utility and Omen Gaming Hub might allow execution of certain files outside of their restricted paths. This potential vulnerability was remediated with HP System Event Utility version 3.2.12 and Omen Gaming Hub version 1101.2511.101.0.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | omen_gaming_hub | * |
| hp | system_event_utility | * |
A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. HP is releasing software updates to mitigate the potential vulnerability.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | client_management_script_library | * |
Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | w1a46a_firmware | * |
| hp | w1a79a_firmware | * |
| hp | w1y40a_firmware | * |
| hp | w1a80a_firmware | * |
| hp | w1a35a_firmware | * |
| hp | 7kw51a_firmware | * |
| hp | 93m22a_firmware | * |
| hp | w1a32a_firmware | * |
| hp | w1y45a_firmware | * |
| hp | w1y43a_firmware | * |
| hp | w1a38a_firmware | * |
| hp | 7kw56a_firmware | * |
| hp | 7kw55a_firmware | * |
| hp | 7kw50a_firmware | * |
| hp | 7kw75a_firmware | * |
| hp | w1a76a_firmware | * |
| hp | w1a30a_firmware | * |
| hp | w1a60a_firmware | * |
| hp | w1a52a_firmware | * |
| hp | w1a28a_firmware | * |
| hp | 7kw67a_firmware | * |
| hp | w1a77a_firmware | * |
| hp | w1a75a_firmware | * |
| hp | w1y46a_firmware | * |
| hp | 7kw73a_firmware | * |
| hp | 7kw63a_firmware | * |
| hp | 7kw49a_firmware | * |
| hp | 7kw59a_firmware | * |
| hp | 7kw76a_firmware | * |
| hp | w1y44a_firmware | * |
| hp | 7kw58a_firmware | * |
| hp | w1a31a_firmware | * |
| hp | 7kw74a_firmware | * |
| hp | 7kw72a_firmware | * |
| hp | 7kw77a_firmware | * |
| hp | w1a29a_firmware | * |
| hp | w1a81a_firmware | * |
| hp | w1y41a_firmware | * |
| hp | 7kw78a_firmware | * |
| hp | w1a63a_firmware | * |
| hp | 7kw54a_firmware | * |
| hp | w1a58a_firmware | * |
| hp | w1a48a_firmware | * |
| hp | w1a57a_firmware | * |
| hp | w1a33a_firmware | * |
| hp | w1a53a_firmware | * |
| hp | 7kw65a_firmware | * |
| hp | 7kw66a_firmware | * |
| hp | 7kw48a_firmware | * |
| hp | 7kw68a_firmware | * |
| hp | w1a78a_firmware | * |
| hp | w1a34a_firmware | * |
| hp | w1a56a_firmware | * |
| hp | w1a66a_firmware | * |
| hp | w1a51a_firmware | * |
| hp | 7kw79a_firmware | * |
| hp | w1a82a_firmware | * |
| hp | w1a47a_firmware | * |
| hp | 7kw64a_firmware | * |
| hp | w1y47a_firmware | * |
| hp | 7kw57a_firmware | * |
| hp | w1a59a_firmware | * |
Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | w1a46a_firmware | * |
| hp | w1a79a_firmware | * |
| hp | w1y40a_firmware | * |
| hp | w1a80a_firmware | * |
| hp | w1a35a_firmware | * |
| hp | 7kw51a_firmware | * |
| hp | 93m22a_firmware | * |
| hp | w1a32a_firmware | * |
| hp | w1y45a_firmware | * |
| hp | w1y43a_firmware | * |
| hp | w1a38a_firmware | * |
| hp | 7kw56a_firmware | * |
| hp | 7kw55a_firmware | * |
| hp | 7kw50a_firmware | * |
| hp | 7kw75a_firmware | * |
| hp | w1a76a_firmware | * |
| hp | w1a30a_firmware | * |
| hp | w1a60a_firmware | * |
| hp | w1a52a_firmware | * |
| hp | w1a28a_firmware | * |
| hp | 7kw67a_firmware | * |
| hp | w1a77a_firmware | * |
| hp | w1a75a_firmware | * |
| hp | w1y46a_firmware | * |
| hp | 7kw73a_firmware | * |
| hp | 7kw63a_firmware | * |
| hp | 7kw49a_firmware | * |
| hp | 7kw59a_firmware | * |
| hp | 7kw76a_firmware | * |
| hp | w1y44a_firmware | * |
| hp | 7kw58a_firmware | * |
| hp | w1a31a_firmware | * |
| hp | 7kw74a_firmware | * |
| hp | 7kw72a_firmware | * |
| hp | 7kw77a_firmware | * |
| hp | w1a29a_firmware | * |
| hp | w1a81a_firmware | * |
| hp | w1y41a_firmware | * |
| hp | 7kw78a_firmware | * |
| hp | w1a63a_firmware | * |
| hp | 7kw54a_firmware | * |
| hp | w1a58a_firmware | * |
| hp | w1a48a_firmware | * |
| hp | w1a57a_firmware | * |
| hp | w1a33a_firmware | * |
| hp | w1a53a_firmware | * |
| hp | 7kw65a_firmware | * |
| hp | 7kw66a_firmware | * |
| hp | 7kw48a_firmware | * |
| hp | 7kw68a_firmware | * |
| hp | w1a78a_firmware | * |
| hp | w1a34a_firmware | * |
| hp | w1a56a_firmware | * |
| hp | w1a66a_firmware | * |
| hp | w1a51a_firmware | * |
| hp | 7kw79a_firmware | * |
| hp | w1a82a_firmware | * |
| hp | w1a47a_firmware | * |
| hp | 7kw64a_firmware | * |
| hp | w1y47a_firmware | * |
| hp | 7kw57a_firmware | * |
| hp | w1a59a_firmware | * |
A potential security vulnerability has been identified in HP Image Assistant for versions prior to 5.3.3. The vulnerability could potentially allow a local attacker to escalate privileges via a race condition when installing packages.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | image_assistant | * |
In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center (TAC) to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration changes made using the provisioning server or the device WebUI.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_tcos | * |
| hp | poly_videoos | * |
The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 6gx02e_firmware | * |
| hp | 7md75a_firmware | * |
| hp | 9yf94a_firmware | * |
| hp | 7md72a_firmware | * |
| hp | 9yg08a_firmware | * |
| hp | 7md69a_firmware | * |
| hp | 7md70a_firmware | * |
| hp | 2a130a_firmware | * |
| hp | 6gx06a_firmware | * |
| hp | 9yg05e_firmware | * |
| hp | 6gx05e_firmware | * |
| hp | 9yf96a_firmware | * |
| hp | 2u589a_firmware | * |
| hp | 7md70e_firmware | * |
| hp | 6gw71a_firmware | * |
| hp | 9yg02e_firmware | * |
| hp | 9yg10a_firmware | * |
| hp | 6gx00e_firmware | * |
| hp | 2u589e_firmware | * |
| hp | 7md72e_firmware | * |
| hp | 7md74a_firmware | * |
| hp | 6gw99a_firmware | * |
| hp | 9yf89a_firmware | * |
| hp | 6hu08a_firmware | * |
| hp | 7md76e_firmware | * |
| hp | 6gx09a_firmware | * |
| hp | 9yf88a_firmware | * |
| hp | 9yg02a_firmware | * |
| hp | 6gx00a_firmware | * |
| hp | 9yg05a_firmware | * |
| hp | 7md74e_firmware | * |
| hp | 9yf91e_firmware | * |
| hp | 9yf98a_firmware | * |
| hp | 2a129a_firmware | * |
| hp | 2a130e_firmware | * |
| hp | 7md73a_firmware | * |
| hp | 7md71a_firmware | * |
| hp | 2u589f_firmware | * |
| hp | 1y7d4a_firmware | * |
| hp | 9yf95a_firmware | * |
| hp | 6gx05a_firmware | * |
| hp | 6gx01a_firmware | * |
| hp | 9yf91a_firmware | * |
| hp | 7md76a_firmware | * |
| hp | 9yg09a_firmware | * |
| hp | 6gx03a_firmware | * |
| hp | 9yg11a_firmware | * |
| hp | 6gw99e_firmware | * |
| hp | 6gx09e_firmware | * |
| hp | 9yf97a_firmware | * |
| hp | 6gx04a_firmware | * |
| hp | 7md70f_firmware | * |
| hp | 9yf90a_firmware | * |
| hp | 9yf92a_firmware | * |
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 4ra84f_firmware | * |
| hp | 499q3a_firmware | * |
| hp | 4ra87a_firmware | * |
| hp | 759v0e_firmware | * |
| hp | 499q9f_firmware | * |
| hp | 499q5e_firmware | * |
| hp | 499q6f_firmware | * |
| hp | 5hh67a_firmware | * |
| hp | 759v2e_firmware | * |
| hp | 4ra85f_firmware | * |
| hp | 74t92a_firmware | * |
| hp | 499n1a_firmware | * |
| hp | 499q8e_firmware | * |
| hp | 4ra82fr_firmware | * |
| hp | 4ra81e_firmware | * |
| hp | 4ra85e_firmware | * |
| hp | 499q5a_firmware | * |
| hp | 499q5fr_firmware | * |
| hp | 5hh64a_firmware | * |
| hp | 4ra83a_firmware | * |
| hp | 4ra83f_firmware | * |
| hp | 4ra81a_firmware | * |
| hp | 4ra81fr_firmware | * |
| hp | 4ra80a_firmware | * |
| hp | 499m8a_firmware | * |
| hp | 499n5a_firmware | * |
| hp | 499q3e_firmware | * |
| hp | 5hh73a_firmware | * |
| hp | 4ra86f_firmware | * |
| hp | 8d7l1a_firmware | * |
| hp | 499n0a_firmware | * |
| hp | 5hh64f_firmware | * |
| hp | 74p27a_firmware | * |
| hp | 5hh53a_firmware | * |
| hp | 499q8f_firmware | * |
| hp | 499n4a_firmware | * |
| hp | 4ra82f_firmware | * |
| hp | 5hh48v_firmware | * |
| hp | 499r0f_firmware | * |
| hp | 4ra81f_firmware | * |
| hp | 499r0e_firmware | * |
| hp | 4ra84e_firmware | * |
| hp | 499m6a_firmware | * |
| hp | 4ra82e_firmware | * |
| hp | 74p28a_firmware | * |
| hp | 499q9e_firmware | * |
| hp | 5hh59a_firmware | * |
| hp | 5hh64e_firmware | * |
| hp | 4ra89v_firmware | * |
| hp | 5hh65a_firmware | * |
| hp | 5hh66a_firmware | * |
| hp | 759v1f_firmware | * |
| hp | 4ra80e_firmware | * |
| hp | 74t92e_firmware | * |
| hp | 8d7l2a_firmware | * |
| hp | 499q3f_firmware | * |
| hp | 499q6e_firmware | * |
| hp | 5hh52a_firmware | * |
| hp | 499m9a_firmware | * |
| hp | 4ra86a_firmware | * |
| hp | 499n6a_firmware | * |
| hp | 4ra85a_firmware | * |
| hp | 5hh48a_firmware | * |
| hp | 74p26a_firmware | * |
| hp | 499q9a_firmware | * |
| hp | 759v1e_firmware | * |
| hp | 74p25a_firmware | * |
| hp | 499q7a_firmware | * |
| hp | 499q4e_firmware | * |
| hp | 4ra88a_firmware | * |
| hp | 4ra85v_firmware | * |
| hp | 759v0f_firmware | * |
| hp | 759v2f_firmware | * |
| hp | 499r0a_firmware | * |
| hp | 499m7a_firmware | * |
| hp | 499q8a_firmware | * |
| hp | 4ra84a_firmware | * |
| hp | 499q7e_firmware | * |
| hp | 4ra87e_firmware | * |
| hp | 4ra88f_firmware | * |
| hp | 499q7f_firmware | * |
| hp | 4ra88e_firmware | * |
| hp | 74t92f_firmware | * |
| hp | 4ra83e_firmware | * |
| hp | 5hh72a_firmware | * |
| hp | 499q5f_firmware | * |
| hp | 4ra80f_firmware | * |
| hp | 4ra89a_firmware | * |
| hp | 4ra82a_firmware | * |
| hp | 8d7l0a_firmware | * |
| hp | 4ra87f_firmware | * |
| hp | 499q4f_firmware | * |
| hp | 499q6a_firmware | * |
| hp | 4ra86e_firmware | * |
| hp | 5hh51a_firmware | * |
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | futuresmart_5 | * |
| hp | futuresmart_4 | * |
| hp | futuresmart_3 | * |
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 4ra84f_firmware | * |
| hp | 499q3a_firmware | * |
| hp | 4ra87a_firmware | * |
| hp | 759v0e_firmware | * |
| hp | 499q9f_firmware | * |
| hp | 499q5e_firmware | * |
| hp | 5hh67a_firmware | * |
| hp | 4ra82fr_firmware | * |
| hp | 4ra85e_firmware | * |
| hp | 499q5a_firmware | * |
| hp | 499q5fr_firmware | * |
| hp | 4ra83f_firmware | * |
| hp | 4ra81a_firmware | * |
| hp | 4ra81fr_firmware | * |
| hp | 499m8a_firmware | * |
| hp | 4ra86f_firmware | * |
| hp | 499n0a_firmware | * |
| hp | 499n4a_firmware | * |
| hp | 4ra82f_firmware | * |
| hp | 5hh48v_firmware | * |
| hp | 499r0f_firmware | * |
| hp | 4ra81f_firmware | * |
| hp | 499r0e_firmware | * |
| hp | 4ra84e_firmware | * |
| hp | 499q9e_firmware | * |
| hp | 5hh59a_firmware | * |
| hp | 5hh66a_firmware | * |
| hp | 4ra80e_firmware | * |
| hp | 8d7l2a_firmware | * |
| hp | 499q6e_firmware | * |
| hp | 5hh52a_firmware | * |
| hp | 499m9a_firmware | * |
| hp | 499n6a_firmware | * |
| hp | 74p26a_firmware | * |
| hp | 74p25a_firmware | * |
| hp | 4ra85v_firmware | * |
| hp | 759v0f_firmware | * |
| hp | 759v2f_firmware | * |
| hp | 499r0a_firmware | * |
| hp | 499m7a_firmware | * |
| hp | 499q8a_firmware | * |
| hp | 499q7e_firmware | * |
| hp | 4ra88f_firmware | * |
| hp | 499q7f_firmware | * |
| hp | 4ra88e_firmware | * |
| hp | 74t92f_firmware | * |
| hp | 4ra80f_firmware | * |
| hp | 4ra89a_firmware | * |
| hp | 8d7l0a_firmware | * |
| hp | 4ra86e_firmware | * |
| hp | 5hh51a_firmware | * |
| hp | 499q6f_firmware | * |
| hp | 759v2e_firmware | * |
| hp | 4ra85f_firmware | * |
| hp | 74t92a_firmware | * |
| hp | 499n1a_firmware | * |
| hp | 499q8e_firmware | * |
| hp | 4ra81e_firmware | * |
| hp | 5hh64a_firmware | * |
| hp | 4ra83a_firmware | * |
| hp | 4ra80a_firmware | * |
| hp | 499n5a_firmware | * |
| hp | 499q3e_firmware | * |
| hp | 5hh73a_firmware | * |
| hp | 8d7l1a_firmware | * |
| hp | 5hh64f_firmware | * |
| hp | 74p27a_firmware | * |
| hp | 5hh53a_firmware | * |
| hp | 499q8f_firmware | * |
| hp | 499m6a_firmware | * |
| hp | 4ra82e_firmware | * |
| hp | 74p28a_firmware | * |
| hp | 5hh64e_firmware | * |
| hp | 4ra89v_firmware | * |
| hp | 5hh65a_firmware | * |
| hp | 759v1f_firmware | * |
| hp | 74t92e_firmware | * |
| hp | 499q3f_firmware | * |
| hp | 4ra86a_firmware | * |
| hp | 4ra85a_firmware | * |
| hp | 5hh48a_firmware | * |
| hp | 499q9a_firmware | * |
| hp | 759v1e_firmware | * |
| hp | 499q7a_firmware | * |
| hp | futuresmart_4 | * |
| hp | 499q4e_firmware | * |
| hp | 4ra88a_firmware | * |
| hp | futuresmart_3 | * |
| hp | 4ra84a_firmware | * |
| hp | 4ra87e_firmware | * |
| hp | 4ra83e_firmware | * |
| hp | 5hh72a_firmware | * |
| hp | 499q5f_firmware | * |
| hp | 4ra82a_firmware | * |
| hp | 4ra87f_firmware | * |
| hp | 499q4f_firmware | * |
| hp | 499q6a_firmware | * |
| hp | futuresmart_5 | * |
HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | thinpro | 8.1 |
A potential security vulnerability has been identified in the HP Support Assistant, which allows a local attacker to escalate privileges via an arbitrary file deletion.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | 9.46.17.0 |
A potential command injection vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could allow a privileged user to submit arbitrary input. HP has addressed the issue in the latest software update.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the use and retrieval of the default password. HP has addressed the issue in the latest software update.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.7 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.1 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A potential SQL injection vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow a privileged user to execute SQL commands. HP has addressed the issue in the latest software update.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm (DSA).
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | linux_imaging_and_printing | * |
HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.).
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | universal_print_driver | * |
A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | support_assistant | * |
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could allow the retrieval of hardcoded cryptographic keys. HP has addressed the issue in the latest software update.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.7 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.1 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A potential reflected cross-site scripting vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The website does not validate or sanitize the user input before rendering it in the response. HP has addressed the issue in the latest software update.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could potentially allow a privileged user to retrieve credentials from the log files. HP has addressed the issue in the latest software update.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A potential stored cross-site scripting vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The website allows user input to be stored and rendered without proper sanitization. HP has addressed the issue in the latest software update.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A potential privilege escalation through Sudo vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The firmware flaw does not properly implement access controls. HP has addressed the issue in the latest software update.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could allow a bypass of the application's XSS filter by submitting untrusted characters. HP has addressed the issue in the latest software update.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could deserialize untrusted data without validation. HP has addressed the issue in the latest software update.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.2 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N | 0.9 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_clariti_manager | * |
A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow modifications to the filesystem, which might lead to SYSTEM level privileges being granted.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | poly_lens_desktop | * |
Certain HP OfficeJet Pro printers may expose information if Cross‑Origin Resource Sharing (CORS) is misconfigured, potentially allowing unauthorized web origins to access device resource. CORS is disabled by default on Pro‑class devices and can only be enabled by an administrator through the Embedded Web Server (EWS). Keeping CORS disabled unless explicitly required helps ensure that only trusted solutions can interact with the device.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | k7s43a_firmware | * |
| hp | j6x80a_firmware | * |
| hp | m9l66a_firmware | * |
| hp | t0g46a_firmware | * |
| hp | d9l20a_firmware | * |
| hp | d9l64a_firmware | * |
| hp | t0g70a_firmware | * |
| hp | t0g56a_firmware | * |
| hp | k7s39a_firmware | * |
| hp | t0g47a_firmware | * |
| hp | t0g49a_firmware | * |
| hp | j3p68a_firmware | * |
| hp | d9l18a_firmware | * |
| hp | t0g48a_firmware | * |
| hp | d9l21a_firmware | * |
| hp | l3t99a_firmware | * |
| hp | k7s40a_firmware | * |
| hp | j6x76a_firmware | * |
| hp | t1p99a_firmware | * |
| hp | k7s32a_firmware | * |
| hp | y0s19a_firmware | * |
| hp | m9l65a_firmware | * |
| hp | y0s18a_firmware | * |
| hp | m9l67a_firmware | * |
| hp | k7s38a_firmware | * |
| hp | j3p66a_firmware | * |
| hp | j6x83a_firmware | * |
| hp | j6x81a_firmware | * |
| hp | g5j38a_firmware | * |
| hp | k7s41a_firmware | * |
| hp | j6x77a_firmware | * |
| hp | k7s37a_firmware | * |
| hp | k7s42a_firmware | * |
| hp | j3p65a_firmware | * |
| hp | d9l63a_firmware | * |
| hp | g5j56a_firmware | * |
| hp | j6x79a_firmware | * |
| hp | t0g65a_firmware | * |
| hp | m9l70a_firmware | * |
| hp | j6x78a_firmware | * |
| hp | j3p67a_firmware | * |
HP System Event Utility might allow denial of service with elevated arbitrary file writes. This potential vulnerability was remediated with HP System Event Utility version 3.2.16.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | system_event_utility | * |