Filtered by vendor Hp
Subscribe
Total
2498 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27540 | 1 Hp | 706 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 703 more | 2026-01-30 | N/A | 7.8 HIGH |
| A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability. | |||||
| CVE-2025-43024 | 1 Hp | 1 Thinpro | 2026-01-29 | N/A | 7.5 HIGH |
| A GUI dialog of an application allows to view what files are in the file system without proper authorization. | |||||
| CVE-2024-9419 | 1 Hp | 1 Smart Universal Printing Driver | 2026-01-26 | N/A | 7.8 HIGH |
| Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could potentially lead to Remote Code Execution and/or Elevation of Privilege on the PC. | |||||
| CVE-2024-2301 | 1 Hp | 28 Cz172a, Cz172a Firmware, Cz173a and 25 more | 2026-01-26 | N/A | 7.6 HIGH |
| Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting (XSS) attack via the web management interface of the device. | |||||
| CVE-2024-5143 | 1 Hp | 16 W1a75a, W1a75a Firmware, W1a76a and 13 more | 2026-01-26 | N/A | 6.8 MEDIUM |
| A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be exposed. | |||||
| CVE-2024-27460 | 1 Hp | 1 Poly Plantronics Hub | 2026-01-21 | N/A | 6.7 MEDIUM |
| A privilege escalation exists in the updater for Plantronics Hub 3.25.1 and below. | |||||
| CVE-2025-43017 | 1 Hp | 1 Thinpro | 2026-01-21 | N/A | 9.8 CRITICAL |
| HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities. | |||||
| CVE-2025-11761 | 1 Hp | 1 Client Management Script Library | 2026-01-21 | N/A | 7.8 HIGH |
| A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. HP is releasing software updates to mitigate the potential vulnerability. | |||||
| CVE-2025-11531 | 1 Hp | 2 Omen Gaming Hub, System Event Utility | 2026-01-21 | N/A | 8.8 HIGH |
| HP System Event Utility and Omen Gaming Hub might allow execution of certain files outside of their restricted paths. This potential vulnerability was remediated with HP System Event Utility version 3.2.12 and Omen Gaming Hub version 1101.2511.101.0. | |||||
| CVE-2025-43025 | 1 Hp | 1 Universal Print Driver | 2026-01-20 | N/A | 7.5 HIGH |
| HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.). | |||||
| CVE-2025-43019 | 1 Hp | 1 Support Assistant | 2026-01-20 | N/A | 7.8 HIGH |
| A potential security vulnerability has been identified in the HP Support Assistant, which allows a local attacker to escalate privileges via an arbitrary file deletion. | |||||
| CVE-2025-10578 | 1 Hp | 1 Support Assistant | 2026-01-16 | N/A | 7.8 HIGH |
| A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.47.41.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write. | |||||
| CVE-2025-43491 | 2 Hp, Microsoft | 2 Poly Lens Desktop, Windows | 2026-01-16 | N/A | 9.8 CRITICAL |
| A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow modifications to the filesystem, which might lead to SYSTEM level privileges being granted. | |||||
| CVE-2025-2268 | 1 Hp | 108 1y7d4a, 1y7d4a Firmware, 2a129a and 105 more | 2026-01-16 | N/A | 7.5 HIGH |
| The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP). | |||||
| CVE-2025-43023 | 1 Hp | 1 Linux Imaging And Printing | 2026-01-16 | N/A | 9.1 CRITICAL |
| A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm (DSA). | |||||
| CVE-2025-26507 | 1 Hp | 403 115p9aw, 115q0aw, 17f27aw and 400 more | 2026-01-15 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | |||||
| CVE-2025-26506 | 1 Hp | 190 499m6a, 499m6a Firmware, 499m7a and 187 more | 2026-01-15 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | |||||
| CVE-2025-26508 | 1 Hp | 593 115p9aw, 115q0aw, 17f27aw and 590 more | 2026-01-15 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | |||||
| CVE-2024-1869 | 1 Hp | 4 Cq891c, Cq891c Firmware, Cq893c and 1 more | 2026-01-15 | N/A | 7.5 HIGH |
| Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220. | |||||
| CVE-2024-28893 | 1 Hp | 1 Softpaqs | 2026-01-14 | N/A | 7.7 HIGH |
| Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages (SoftPaqs). | |||||