Hp Security Vulnerabilities (CVEs)
Track 153 security vulnerabilities affecting Hp products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
Unauthenticated attackers can cause denial-of-service conditions in Aruba access points by exploiting vulnerabilities in the CLI service accessed via ...
Nov 14, 2023Unauthenticated attackers can exploit vulnerabilities in the BLE daemon service via the PAPI protocol to cause Denial-of-Service (DoS) on affected Aru...
Nov 14, 2023This critical vulnerability allows unauthenticated attackers to execute arbitrary code with privileged access on Aruba access points by sending specia...
Nov 14, 2023This CVE describes a critical buffer overflow vulnerability in Aruba's AirWave client service that allows unauthenticated attackers to execute arbitra...
Nov 14, 2023This vulnerability in Aruba's AirWave client service allows attackers to delete arbitrary files on the operating system via the PAPI protocol. This co...
Nov 14, 2023CVE-2023-5671 is a privilege escalation vulnerability in HP Print and Scan Doctor for Windows that allows local attackers to gain elevated system priv...
Oct 25, 2023This CVE describes a BIOS vulnerability in certain HP PC products that could allow attackers to escalate privileges on affected systems. The vulnerabi...
Oct 18, 2023CVE-2023-4499 is an information disclosure vulnerability in HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) that co...
Oct 13, 2023The HP LIFE Android mobile application contains improper access control vulnerabilities that could allow attackers to escalate privileges or access se...
Oct 9, 2023CVE-2023-30909 is a critical authentication bypass vulnerability in HPE OneView APIs that allows remote attackers to bypass authentication mechanisms ...
Sep 14, 2023CVE-2023-30908 is a critical authentication bypass vulnerability in HPE OneView API that allows remote attackers to bypass authentication mechanisms a...
Sep 7, 2023This vulnerability allows administrative users of Aruba AirWave management systems to escalate their privileges to root on the underlying operating sy...
Sep 5, 2023CVE-2015-1391 is a Cross-Site Request Forgery (CSRF) vulnerability in Aruba AirWave network management software that allows attackers to bypass CSRF p...
Sep 5, 2023This CVE describes a local privilege escalation vulnerability in HPE Aruba Networking Virtual Intranet Access (VIA) client. Local users can exploit th...
Aug 15, 2023This critical vulnerability allows unauthenticated attackers to execute arbitrary code with privileged access on Aruba access points by sending specia...
Jul 25, 2023This critical vulnerability allows unauthenticated attackers to execute arbitrary code with privileged access on Aruba access points by sending specia...
Jul 25, 2023This vulnerability affects certain HP LaserJet Pro printers that lack authentication on specific endpoints, allowing attackers to potentially gain ele...
Jul 21, 2023A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in AMI UEFI Firmware on certain HP PC products could allow attackers to execute arbitrary code d...
Jun 30, 2023HP LaserJet Pro printers are vulnerable to Server-Side Request Forgery (SSRF) that could allow attackers to execute arbitrary code or gain elevated pr...
Jun 30, 2023This vulnerability in HP LaserJet Pro printers allows remote attackers to execute arbitrary code via a stack-based buffer overflow in the compact font...
Jun 30, 2023A buffer overflow vulnerability in HP multifunction printers running HP Workpath solutions could allow remote attackers to execute arbitrary code. Thi...
Jun 14, 2023This CVE describes BIOS vulnerabilities in certain HP PC products that could allow attackers to execute arbitrary code, escalate privileges, cause den...
Jun 14, 2023This CVE describes BIOS vulnerabilities in certain HP PC products that could allow attackers to execute arbitrary code, escalate privileges, cause den...
Jun 14, 2023This CVE describes vulnerabilities in the system BIOS of certain HP PC products that could allow attackers to execute arbitrary code, escalate privile...
Jun 14, 2023This CVE describes a time-of-check to time-of-use (TOCTOU) vulnerability in the BIOS of certain HP PC products. It could allow attackers to execute ar...
Jun 13, 2023This CVE describes a time-of-check to time-of-use (TOCTOU) vulnerability in HP PC BIOS firmware that could allow attackers to execute arbitrary code, ...
Jun 13, 2023This vulnerability allows local attackers to escalate privileges on affected HP systems. It affects users of HP PC Hardware Diagnostics Windows, HP Im...
Jun 12, 2023CVE-2023-26294 is a command injection vulnerability in HP Device Manager that allows attackers to execute arbitrary commands on affected systems. This...
Jun 12, 2023CVE-2023-26295 is a command injection vulnerability in HP Device Manager that allows attackers to execute arbitrary commands on affected systems. This...
Jun 12, 2023CVE-2023-26297 is a command injection vulnerability in HP Device Manager that allows attackers to execute arbitrary commands on affected systems. This...
Jun 12, 2023This vulnerability in HP Softpaq installer allows attackers to execute arbitrary code by exploiting improper control of generation of code (CWE-94). I...
Jun 9, 2023CVE-2023-22783 is a critical buffer overflow vulnerability in Aruba's PAPI protocol that allows unauthenticated attackers to execute arbitrary code wi...
May 8, 2023This critical vulnerability allows unauthenticated attackers to execute arbitrary code with privileged access on Aruba access points by sending specia...
May 8, 2023An unauthenticated Denial of Service vulnerability in Aruba's PAPI protocol allows attackers to disrupt affected access points without credentials. Th...
May 8, 2023This CVE describes authenticated command injection vulnerabilities in Aruba InstantOS and ArubaOS 10 command line interfaces. Attackers with authentic...
May 8, 2023This critical vulnerability allows unauthenticated attackers to execute arbitrary code with privileged access on Aruba access points by sending specia...
May 8, 2023This critical vulnerability allows unauthenticated attackers to execute arbitrary code with privileged access on Aruba access points by sending specia...
May 8, 2023This critical vulnerability in certain HP LaserJet Pro printers allows attackers to execute arbitrary code remotely via heap overflow. Affected organi...
Apr 28, 2023This CVE describes a critical buffer overflow vulnerability in certain HP LaserJet Pro printers that could allow remote attackers to execute arbitrary...
Apr 28, 2023CVE-2023-28088 is a vulnerability in HPE OneView where diagnostic dumps may expose SAN switch administrative credentials. This affects HPE OneView use...
Apr 25, 2023A cross-site scripting (XSS) vulnerability in HPE Integrated Lights-Out (iLO) management interfaces allows attackers to inject malicious scripts that ...
Mar 22, 2023A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in AMI UEFI Firmware used in certain HP PC products could allow attackers to execute arbitrary c...
Feb 12, 2023This CVE describes a cross-site scripting (XSS) vulnerability in HP Deskjet 2540 series printers that allows authenticated attackers to inject malicio...
Feb 6, 2023This CVE describes vulnerabilities in the system BIOS of certain HP PC products that could allow attackers to execute arbitrary code, escalate privile...
Feb 1, 2023CVE-2022-3990 is a privilege escalation vulnerability in HPSFViewer that could allow attackers to gain elevated privileges on affected systems. It aff...
Feb 1, 2023This CVE describes vulnerabilities in HP PC BIOS/UEFI firmware that could allow attackers to execute arbitrary code with high privileges. Affected sys...
Feb 1, 2023CVE-2022-23454 is a set of vulnerabilities in HP Support Assistant that could allow attackers to escalate privileges, compromise system integrity, com...
Feb 1, 2023This CVE describes a BIOS firmware vulnerability in certain HP Workstation products that could allow local attackers to execute arbitrary code with el...
Feb 1, 2023This SSRF vulnerability in HPE OneView allows attackers to make unauthorized requests from the vulnerable server to internal systems. Attackers could ...
May 17, 2022CVE-2022-28617 is a remote security restriction bypass vulnerability in HPE OneView that allows attackers to circumvent security controls and potentia...
May 17, 2022Why Monitor Hp Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 153+ known vulnerabilities affecting Hp products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Hp packages in under 60 seconds. No agents required - completely agentless scanning that works across Hp deployments.
Free vulnerability database: Access detailed information about every Hp CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Hp CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
