Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2015-5436

Summary
Assigner-hp
Assigner Org ID-74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At-11 May, 2017 | 14:01
Updated At-06 Aug, 2024 | 06:50
Rejected At-
Credits

A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:hp
Assigner Org ID:74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At:11 May, 2017 | 14:01
Updated At:06 Aug, 2024 | 06:50
Rejected At:
▼CVE Numbering Authority (CNA)

A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020.

Affected Products
Vendor
n/a
Product
HP Integrated Lights-Out 4 (iLO 4)
Versions
Affected
  • firmware version 2.11 and later, but prior to version 2.30
Problem Types
TypeCWE IDDescription
textN/Aemote Denial of Service (DoS)
Type: text
CWE ID: N/A
Description: emote Denial of Service (DoS)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165
x_refsource_CONFIRM
Hyperlink: https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165
x_refsource_CONFIRM
x_transferred
Hyperlink: https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:hp-security-alert@hp.com
Published At:11 May, 2017 | 14:29
Updated At:20 Apr, 2025 | 01:37

A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in 2015 however the CVE entry was added in 2020.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
HP Inc.
hp
>>integrated_lights-out_firmware>>Versions before 2.30(exclusive)
cpe:2.3:o:hp:integrated_lights-out_firmware:*:*:*:*:*:*:*:*
HP Inc.
hp
>>integrated_lights-out_4>>-
cpe:2.3:h:hp:integrated_lights-out_4:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165hp-security-alert@hp.com
N/A
https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c04806165
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

91Records found
CVE-2017-2742
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.90% / 75.77%
||
7 Day CHG~0.00%
Published-23 Jan, 2018 | 16:00
Updated-16 Sep, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified with HP Web Jetadmin before 10.4 SR2. This vulnerability could potentially be exploited to create a denial of service.

Action-Not Available
Vendor-HP Inc.
Product-web_jetadminHP Web Jetadmin
CVE-2008-0711
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.73% / 86.03%
||
7 Day CHG~0.00%
Published-08 Apr, 2008 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the embedded management console in HP iLO-2 Management Processors (iLO-2 MP), as used in Integrity Servers rx2660, rx3600, and rx6600, and Integrity Blade Server model bl860c, allows remote attackers to cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-rx2660bl860crx3600rx6600n/a
CVE-2023-50275
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.37%
||
7 Day CHG~0.00%
Published-23 Jan, 2024 | 17:09
Updated-20 Jun, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.

Action-Not Available
Vendor-Hewlett Packard Enterprise (HPE)HP Inc.
Product-oneviewHPE OneView
CWE ID-CWE-287
Improper Authentication
CVE-2023-45623
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 22:56
Updated-30 Aug, 2024 | 17:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosAruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;
CVE-2023-45624
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 22:57
Updated-27 Feb, 2025 | 18:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated Denial-of-Service (DoS) vulnerability exists in the soft ap daemon accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point.

Action-Not Available
Vendor-Aruba NetworksHewlett Packard Enterprise (HPE)HP Inc.
Product-arubaosinstantosAruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;
CVE-2023-45620
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-0.14% / 33.69%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 22:53
Updated-30 Aug, 2024 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosAruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;
CVE-2023-45622
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.98%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 22:55
Updated-12 Aug, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the BLE daemon service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosAruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-45621
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.98%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 22:54
Updated-14 Aug, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosAruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series; arubaosinstantos
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-38951
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.76%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 17:00
Updated-16 Sep, 2024 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources. IBM X-Force ID: 211405.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelwebsphere_application_serverihp-uxwindowsz\/osaixWebSphere Application Server
CVE-2021-3704
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.54% / 67.85%
||
7 Day CHG~0.00%
Published-01 Nov, 2021 | 13:15
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the device.

Action-Not Available
Vendor-n/aHP Inc.
Product-laserjet_pro_j8h60alaserjet_pro_j8h60a_firmwarelaserjet_pro_j8h61alaserjet_pro_j8h61a_firmwareHP LaserJet Pro M501 Series J8H61A; HP LaserJet Pro M501 Series J8H60A
CVE-2002-1426
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-14.94% / 94.59%
||
7 Day CHG~0.00%
Published-18 Mar, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_switch_4000mn/a
CVE-2023-30445
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.49%
||
7 Day CHG+0.01%
Published-08 Jul, 2023 | 18:28
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253357.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarisaixhp-uxlinux_kernelwindowsdb2DB2 for Linux, UNIX and Windowsdb2_for_linux_unix_and_windows
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30446
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.09% / 25.49%
||
7 Day CHG+0.01%
Published-08 Jul, 2023 | 18:09
Updated-13 Feb, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253361 .

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kerneldb2hp-uxwindowsaixDB2 for Linux, UNIX and Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30447
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.09% / 25.49%
||
7 Day CHG+0.01%
Published-08 Jul, 2023 | 18:07
Updated-13 Feb, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253436.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kerneldb2hp-uxwindowsaixDB2 for Linux, UNIX and Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30449
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.49%
||
7 Day CHG+0.01%
Published-08 Jul, 2023 | 18:31
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 253439.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarisaixhp-uxlinux_kernelwindowsdb2DB2 for Linux, UNIX and Windowsdb2_for_linux_unix_and_windows
CWE ID-CWE-20
Improper Input Validation
CVE-2021-29703
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.64% / 70.78%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 18:45
Updated-16 Sep, 2024 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200659.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kerneldb2hp-uxwindowsaixDB2 for Linux, UNIX and Windows
CVE-2023-28513
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.10% / 27.35%
||
7 Day CHG~0.00%
Published-19 Jul, 2023 | 01:49
Updated-21 Oct, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM MQ denial of service

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelihp-uxlinux_on_ibm_zwindowsmq_appliancemqaixMQMQ Appliance
CWE ID-CWE-20
Improper Input Validation
CVE-2023-26281
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.43% / 62.49%
||
7 Day CHG-0.00%
Published-28 Feb, 2023 | 14:19
Updated-06 Mar, 2025 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM HTTP Server denial of service

IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.Linux Kernel Organization, IncOracle CorporationIBM Corporation
Product-http_serversolarislinux_kernelhp-uxwindowsz\/osaixHTTP Server
CWE ID-CWE-20
Improper Input Validation
CVE-2023-22787
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.66%
||
7 Day CHG~0.00%
Published-08 May, 2023 | 14:07
Updated-31 Jan, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Denial of Service (DoS) in Aruba InstantOS or ArubaOS 10 Service Accessed via the PAPI Protocol

An unauthenticated Denial of Service (DoS) vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosAruba Access Points running InstantOS and ArubaOS 10
CVE-2002-0350
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.99% / 77.00%
||
7 Day CHG~0.00%
Published-03 May, 2002 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_switch_4000mn/a
CVE-2005-3983
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.30% / 79.87%
||
7 Day CHG~0.00%
Published-04 Dec, 2005 | 11:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when accessed by Microsoft Internet Explorer with the MS04-025 patch, leads to a denial of service (browser hang). NOTE: although the advisory is vague, this issue does not appear to involve an attacker at all. If not, then this issue is not a vulnerability.

Action-Not Available
Vendor-n/aHP Inc.
Product-systems_insight_managern/a
CVE-2017-8987
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.6||HIGH
EPSS-3.66% / 87.94%
||
7 Day CHG~0.00%
Published-06 Aug, 2018 | 20:00
Updated-05 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Unauthenticated Remote Denial of Service vulnerability was identified in HPE Integrated Lights-Out 3 (iLO 3) version v1.88 only. The vulnerability is resolved in iLO3 v1.89 or subsequent versions.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-integrated_lights-out_3_firmwareintegrated_lights-outHPE Integrated Lights-Out 3 (iLO 3)
CVE-2017-8955
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-13.58% / 94.27%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2601
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-3.46% / 87.60%
||
7 Day CHG~0.00%
Published-24 Apr, 2014 | 23:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.

Action-Not Available
Vendor-n/aHP Inc.
Product-integrated_lights-out_2_firmwaren/a
CVE-2020-4310
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.61% / 70.01%
||
7 Day CHG~0.00%
Published-16 Jun, 2020 | 13:45
Updated-17 Sep, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelhp-uxwebsphere_mqwindowsmqaixMQWebSphere MQ
CVE-2013-4840
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-1.44% / 80.84%
||
7 Day CHG~0.00%
Published-28 Jul, 2014 | 17:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP and H3C VPN Firewall Module products SECPATH1000FE before 5.20.R3177 and SECBLADEFW before 5.20.R3177 allows remote attackers to cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.New H3C Technologies Co., Ltd.
Product-s1000-e_vpn_firewall_appliance5820_vpn_firewall_modules5820_secblade_vpn_firewall_modulesecbladefw10500\/7500_advanced_vpn_firewall_module6600_firewall_processing_rtr_modulef1000-e_vpn_firewall8800_firewall_processing_modules7500e_secblade_vpn_firewall_module9500_vpn_firewall_modulesr88_firewall_processing_modules9500e_secblade_vpn_firewall_modulesr66_gigabit_firewall_modulesecpath1000fe12500_vpn_firewall_modulen/a
CVE-2013-4854
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-51.15% / 97.89%
||
7 Day CHG~0.00%
Published-26 Jul, 2013 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.

Action-Not Available
Vendor-n/aFreeBSD FoundationNovellFedora ProjectopenSUSEMandriva (Mandrakesoft)SlackwareInternet Systems Consortium, Inc.SUSERed Hat, Inc.HP Inc.
Product-suse_linux_enterprise_software_development_kitbusiness_serverfreebsdhp-uxsuse_linuxdnsco_bindbindfedoraenterprise_serverslackware_linuxenterprise_linuxopensusen/a
CVE-2017-5808
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-18.20% / 95.23%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-data_protectorData Protector
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5818
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-13.58% / 94.27%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2012-3281
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-1.44% / 80.84%
||
7 Day CHG~0.00%
Published-06 Feb, 2013 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Device Manager in HP XP P9000 Command View Advanced Edition before 7.4.0-00 allows remote attackers to cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-xp_p9000_command_view_advanced_editionn/a
CVE-2013-2353
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-1.44% / 80.84%
||
7 Day CHG~0.00%
Published-28 Aug, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP StoreOnce D2D Backup System 1.x before 1.2.19 and 2.x before 2.3.0 allows remote attackers to cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-storeonce_d2dn/a
CVE-2012-3252
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-1.44% / 80.84%
||
7 Day CHG~0.00%
Published-20 Aug, 2012 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote attackers to cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-serviceguardn/a
CVE-2012-2017
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-4.62% / 89.33%
||
7 Day CHG~0.00%
Published-30 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability on HP Photosmart Wireless e-All-in-One B110, e-All-in-One D110, Plus e-All-in-One B210, eStation All-in-One C510, Ink Advantage e-All-in-One K510, and Premium Fax e-All-in-One C410 printers allows remote attackers to cause a denial of service via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-photosmart_wireless_e-all-in-one_printer_seriesphotosmart_premium_fax_e-all-in-one_printer_seriesphotosmart_e-all-in-one_printer_seriesphotosmart_plus_e-all-in-one_printer_seriesphotosmart_estation_all-in-one-printer_seriesphotosmart_ink_advantage_e-all-in-onen/a
CVE-2025-43025
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.30% / 53.15%
||
7 Day CHG~0.00%
Published-02 Jul, 2025 | 19:43
Updated-20 Jan, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HP Universal Print Driver – Potential Denial of Service

HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.).

Action-Not Available
Vendor-HP Inc.
Product-universal_print_driverUniversal Print Driver
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-12545
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-9.54% / 92.89%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

Action-Not Available
Vendor-Microsoft CorporationHewlett Packard Enterprise (HPE)HP Inc.Linux Kernel Organization, Inc
Product-windowssystem_management_homepagelinux_kernelSystem Management Homepage for Windows and Linux
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-31482
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-0.24% / 47.44%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 22:36
Updated-24 Jun, 2025 | 15:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point.

Action-Not Available
Vendor-Aruba NetworksHP Inc.Hewlett Packard Enterprise (HPE)
Product-arubaosinstantosAOS-8 Instant and AOS-10 APinstantarubaos
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-31478
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-0.21% / 43.49%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 22:32
Updated-24 Jun, 2025 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point.

Action-Not Available
Vendor-Aruba NetworksHP Inc.Hewlett Packard Enterprise (HPE)
Product-arubaosinstantosAOS-8 Instant and AOS-10 APinstantarubaos
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-31481
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-0.24% / 47.44%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 22:35
Updated-24 Jun, 2025 | 15:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.

Action-Not Available
Vendor-Aruba NetworksHP Inc.Hewlett Packard Enterprise (HPE)
Product-arubaosinstantosAOS-8 Instant and AOS-10 APinstantarubaos
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-31480
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-0.24% / 47.44%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 22:34
Updated-24 Jun, 2025 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.

Action-Not Available
Vendor-Aruba NetworksHP Inc.Hewlett Packard Enterprise (HPE)
Product-arubaosinstantosAOS-8 Instant and AOS-10 APinstantarubaos
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-31479
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-0.24% / 47.44%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 22:33
Updated-24 Jun, 2025 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.

Action-Not Available
Vendor-Aruba NetworksHP Inc.Hewlett Packard Enterprise (HPE)
Product-arubaosinstantosAOS-8 Instant and AOS-10 APinstantarubaos
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2016-2776
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-88.39% / 99.51%
||
7 Day CHG+1.43%
Published-28 Sep, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

Action-Not Available
Vendor-n/aHP Inc.Oracle CorporationInternet Systems Consortium, Inc.
Product-vm_serverhp-uxsolarisbindlinuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-3627
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.85%
||
7 Day CHG~0.00%
Published-17 May, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEOracle CorporationRed Hat, Inc.libxml2 (XMLSoft)HP Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxvm_serverenterprise_linux_serverenterprise_linux_workstationenterprise_linux_desktopicewall_federation_agentjboss_core_servicesleapsolarisicewall_file_managerenterprise_linux_server_ausenterprise_linux_euslibxml2n/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2022-43929
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.11% / 29.27%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 16:57
Updated-17 Mar, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 for Linux, UNIX and Windows denial of service

IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be vulnerable to a Denial of Service when executing a specially crafted 'Load' command. IBM X-Force ID: 241676.

Action-Not Available
Vendor-Oracle CorporationHP Inc.Microsoft CorporationLinux Kernel Organization, IncIBM Corporation
Product-solarislinux_kerneldb2hp-uxwindowsaixDb2 for Linux, UNIX and Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2022-43780
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.15%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 17:42
Updated-30 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP ENVY, OfficeJet, and DeskJet printers may be vulnerable to a Denial of Service attack.

Action-Not Available
Vendor-HP Inc.
Product-m2u94b_firmwarez4b27az4a73a_firmwarez4a59a_firmwarez4b29a_firmwarez4a59am2u85bm2u85b_firmwarem2u92a_firmwarez4a70am2u89bz4a71az4a70a_firmwarem2u84a_firmwarem2u81b_firmwarem2u86b_firmwarem2u86cm2u91am2u86bz4b14am2u91bz4a74am2u92b_firmwarem2u81a_firmwarem2u91b_firmwarez4b28az4b29am2u92az4b12a_firmwarem2u81am2u87a_firmwarez4a69a_firmwarez4a60az4b14a_firmwarem2u81bm2u82am2u77az4a54am2u75am2u87bz4b13a_firmwarez4a74a_firmwarem2u75a_firmwarem2u77a_firmwarez4b18az4a61am2u76a_firmwarem2u82a_firmwarem2u84am2u76am2u84b_firmwarez4a71a_firmwarem2u86c_firmwarez4a61b_firmwarem2u92bz4b12az4b28a_firmwarem2u82b_firmwarem2u82bm2u94a_firmwarem2u87az4b18a_firmwarez4a54a_firmwarem2u91a_firmwarem2u87b_firmwarez4a61a_firmwarem2u86a_firmwarem2u94az4a73az4a69am2u88bm2u84bz4a61bm2u94bm2u85az4a60a_firmwarez4b27a_firmwarem2u89b_firmwarez4b13am2u86am2u85a_firmwarem2u88b_firmwareCertain HP ENVY, OfficeJet, and DeskJet printers
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2016-3092
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-33.87% / 96.98%
||
7 Day CHG~0.00%
Published-04 Jul, 2016 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.

Action-Not Available
Vendor-n/aCanonical Ltd.The Apache Software FoundationHP Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxtomcaticewall_sso_agent_optionicewall_identity_managercommons_fileuploadn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-2794
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.15%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 20:48
Updated-29 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP PageWide Pro Printers may be vulnerable to a potential denial of service attack.

Action-Not Available
Vendor-HP Inc.
Product-pagewide_pro_452dw_d3q16a_firmwarepagewide_pro_477dw_d3q20apagewide_352dw_j6u57a_firmwarepagewide_377dw_j9v80a_firmwarepagewide_352dw_j6u57apagewide_pro_452dn_d3q15a_firmwarepagewide_managed_p57750dw_j9v82a_firmwarepagewide_pro_577z_k9z76apagewide_managed_p55250dw_j6u55b_firmwarepagewide_pro_477dn_d3q19apagewide_pro_577z_k9z76a_firmwarepagewide_pro_577dw_d3q21apagewide_managed_p55250dw_j6u55bpagewide_managed_p55250dw_j6u51bpagewide_managed_p55250dw_j6u55apagewide_managed_p57750dw_j9v82apagewide_pro_552dw_d3q17a_firmwarepagewide_pro_477dn_d3q19a_firmwarepagewide_377dw_j9v80apagewide_managed_p55250dw_j6u55a_firmwarepagewide_pro_577dw_d3q21a_firmwarepagewide_pro_477dw_d3q20a_firmwarepagewide_pro_452dn_d3q15apagewide_managed_p55250dw_j6u51b_firmwarepagewide_pro_552dw_d3q17apagewide_pro_452dw_d3q16aCertain HP PageWide Pro printers
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-24291
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-1.76% / 82.71%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 19:46
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-officejet_pro_8210_j3p67a_firmwareofficejet_pro_8740_k7s42a_firmwarelaserjet_pro_m453-m454_w1y46a_firmwarelaserjet_pro_mfp_m478-m479_w1a80alaserjet_pro_m304-m305_w1a47alaserjet_pro_m453-m454_w1y45a_firmwarelaserjet_pro_m304-m305_w1a48a_firmwareofficejet_pro_8740_t0g65aofficejet_pro_8210_j3p65aofficejet_pro_8210_d9l63a_firmwarelaserjet_pro_m453-m454_w1y44aofficejet_pro_8740_k7s40aofficejet_pro_8740_j6x83a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a29a_firmwarepagewide_managed_p55250dw_j6u55alaserjet_pro_m304-m305_w1a46aofficejet_pro_8740_k7s43alaserjet_pro_m453-m454_w1y43a_firmwarepagewide_352dw_j6u57a_firmwarelaserjet_pro_m453-m454_w1y47a_firmwarepagewide_pro_477dn_d3q19alaserjet_pro_m304-m305_w1a46a_firmwarelaserjet_pro_m304-m305_w1a66a_firmwarelaserjet_pro_m404-m405_w1a57alaserjet_pro_m404-m405_w1a59alaserjet_pro_m453-m454_w1y41a_firmwarelaserjet_pro_mfp_m478-m479_w1a78a_firmwarelaserjet_pro_m404-m405_w1a56alaserjet_pro_m404-m405_w1a52alaserjet_pro_mfp_m478-m479_w1a82alaserjet_pro_mfp_m428-m429_w1a31apagewide_pro_452dw_d3q16a_firmwarelaserjet_pro_mfp_m478-m479_w1a77a_firmwarepagewide_pro_452dw_d3q16apagewide_pro_452dn_d3q15apagewide_managed_p57750dw_j9v82aofficejet_pro_8740_k7s41aofficejet_pro_8210_d9l63alaserjet_pro_m304-m305_w1a53a_firmwarepagewide_pro_552dw_d3q17a_firmwarelaserjet_pro_mfp_m478-m479_w1a79alaserjet_pro_mfp_m428-m429_w1a31a_firmwareofficejet_pro_8210_j3p68a_firmwareofficejet_pro_8216_t0g70a_firmwarelaserjet_pro_m304-m305_w1a51a_firmwarelaserjet_pro_m304-m305_w1a59a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38alaserjet_pro_m304-m305_w1a48alaserjet_pro_mfp_m428-m429_f_w1a32a_firmwareofficejet_pro_8216_t0g70alaserjet_pro_m453-m454_w1y47alaserjet_pro_m304-m305_w1a56a_firmwarepagewide_pro_577z_k9z76a_firmwarepagewide_managed_p55250dw_j6u55b_firmwareofficejet_pro_8730_k7s32a_firmwareofficejet_pro_8740_j6x83apagewide_pro_577dw_d3q21alaserjet_pro_mfp_m478-m479_w1a80a_firmwarelaserjet_pro_m304-m305_w1a52a_firmwarepagewide_pro_452dn_d3q15a_firmwareofficejet_pro_8210_d9l64alaserjet_pro_m453-m454_w1y46alaserjet_pro_mfp_m428-m429_f_w1a32alaserjet_pro_mfp_m478-m479_w1a81a_firmwarelaserjet_pro_m453-m454_w1y44a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34a_firmwareofficejet_pro_8740_k7s41a_firmwareofficejet_pro_8210_d9l64a_firmwarepagewide_377dw_j9v80a_firmwarelaserjet_pro_m304-m305_w1a57a_firmwareofficejet_pro_8740_d9l21alaserjet_pro_m304-m305_w1a58a_firmwarelaserjet_pro_mfp_m478-m479_w1a75apagewide_managed_p55250dw_j6u55bofficejet_pro_8740_k7s39alaserjet_pro_mfp_m428-m429_f_w1a30alaserjet_pro_m304-m305_w1a66alaserjet_pro_m453-m454_w1y40alaserjet_pro_mfp_m478-m479_w1a77apagewide_managed_p55250dw_j6u55a_firmwarepagewide_pro_477dw_d3q20aofficejet_pro_8210_j3p66alaserjet_pro_m404-m405_w1a60alaserjet_pro_mfp_m428-m429_f_w1a35alaserjet_pro_mfp_m478-m479_w1a76a_firmwarepagewide_pro_577z_k9z76apagewide_managed_p55250dw_j6u51bpagewide_377dw_j9v80alaserjet_pro_mfp_m478-m479_w1a78alaserjet_pro_m304-m305_w1a63a_firmwarelaserjet_pro_m304-m305_w1a60a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34aofficejet_pro_8740_t0g65a_firmwarepagewide_pro_477dw_d3q20a_firmwarelaserjet_pro_m453-m454_w1y40a_firmwareofficejet_pro_8740_k7s39a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a35a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a30a_firmwarepagewide_managed_p55250dw_j6u51b_firmwareofficejet_pro_8730_d9l20a_firmwarelaserjet_pro_mfp_m428-m429_w1a33a_firmwarelaserjet_pro_m404-m405_93m22alaserjet_pro_mfp_m478-m479_w1a76alaserjet_pro_mfp_m478-m479_w1a82a_firmwareofficejet_pro_8210_j3p68alaserjet_pro_mfp_m478-m479_w1a81alaserjet_pro_m404-m405_w1a51alaserjet_pro_mfp_m428-m429_w1a33aofficejet_pro_8210_j3p66a_firmwarelaserjet_pro_m404-m405_w1a53alaserjet_pro_m453-m454_w1y43alaserjet_pro_mfp_m478-m479_w1a79a_firmwarelaserjet_pro_m404-m405_w1a58alaserjet_pro_mfp_m428-m429_w1a28a_firmwareofficejet_pro_8210_j3p67alaserjet_pro_mfp_m428-m429_w1a28aofficejet_pro_8740_k7s42apagewide_pro_552dw_d3q17aofficejet_pro_8210_j3p65a_firmwareofficejet_pro_8740_k7s43a_firmwarelaserjet_pro_m453-m454_w1y41alaserjet_pro_m453-m454_w1y45alaserjet_pro_m304-m305_w1a47a_firmwareofficejet_pro_8730_d9l20aofficejet_pro_8740_d9l21a_firmwareofficejet_pro_8740_k7s40a_firmwareofficejet_pro_8730_k7s32apagewide_managed_p57750dw_j9v82a_firmwarelaserjet_pro_m404-m405_93m22a_firmwarelaserjet_pro_m404-m405_w1a63alaserjet_pro_mfp_m428-m429_f_w1a29alaserjet_pro_mfp_m478-m479_w1a75a_firmwarepagewide_352dw_j6u57apagewide_pro_477dn_d3q19a_firmwarepagewide_pro_577dw_d3q21a_firmwareHP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers
CVE-2022-23704
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-0.50% / 65.89%
||
7 Day CHG~0.00%
Published-09 May, 2022 | 20:17
Updated-03 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later.

Action-Not Available
Vendor-n/aHP Inc.Hewlett Packard Enterprise (HPE)
Product-proliant_bl460c_gen8_server_bladeproliant_dl160_gen9_serverproliant_dl20_gen9_serverproliant_xl220a_gen8_v2_serverproliant_dl320e_gen8_serverproliant_sl250s_gen8_serverproliant_dl180_gen9_serverproliant_ml350p_gen8_serverproliant_ws460c_gen8_graphics_server_bladeproliant_sl230s_gen8_serverproliant_sl270s_gen8_se_serverproliant_dl360p_gen8_serverproliant_dl580_gen9_serverproliant_dl80_gen9_serverproliant_dl560_gen9_serverproliant_xl170r_gen9_serverproliant_ml310e_gen8_v2_serverproliant_microserver_gen8proliant_dl120_gen9_serverproliant_xl190r_gen9_serverproliant_xl740f_gen9_serverproliant_dl360_gen9_serverproliant_dl360e_gen8_serversynergy_620_gen9_compute_moduleproliant_sl270s_gen8_serverproliant_ml30_gen9_serverproliant_dl380p_gen8_serverproliant_xl730f_gen9_serverproliant_ec200a_serverproliant_ml350_gen9_serverproliant_dl160_gen8_serverproliant_dl560_gen8_serverproliant_xl750f_gen9_serverproliant_bl465c_gen8_server_bladeproliant_bl460c_gen9_server_bladeproliant_xl250a_gen9_serverproliant_dl380e_gen8_serverproliant_ws460c_gen9_graphics_server_bladeproliant_bl660c_gen9_serverintegrated_lights-out_4proliant_dl380_gen9_serverproliant_ml150_gen9_serversynergy_680_gen9_compute_moduleproliant_ml110_gen9_serverproliant_xl450_gen9_serverapollo_4200_gen9_serverproliant_ml310e_gen8_serversynergy_480_gen9_compute_moduleproliant_bl420c_gen8_serverproliant_bl660c_gen8_server_bladeproliant_ml350e_gen8_v2_serverproliant_dl385p_gen8proliant_dl60_gen9_serverproliant_dl580_gen8_serversynergy_660_gen9_compute_moduleproliant_dl320e_gen8_v2_serverproliant_xl230a_gen9_serverproliant_sl210t_gen8_serverproliant_sl4540_gen8_1_node_serverHPE Integrated Lights-Out 4 (iLO 4)
CVE-2025-2268
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.39% / 60.07%
||
7 Day CHG~0.00%
Published-14 Mar, 2025 | 13:33
Updated-16 Jan, 2026 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HP LaserJet MFP M232-M237 Printer Series - Potential Denial of Service

The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP).

Action-Not Available
Vendor-HP Inc.
Product-7md70f7md70e_firmware1y7d4a6gx05e6gx06a_firmware6gx00a_firmware7md73a7md74a6gw99a_firmware9yf92a7md75a_firmware9yf91e7md74e2a130e_firmware7md70a6gx09e9yf88a2a130a9yf94a2u589a_firmware9yf88a_firmware9yf96a_firmware2u589e_firmware9yf91a7md72e2u589a9yf90a6gx00e6gw71a7md71a_firmware9yg02e_firmware7md69a_firmware9yf98a6gx06a9yf96a1y7d4a_firmware6gx04a_firmware6gx09e_firmware9yg02e9yg09a_firmware9yg10a_firmware9yg05a_firmware6gx03a_firmware9yg02a7md70a_firmware7md75a7md70f_firmware9yg11a_firmware6gx05e_firmware2a130a_firmware2a130e6gx09a_firmware9yf97a6gw99e_firmware6gx03a2u589e2a129a_firmware6gw99e6gx01a6gw71a_firmware9yf89a_firmware9yg08a6gx05a_firmware7md76a_firmware9yg05e_firmware7md73a_firmware6gw99a7md69a6gx02e_firmware7md76e_firmware7md72a_firmware2u589f_firmware7md70e9yg02a_firmware9yg05e9yf95a_firmware7md74a_firmware7md74e_firmware9yf92a_firmware9yf95a2u589f6gx02e9yf91a_firmware9yg10a7md72e_firmware9yg08a_firmware9yg09a6gx01a_firmware6hu08a6gx04a9yf97a_firmware9yf91e_firmware6gx00e_firmware9yf89a9yg05a7md76e9yf94a_firmware7md72a9yf98a_firmware6gx09a7md71a6hu08a_firmware6gx00a2a129a9yg11a9yf90a_firmware7md76a6gx05aHP LaserJet MFP M232-M237 Printer Series
CWE ID-CWE-241
Improper Handling of Unexpected Data Type
CVE-2015-2122
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-1.44% / 80.84%
||
7 Day CHG~0.00%
Published-25 May, 2015 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows remote attackers to cause a denial of service via network traffic to the REST port.

Action-Not Available
Vendor-n/aHP Inc.
Product-sdn_van_controllern/a
  • Previous
  • 1
  • 2
  • Next
Details not found