Search Results (535 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-13753 1 Hp 1 Hp 2800 Printer Series 2026-07-08 7.5 High
A missing authorization vulnerability exists in the embedded webserver of HP Deskjet 2800 Series Printers running firmware version <=TBP1CN2612AR. An unauthenticated attacker with network access can send GET requests to multiple exposed administrative API endpoints and retrieve sensitive configuration data such as plaintext Wi‑Fi Direct credentials, unique device identity information, and other administrative security state details. When accessed through the web interface, these setting pages explicitly require administrator credentials before sensitive information is displayed.
CVE-2026-8864 2 Hp, Hp Inc. 2 Fan Control App, Hp Fan Control App 2026-07-01 N/A
The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mitigate this potential vulnerability.
CVE-2026-5064 2 Hp, Hp Inc. 2 One Agent Software, Hp One Agent Software 2026-06-23 N/A
Potential security vulnerabilities have been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege and/or denial of service. HP is releasing software updates to mitigate these potential vulnerabilities.
CVE-1999-0524 11 Apple, Cisco, Hp and 8 more 14 Mac Os X, Macos, Ios and 11 more 2026-05-28 4 Medium
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVE-1999-0517 2 Hp, Sun 2 Hp-ux, Sunos 2026-05-28 5.9 Medium
An SNMP community name is the default (e.g. public), null, or missing.
CVE-2015-4000 13 Apple, Canonical, Debian and 10 more 31 Iphone Os, Mac Os X, Safari and 28 more 2026-05-27 3.7 Low
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
CVE-2026-8631 2 Hp, Hp Inc 2 Linux Imaging And Printing, Hp Linux Imaging And Printing Software 2026-05-21 9.8 Critical
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path when handling crafted print data.
CVE-2026-8632 2 Hp, Hp Inc 2 Linux Imaging And Printing, Hp Linux Imaging And Printing Software 2026-05-21 7.8 High
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection.
CVE-2007-0916 1 Hp 1 Hp-ux 2026-04-23 N/A
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
CVE-2008-0706 2 Compaq, Hp 4 Presario A900, Presario C700, G7000 and 1 more 2026-04-23 N/A
Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows physically proximate attackers to obtain privileged access via unspecified vectors, possibly involving an authentication bypass of the power-on password.
CVE-2008-0707 1 Hp 2 Hp-ux, Storageworks Library And Tape Tools 2026-04-23 N/A
HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B.11.11 and B.11.23 allows local users to gain privileges via unspecified vectors.
CVE-2007-0394 1 Hp 1 Hp-ux 2026-04-23 N/A
HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.
CVE-2007-3045 2 Hitachi, Hp 3 Hi Ux We2, Tp1 Net Osi-tp-extended, Hp-ux 2026-04-23 N/A
Unspecified vulnerability in Hitachi TP1/NET/OSI-TP-Extended on HI-UX/WE2 before 20070213, and on HP-UX before 20070314, allows remote attackers to cause a denial of service via certain data to a port.
CVE-2007-3044 2 Hitachi, Hp 3 Hi Ux We2, Xp W, Hp-ux 2026-04-23 N/A
Unspecified vulnerability in the Map I/O Service (xpwmap) in Hitachi XP/W on HI-UX/WE2 before 20070319, and XP/W on HP-UX before 20070405, allows remote attackers to cause a denial of service via certain data to the service port.
CVE-2007-1086 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 Universal Database and 3 more 2026-04-23 N/A
Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access."
CVE-2008-3389 3 Hp, Ingres, Linux 3 Hp-ux, Ingres, Linux Kernel 2026-04-23 N/A
Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.
CVE-2007-5302 1 Hp 1 Hp-ux 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2007-5946 1 Hp 1 Hp-ux 2026-04-23 N/A
Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.
CVE-2007-6232 8 Ftp, Hp, Ibm and 5 more 9 Admin, Hp-ux, Tru64 and 6 more 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action.
CVE-2007-1945 5 Hp, Ibm, Linux and 2 more 9 Hp-ux, Aix, I5os and 6 more 2026-04-23 N/A
Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors.