NotCVE - vendor:"Hp"

Page 4 of 2451 results (0.008 seconds)

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-1174

https://notcve.org/view.php?id=CVE-2024-1174

01 Mar 2024 — Previous versions of HP ThinPro (prior to HP ThinPro 8.0 SP 8) could potentially contain security vulnerabilities. HP has released HP ThinPro 8.0 SP 8, which includes updates to mitigate potential vulnerabilities. • https://support.hp.com/us-en/document/ish_10232639-10232671-16/hpsbhf03919 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-0407 – Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Information Disclosure

https://notcve.org/view.php?id=CVE-2024-0407

20 Feb 2024 — Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to information disclosure, when connections made by the device back to services enabled by some solutions may have been trusted without the appropriate CA certificate in the device's certificate store. Ciertas impresoras HP Enterprise LaserJet y HP LaserJet Managed son potencialmente vulnerables a la divulgación de información, cuando las conexiones realizadas por el dispositivo a los servicios habilitados por alguna... • https://support.hp.com/us-en/document/ish_10174094-10174120-16 •

CVSS: 7.2EPSS: 0%CPEs: 22EXPL: 0

CVE-2022-48220

https://notcve.org/view.php?id=CVE-2022-48220

14 Feb 2024 — Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities. Se han identificado vulnerabilidades potenciales en ciertos productos de PC de escritorio HP que utilizan la función HP TamperLock, que podría permitir eludir la detección de intrusiones mediante un ataque físico. HP está lanzando firmware y orien... • https://support.hp.com/us-en/document/ish_10170895-10170920-16/hpsbhf03907 • CWE-203: Observable Discrepancy •

CVSS: 7.2EPSS: 0%CPEs: 22EXPL: 0

CVE-2022-48219

https://notcve.org/view.php?id=CVE-2022-48219

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-6573

https://notcve.org/view.php?id=CVE-2023-6573

23 Jan 2024 — HPE OneView may have a missing passphrase during restore. Es posible que a HPE OneView le falte una frase de contraseña durante la restauración. • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04586en_us • CWE-522: Insufficiently Protected Credentials •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-50275 – Hewlett Packard Enterprise OneView clusterService Authentication Bypass Denial-of-Service Vulnerability

https://notcve.org/view.php?id=CVE-2023-50275

23 Jan 2024 — HPE OneView may allow clusterService Authentication Bypass resulting in denial of service. HPE OneView puede permitir la omisión de autenticación del servicio de clúster, lo que resulta en una denegación de servicio. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Hewlett Packard Enterprise OneView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clusterService. The issue results from the lack o... • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04586en_us • CWE-287: Improper Authentication •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-50274 – Hewlett Packard Enterprise OneView startUpgradeCommon Command Injection Local Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2023-50274

23 Jan 2024 — HPE OneView may allow command injection with local privilege escalation. HPE OneView puede permitir la inyección de comandos con escalada de privilegios local. This vulnerability allows local attackers to escalate privileges code on affected installations of Hewlett Packard Enterprise OneView. An attacker must first obtain the ability to execute low-privileged code on the target system or send an HTTP request to a local service in order to exploit this vulnerability. The specific flaw exists within the star... • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04586en_us • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-47158 – IBM Db2 denial of service

https://notcve.org/view.php?id=CVE-2023-47158

22 Jan 2024 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1 and 11.5 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270750. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.1, 10.5 y 11.1 podría permitir que un usuario autenticado con privilegios CONNECT provoque una denegación de servicio mediante una consulta especialmente manipulada. ID de IBM X-Force: 270750. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270750 • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-27859 – IBM Db2 code execution

https://notcve.org/view.php?id=CVE-2023-27859

22 Jan 2024 — IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by installing like named jar files across multiple databases. A user could exploit this by installing a malicious jar file that overwrites the existing like named jar file in another database. IBM X-Force ID: 249205. IBM Db2 10.1, 10.5 y 11.1 podría permitir que un usuario remoto ejecute código arbitrario causado por la instalación de archivos jar con nombres similares en múltiples bases de datos. Un usuario podría aprov... • https://exchange.xforce.ibmcloud.com/vulnerabilities/249205 •

CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-47747 – IBM Db2 denial of service

https://notcve.org/view.php?id=CVE-2023-47747

22 Jan 2024 — IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272646. IBM DB2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 10.1, 10.5 y 11.1 podría permitir que un usuario autenticado con privilegios CONNECT provoque una denegación de servicio mediante una consulta especialmente manipulada. ID de IBM X-Force: 272646. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272646 • CWE-20: Improper Input Validation •

1 2 3 4 5