Hp: Security Vulnerabilities
Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.
CVSS Score
9.8
EPSS Score
0.044
Published
2022-12-12
Cross Site Scripting vulnerability in Hewlett Packard Enterprise Integrated Lights-Out 5.
CVSS Score
6.4
EPSS Score
0.001
Published
2022-12-12
A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-12-12
A vulnerability in NetBatch-Plus software allows unauthorized access to the application.
HPE has provided a workaround and fix. Please refer to HPE Security Bulletin
HPESBNS04388
for details.
CVSS Score
7.3
EPSS Score
0.001
Published
2022-11-22
IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236588.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-11-11
IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-11-11
"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Force ID: 234762."
CVSS Score
5.9
EPSS Score
0.001
Published
2022-11-03
Certain HP Print Products are potentially vulnerable to Remote Code Execution.
CVSS Score
9.8
EPSS Score
0.049
Published
2022-09-26
Certain HP Print Products are potentially vulnerable to Buffer Overflow.
CVSS Score
9.8
EPSS Score
0.021
Published
2022-09-26
A local Denial of Service (DoS) and local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses these security vulnerabilities.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-20