Filtered by vendor Hp
Subscriptions
Total
2530 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27460 | 1 Hp | 1 Poly Plantronics Hub | 2026-01-21 | 6.7 Medium |
| A privilege escalation exists in the updater for Plantronics Hub 3.25.1 and below. | ||||
| CVE-2025-43017 | 1 Hp | 1 Thinpro | 2026-01-21 | 9.8 Critical |
| HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP ThinPro 8.1 SP8, which includes updates to mitigate potential vulnerabilities. | ||||
| CVE-2025-11761 | 1 Hp | 1 Client Management Script Library | 2026-01-21 | 7.8 High |
| A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. HP is releasing software updates to mitigate the potential vulnerability. | ||||
| CVE-2025-11531 | 2 Hp, Hp Inc | 4 Omen Gaming Hub, System Event Utility, Hp System Event Utility and 1 more | 2026-01-21 | 8.8 High |
| HP System Event Utility and Omen Gaming Hub might allow execution of certain files outside of their restricted paths. This potential vulnerability was remediated with HP System Event Utility version 3.2.12 and Omen Gaming Hub version 1101.2511.101.0. | ||||
| CVE-2025-43025 | 1 Hp | 1 Universal Print Driver | 2026-01-20 | 7.5 High |
| HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.). | ||||
| CVE-2025-43019 | 1 Hp | 1 Support Assistant | 2026-01-20 | 7.8 High |
| A potential security vulnerability has been identified in the HP Support Assistant, which allows a local attacker to escalate privileges via an arbitrary file deletion. | ||||
| CVE-2025-10568 | 2 Hp, Hyperx | 2 Hyperx Ngenuity, Ngenuity | 2026-01-16 | 9.8 Critical |
| HyperX NGENUITY software is potentially vulnerable to arbitrary code execution. HP is releasing updated software to address the potential vulnerability. | ||||
| CVE-2025-10578 | 1 Hp | 2 Hp, Support Assistant | 2026-01-16 | 7.8 High |
| A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.47.41.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write. | ||||
| CVE-2025-43491 | 2 Hp, Microsoft | 3 Poly Lens, Poly Lens Desktop, Windows | 2026-01-16 | 9.8 Critical |
| A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow modifications to the filesystem, which might lead to SYSTEM level privileges being granted. | ||||
| CVE-2025-2268 | 1 Hp | 108 1y7d4a, 1y7d4a Firmware, 2a129a and 105 more | 2026-01-16 | 7.5 High |
| The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP). | ||||
| CVE-2025-43023 | 2 Hp, Linux | 5 Hp, Linux Imaging And Printing, Linux Imaging And Printing Project and 2 more | 2026-01-16 | 9.1 Critical |
| A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm (DSA). | ||||
| CVE-2025-37186 | 2 Hp, Linux | 2 Aruba Virtual Intranet Access, Linux | 2026-01-15 | 7.8 High |
| A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking Virtual Intranet Access (VIA) client. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges. | ||||
| CVE-2025-26507 | 1 Hp | 403 115p9aw, 115q0aw, 17f27aw and 400 more | 2026-01-15 | 9.8 Critical |
| Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | ||||
| CVE-2025-26506 | 1 Hp | 190 499m6a, 499m6a Firmware, 499m7a and 187 more | 2026-01-15 | 9.8 Critical |
| Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | ||||
| CVE-2025-26508 | 1 Hp | 593 115p9aw, 115q0aw, 17f27aw and 590 more | 2026-01-15 | 9.8 Critical |
| Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | ||||
| CVE-2024-1869 | 1 Hp | 4 Cq891c, Cq891c Firmware, Cq893c and 1 more | 2026-01-15 | 7.5 High |
| Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220. | ||||
| CVE-2025-37168 | 3 Arubanetworks, Hp, Hpe | 3 Arubaos, Arubaos, Arubaos | 2026-01-14 | 8.2 High |
| Arbitrary file deletion vulnerability have been identified in a system function of mobility conductors running AOS-8 operating system. Successful exploitation of this vulnerability could allow an unauthenticated remote malicious actor to delete arbitrary files within the affected system and potentially result in denial-of-service conditions on affected devices. | ||||
| CVE-2024-28893 | 1 Hp | 1 Softpaqs | 2026-01-14 | 7.7 High |
| Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages (SoftPaqs). | ||||
| CVE-2022-37019 | 1 Hp | 52 Elite Slice, Elite Slice Firmware, Elite Slice For Meeting Rooms and 49 more | 2026-01-14 | 6.8 Medium |
| Potential vulnerabilities have been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities. | ||||
| CVE-2025-37169 | 3 Arubanetworks, Hp, Hpe | 3 Arubaos, Arubaos, Arubaos | 2026-01-14 | 7.2 High |
| A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system. | ||||