Hp: Security Vulnerabilities
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
CVSS Score
8.3
EPSS Score
0.021
Published
2025-02-14
Certain HP LaserJet Pro printers may potentially
experience a denial of service when a user sends a raw JPEG file to the printer
via IPP (Internet Printing Protocol).
CVSS Score
6.9
EPSS Score
0.002
Published
2025-02-06
IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Score
5.9
EPSS Score
0.001
Published
2025-01-27
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-12-19
A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware flaw does not properly sanitize user input. The exploitation of this vulnerability is dependent on a layered attack and cannot be exploited by itself.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-11-05
Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could potentially lead to Remote Code Execution and/or Elevation of Privilege on the PC.
CVSS Score
7.8
EPSS Score
0.045
Published
2024-10-30
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Score
5.5
EPSS Score
0.003
Published
2024-10-16
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-10-16
Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP server credentials.
CVSS Score
7.5
EPSS Score
0.004
Published
2024-10-15
Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, potentially blocking queued print jobs.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-10-02