Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-50271

Summary
Assigner-hpe
Assigner Org ID-eb103674-0d28-4225-80f8-39fb86215de0
Published At-17 Dec, 2023 | 14:49
Updated At-02 Aug, 2024 | 22:16
Rejected At-
Credits

HP-UX System Management Homepage, Disclosure of Information

A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:hpe
Assigner Org ID:eb103674-0d28-4225-80f8-39fb86215de0
Published At:17 Dec, 2023 | 14:49
Updated At:02 Aug, 2024 | 22:16
Rejected At:
▼CVE Numbering Authority (CNA)
HP-UX System Management Homepage, Disclosure of Information

A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.

Affected Products
Vendor
Hewlett Packard Enterprise (HPE)HPE
Product
HPE System Management Homepage (SMH)
Package Name
SMH
Platforms
  • HP-UX
Default Status
affected
Versions
Affected
  • Prior to HPE SMH ver.A.3.2.23.09
Problem Types
TypeCWE IDDescription
CWECWE-200CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Type: CWE
CWE ID: CWE-200
Description: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Metrics
VersionBase scoreBase severityVector
3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-410CAPEC-410 Information Elicitation
CAPEC ID: CAPEC-410
Description: CAPEC-410 Information Elicitation
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbux04551en_us
N/A
Hyperlink: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbux04551en_us
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbux04551en_us
x_transferred
Hyperlink: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbux04551en_us
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-alert@hpe.com
Published At:17 Dec, 2023 | 15:15
Updated At:21 Dec, 2023 | 20:14

A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Secondary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
CPE Matches
HP Inc.
hp
>>system_management_homepage>>Versions before a.3.2.23.09(exclusive)
cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>-
cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-200Secondarysecurity-alert@hpe.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-200
Type: Secondary
Source: security-alert@hpe.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbux04551en_ussecurity-alert@hpe.com
Vendor Advisory
Hyperlink: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbux04551en_us
Source: security-alert@hpe.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1028Records found
CVE-2025-12785
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.04% / 11.31%
||
7 Day CHG-0.02%
Published-13 Nov, 2025 | 17:38
Updated-13 Feb, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Certain HP LaserJet Pro Printers – Potential Information Disclosure

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server.

Action-Not Available
Vendor-HP IncHP Inc.
Product-7kw59a7kw64a_firmwarew1a63a7kw68a7kw75a_firmware7kw57a_firmwarew1a82aw1a77a7kw66aw1a30a_firmwarew1a35a_firmware7kw55a7kw66a_firmwarew1y47a_firmwarew1a76aw1a33a7kw67aw1a28a_firmware7kw49a_firmwarew1a32a_firmware7kw59a_firmwarew1a60a_firmwarew1a34aw1y47aw1a63a_firmwarew1y45a_firmwarew1a35aw1y40aw1y40a_firmwarew1a52aw1a38a7kw74aw1a80aw1y43aw1a31a7kw56a7kw57aw1a48a_firmware7kw73a_firmwarew1a57a_firmwarew1a81a_firmwarew1a79aw1a56aw1a38a_firmware7kw76a7kw58a_firmware7kw48a7kw72a_firmwarew1a58a_firmwarew1a47a7kw77a_firmware7kw72aw1a56a_firmware7kw48a_firmwarew1a66aw1a58aw1a79a_firmwarew1a51a_firmwarew1y43a_firmwarew1y44a7kw79aw1y41a_firmware7kw58aw1a77a_firmware7kw77a7kw63a_firmware7kw78a7kw65a7kw64a7kw54a_firmwarew1a53aw1y44a_firmwarew1y46a_firmwarew1a59aw1a75aw1a53a_firmwarew1a78aw1a30a7kw68a_firmware7kw51a_firmwarew1y46aw1a57a7kw65a_firmwarew1a51aw1a29aw1a47a_firmware7kw63a7kw79a_firmwarew1a48a7kw74a_firmware93m22a_firmwarew1a60aw1a46a_firmwarew1a31a_firmwarew1a46aw1a75a_firmwarew1a34a_firmwarew1y45a7kw51aw1a76a_firmware7kw76a_firmwarew1a32aw1y41aw1a82a_firmwarew1a52a_firmware93m22aw1a81aw1a33a_firmware7kw50aw1a59a_firmware7kw75a7kw56a_firmware7kw55a_firmwarew1a28aw1a80a_firmware7kw50a_firmwarew1a66a_firmwarew1a78a_firmware7kw54aw1a29a_firmware7kw49a7kw73a7kw78a_firmware7kw67a_firmwareHP LaserJet Pro MFP M428-M429 f seriesHP LaserJet Pro M304-M305 Printer seriesHP Color LaserJet Pro M453-M454 seriesHP Color LaserJet MFP M478-M479 seriesHP LaserJet Pro M404-M405 Printer seriesHP LaserJet Pro MFP M428-M429 series
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-7130
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-2.36% / 84.61%
||
7 Day CHG~0.00%
Published-04 Mar, 2020 | 20:21
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE OneView Global Dashboard (OVGD) 1.9 has a remote information disclosure vulnerability. HPE OneView Global Dashboard - After Upgrade or Install of OVGD Version 1.9, Appliance Firewall May Leave Ports Open. This is resolved in OVGD 1.91 or later.

Action-Not Available
Vendor-n/aHP Inc.
Product-oneview_global_dashboardHPE OneView Global Dashboard
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2022-43927
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 29.91%
||
7 Day CHG-0.04%
Published-17 Feb, 2023 | 16:51
Updated-18 Mar, 2025 | 15:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2 for Linux, UNIX and Windows information disclosure

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671.

Action-Not Available
Vendor-IBM CorporationHP Inc.Microsoft CorporationOracle CorporationLinux Kernel Organization, Inc
Product-solarislinux_kerneldb2hp-uxwindowsaixDb2 for Linux, UNIX and Windows
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-269
Improper Privilege Management
CVE-2015-2802
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.88% / 87.98%
||
7 Day CHG+1.73%
Published-04 Feb, 2020 | 20:09
Updated-06 Aug, 2024 | 05:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive information. This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability.

Action-Not Available
Vendor-n/aMicrosoft CorporationHP Inc.Oracle CorporationLinux Kernel Organization, Inc
Product-solarislinux_kernelasset_managerwindowssitescopeasset_manager_cloudsystem_chargebackn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-20354
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.46% / 63.47%
||
7 Day CHG~0.00%
Published-18 Feb, 2021 | 15:10
Updated-16 Sep, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelwebsphere_application_serverihp-uxwindowsz\/osaixWebSphere Application Server
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-20373
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.30% / 52.81%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 17:00
Updated-17 Sep, 2024 | 00:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. IBM X-Force ID: 199521.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kerneldb2hp-uxwindowsaixDB2 for Linux, UNIX and Windows
CVE-2020-4937
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 29.86%
||
7 Day CHG~0.00%
Published-20 Nov, 2020 | 13:50
Updated-17 Sep, 2024 | 04:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 191814.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-sterling_b2b_integratorsolarislinux_kernelihp-uxwindowsaixSterling B2B Integrator
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2024-5749
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.10% / 28.31%
||
7 Day CHG~0.00%
Published-15 Oct, 2024 | 17:27
Updated-16 Oct, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Certain HP DesignJet products – Credential reflection

Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP server credentials.

Action-Not Available
Vendor-HP Inc.
Product-Certain HP DesignJet productsdesignjet_t830_firmwaredesignjet_t730_firmware
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-1869
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 46.51%
||
7 Day CHG~0.00%
Published-01 Mar, 2024 | 21:31
Updated-15 Jan, 2026 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220.

Action-Not Available
Vendor-HP Inc.
Product-cq893ccq891c_firmwarecq891ccq893c_firmwareHP DesignJetdesignjet_t120designjet_t520_36indesignjet_t520_24in
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-1707
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.55%
||
7 Day CHG~0.00%
Published-13 Jun, 2023 | 17:06
Updated-03 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6.

Action-Not Available
Vendor-HP Inc.
Product-color_laserjet_managed_mfp_e78625_5qj90alaserjet_managed_flow_mfp_e73140_6bs58acolor_laserjet_managed_mfp_e786_3sj13alaserjet_managed_mfp_e73140_6bs57acolor_laserjet_enterprise_6700_49l00alaserjet_managed_e82670_3sj07acolor_laserjet_managed_flow_e87750_5qk20acolor_laserjet_managed_flow_mfp_e78625_5qj90alaserjet_managed_flow_mfp_e73130_5qk02acolor_laserjet_managed_flow_e87750_3sj37acolor_laserjet_managed_flow_mfp_e78630_3sj12acolor_laserjet_managed_mfp_e78630_5qj90alaserjet_enterprise_mfp_m430_3pz55acolor_laserjet_managed_mfp_e87760_3sj22acolor_laserjet_managed_flow_e87740_3sj19alaserjet_managed_mfp_e826dn_5qk13acolor_laserjet_managed_mfp_e87740_3sj38alaserjet_managed_mfp_e42540_3pz75acolor_laserjet_managed_mfp_e78625_3sj32alaserjet_managed_flow_mfp_e826z_3sj29alaserjet_managed_mfp_e73140_3sj00acolor_laserjet_managed_flow_e87770_5qk03alaserjet_managed_mfp_e73135_6bs58acolor_laserjet_managed_flow_e87760_3sj38acolor_laserjet_enterprise_flow_mfp_6800_6qn37acolor_laserjet_enterprise_6700_4y280alaserjet_managed_flow_mfp_e826z_5qk09alaserjet_managed_e40040_3pz35acolor_laserjet_managed_flow_e87760_3sj20acolor_laserjet_managed_flow_e87760_3sj19alaserjet_managed_e82650_3sj09acolor_laserjet_managed_mfp_e78625_3sj12acolor_laserjet_managed_mfp_e87750_3sj22acolor_laserjet_managed_mfp_e87740_3sj21acolor_laserjet_enterprise_5700_6qn28alaserjet_enterprise_mfp_m431_3pz56acolor_laserjet_managed_flow_mfp_e78630_5qk18alaserjet_managed_e82670_3sj28acolor_laserjet_managed_mfp_e87750_5qk03acolor_laserjet_enterprise_flow_mfp_6800_4y279acolor_laserjet_managed_mfp_e87750_3sj36acolor_laserjet_managed_flow_e87770_3sj38acolor_laserjet_managed_mfp_e87750_3sj21acolor_laserjet_managed_flow_e87750_5qk03acolor_laserjet_managed_flow_e87740_3sj36acolor_laserjet_managed_mfp_e87760_5qk20acolor_laserjet_managed_flow_e87760_3sj21alaserjet_managed_flow_mfp_e73135_5qj98acolor_laserjet_managed_mfp_e87770_5qk20alaserjet_managed_flow_mfp_e73130_3sj02alaserjet_managed_mfp_e826dn_3sj09acolor_laserjet_enterprise_mfp_6800_6qn35alaserjet_managed_e82660_3sj09alaserjet_managed_mfp_e73130_6bs57acolor_laserjet_managed_mfp_e78635_3sj32acolor_laserjet_enterprise_x55745_6qp97acolor_laserjet_managed_mfp_e78528_5qj81acolor_laserjet_enterprise_mfp_x57945_6qp98acolor_laserjet_enterprise_mfp_6800_6qn36alaserjet_managed_flow_mfp_e826z_3sj09acolor_laserjet_managed_mfp_e87770_3sj21acolor_laserjet_managed_flow_e87760_3sj35acolor_laserjet_managed_mfp_e87760_3sj37acolor_laserjet_enterprise_6701_4y280acolor_laserjet_managed_mfp_e786_3sj12acolor_laserjet_managed_mfp_e78625_5qj94acolor_laserjet_managed_flow_mfp_e78630_3sj34acolor_laserjet_managed_mfp_e87740_3sj37acolor_laserjet_enterprise_flow_mfp_5800_49k96avcolor_laserjet_managed_mfp_e87770_3sj19acolor_laserjet_managed_mfp_e78630_3sj33alaserjet_managed_mfp_e826dn_3sj29acolor_laserjet_managed_mfp_e786_5qj90acolor_laserjet_managed_mfp_e78635_5qj90acolor_laserjet_managed_flow_mfp_e786_5qj90acolor_laserjet_enterprise_flow_mfp_x57945_6qp99acolor_laserjet_managed_flow_e87760_3sj37acolor_laserjet_managed_mfp_e87740_5qk03acolor_laserjet_enterprise_mfp_5800_6qn29acolor_laserjet_managed_flow_e87740_3sj35acolor_laserjet_managed_mfp_e78625_5qk18acolor_laserjet_managed_flow_mfp_e786_3sj12alaserjet_managed_mfp_e73025_3sj03alaserjet_managed_mfp_e73030_3sj04acolor_laserjet_enterprise_mfp_x57945_49k97avcolor_laserjet_managed_mfp_e78625_3sj34acolor_laserjet_enterprise_6700_6qn33acolor_laserjet_managed_flow_e87770_3sj21acolor_laserjet_managed_flow_mfp_e786_3sj32acolor_laserjet_managed_mfp_e78625_3sj11alaserjet_managed_mfp_e73130_5qk02acolor_laserjet_managed_mfp_e87770_3sj36acolor_laserjet_managed_flow_e87750_3sj36acolor_laserjet_managed_mfp_e78635_3sj33acolor_laserjet_managed_mfp_e78635_5qk18alaserjet_managed_mfp_e73135_3sj01acolor_laserjet_managed_mfp_e87760_3sj20alaserjet_managed_e82670_5qk13acolor_laserjet_managed_flow_mfp_e786_5qk18acolor_laserjet_managed_flow_e87750_3sj20acolor_laserjet_managed_flow_mfp_e786_3sj11acolor_laserjet_managed_flow_e87740_3sj22acolor_laserjet_enterprise_mfp_6800_4y279acolor_laserjet_managed_flow_e87770_3sj35acolor_laserjet_enterprise_flow_mfp_5800_6qn29acolor_laserjet_managed_mfp_e78630_3sj11acolor_laserjet_managed_flow_mfp_e78625_3sj12acolor_laserjet_managed_flow_mfp_e78625_3sj32alaserjet_managed_e82660_3sj29acolor_laserjet_managed_mfp_e78625_3sj33alaserjet_managed_e82650_3sj08acolor_laserjet_managed_mfp_e87760_3sj21alaserjet_managed_e82670_3sj08alaserjet_managed_mfp_e73140_5qj98alaserjet_managed_e82660_5qk13alaserjet_managed_flow_mfp_e73135_3sj01acolor_laserjet_managed_flow_e87740_5qk20acolor_laserjet_managed_flow_mfp_e78635_3sj12alaserjet_managed_mfp_e73130_5qj98alaserjet_managed_mfp_e73135_3sj02alaserjet_managed_mfp_e73030_3sj03acolor_laserjet_managed_mfp_e87770_3sj38acolor_laserjet_managed_flow_e87740_3sj38acolor_laserjet_enterprise_flow_mfp_5800_6qn30acolor_laserjet_managed_mfp_e78523_5qj83alaserjet_managed_flow_mfp_e826z_3sj07alaserjet_managed_flow_mfp_e73140_6bs59alaserjet_managed_flow_mfp_e826z_3sj30alaserjet_managed_mfp_e826dn_3sj08acolor_laserjet_enterprise_flow_mfp_x57945_49k97avcolor_laserjet_managed_flow_mfp_e78630_3sj32acolor_laserjet_managed_mfp_e78528_5qk15alaserjet_managed_e82650_3sj28acolor_laserjet_managed_mfp_e87740_3sj22alaserjet_managed_mfp_e73135_5qj98acolor_laserjet_managed_flow_e87740_3sj37acolor_laserjet_managed_flow_mfp_e78635_3sj32acolor_laserjet_managed_flow_e87770_3sj22acolor_laserjet_enterprise_flow_mfp_6800_6qn35acolor_laserjet_managed_flow_mfp_e78635_3sj13acolor_laserjet_managed_mfp_e78625_3sj13acolor_laserjet_enterprise_mfp_6800_6qn38acolor_laserjet_enterprise_flow_mfp_5800_58r10acolor_laserjet_managed_flow_mfp_e78635_5qk18acolor_laserjet_managed_flow_e87750_3sj21alaserjet_managed_mfp_e73140_6bs59alaserjet_managed_mfp_e73135_5qk02acolor_laserjet_managed_mfp_e786_5qj94acolor_laserjet_managed_mfp_e87770_3sj37alaserjet_managed_e82670_3sj29acolor_laserjet_managed_mfp_e87740_3sj36alaserjet_managed_e82650_3sj30acolor_laserjet_managed_flow_mfp_e78635_5qj90acolor_laserjet_managed_mfp_e786_3sj33acolor_laserjet_managed_mfp_e78635_3sj13acolor_laserjet_managed_mfp_e78523_5qj81acolor_laserjet_enterprise_flow_mfp_x57945_6qp98acolor_laserjet_managed_mfp_e78630_5qk18alaserjet_enterprise_m407_3pz16acolor_laserjet_managed_mfp_e87740_3sj35acolor_laserjet_enterprise_6701_6qn33acolor_laserjet_enterprise_mfp_5800_6qn30acolor_laserjet_enterprise_flow_mfp_6800_6qn36alaserjet_managed_flow_mfp_e73130_6bs59alaserjet_managed_flow_mfp_e73135_3sj00alaserjet_managed_flow_mfp_e73130_6bs57alaserjet_managed_e82670_3sj09alaserjet_managed_flow_mfp_e73135_3sj02alaserjet_managed_mfp_e73130_3sj01alaserjet_managed_flow_mfp_e73135_5qk02acolor_laserjet_managed_mfp_e87760_3sj35acolor_laserjet_managed_flow_mfp_e78625_3sj11acolor_laserjet_managed_mfp_e786_3sj32acolor_laserjet_managed_flow_e87770_3sj19alaserjet_managed_e82660_3sj28acolor_laserjet_enterprise_flow_mfp_5800_6qn31alaserjet_managed_flow_mfp_e73135_6bs59acolor_laserjet_managed_flow_mfp_e78625_5qj94alaserjet_managed_flow_mfp_e73140_6bs57acolor_laserjet_managed_flow_mfp_e786_5qj94alaserjet_managed_e82650_5qk09acolor_laserjet_enterprise_6701_49l00acolor_laserjet_managed_mfp_e78523_5qk15alaserjet_managed_e82660_3sj08acolor_laserjet_managed_flow_mfp_e78635_5qj94alaserjet_managed_mfp_e73140_3sj01acolor_laserjet_managed_mfp_e87750_3sj35alaserjet_managed_flow_mfp_e73030_3sj03acolor_laserjet_managed_mfp_e87750_3sj37acolor_laserjet_managed_flow_e87770_3sj36acolor_laserjet_enterprise_flow_mfp_6800_6qn38acolor_laserjet_managed_flow_e87770_3sj20acolor_laserjet_managed_flow_e87770_3sj37acolor_laserjet_managed_mfp_e78635_3sj11acolor_laserjet_managed_mfp_e87740_3sj19acolor_laserjet_managed_flow_e87740_3sj21alaserjet_managed_mfp_e826dn_5qk09acolor_laserjet_managed_mfp_e87750_5qk20acolor_laserjet_managed_mfp_e87750_5qk08acolor_laserjet_managed_mfp_e87750_3sj38acolor_laserjet_enterprise_mfp_5800_49k96avlaserjet_managed_flow_mfp_e73130_3sj00acolor_laserjet_enterprise_5700_49k98alaserjet_managed_mfp_e826dn_3sj30acolor_laserjet_enterprise_6701_58m42acolor_laserjet_managed_flow_e87740_5qk03acolor_laserjet_managed_mfp_e78630_3sj13acolor_laserjet_managed_mfp_e87740_5qk08alaserjet_managed_mfp_e73135_3sj00alaserjet_managed_flow_mfp_e73135_6bs58afuturesmart_5color_laserjet_managed_flow_e87760_3sj22alaserjet_managed_mfp_e73135_6bs57acolor_laserjet_managed_flow_mfp_e78630_3sj33acolor_laserjet_managed_mfp_e785dn_5qk15acolor_laserjet_managed_flow_e87770_5qk20acolor_laserjet_managed_flow_e87760_5qk20acolor_laserjet_managed_mfp_e87760_3sj19acolor_laserjet_managed_mfp_e78630_5qj94acolor_laserjet_enterprise_m455_3pz95alaserjet_managed_flow_mfp_e73130_3sj01acolor_laserjet_managed_mfp_e87770_3sj22alaserjet_managed_flow_mfp_e826z_5qk13acolor_laserjet_managed_mfp_e786_5qk18acolor_laserjet_managed_mfp_e87770_3sj35alaserjet_enterprise_m406_3pz15alaserjet_managed_mfp_e73130_3sj02acolor_laserjet_managed_flow_mfp_e78630_5qj94acolor_laserjet_enterprise_mfp_m480_3qa55acolor_laserjet_managed_mfp_e785dn_5qj83acolor_laserjet_enterprise_flow_mfp_6800_49k84acolor_laserjet_managed_flow_mfp_e786_3sj13acolor_laserjet_managed_flow_mfp_e78635_3sj11acolor_laserjet_managed_mfp_e87760_3sj38alaserjet_managed_flow_mfp_e826z_3sj08alaserjet_managed_e82660_3sj30acolor_laserjet_managed_flow_mfp_e78625_3sj33alaserjet_managed_mfp_e826dn_3sj07acolor_laserjet_managed_flow_mfp_e78635_3sj33acolor_laserjet_managed_mfp_e78630_3sj32acolor_laserjet_enterprise_mfp_x57945_6qp99alaserjet_managed_mfp_e73025_5qj87acolor_laserjet_managed_mfp_e786_3sj11alaserjet_managed_flow_mfp_e73140_3sj02acolor_laserjet_enterprise_mfp_5800_58r10alaserjet_managed_mfp_e73025_3sj04acolor_laserjet_managed_e45028_3qa35alaserjet_managed_flow_mfp_e73130_6bs58alaserjet_managed_e82660_5qk09alaserjet_managed_mfp_e73130_6bs59acolor_laserjet_enterprise_mfp_6800_49k84acolor_laserjet_managed_flow_mfp_e786_3sj33acolor_laserjet_managed_mfp_e78635_3sj12alaserjet_managed_flow_mfp_e73140_5qk02alaserjet_managed_mfp_e73130_3sj00acolor_laserjet_managed_mfp_e78635_3sj34alaserjet_managed_flow_mfp_e826z_3sj28alaserjet_managed_e82670_3sj30alaserjet_managed_e82650_3sj07alaserjet_managed_flow_mfp_e73030_5qj87acolor_laserjet_managed_mfp_e78528_5qj83acolor_laserjet_managed_flow_e87760_3sj36alaserjet_managed_flow_mfp_e73140_5qj98acolor_laserjet_managed_flow_e87760_5qk03acolor_laserjet_managed_flow_mfp_e78625_3sj34acolor_laserjet_managed_mfp_e87760_5qk08alaserjet_managed_flow_mfp_e73130_5qj98acolor_laserjet_managed_flow_mfp_e78630_3sj13acolor_laserjet_managed_flow_mfp_e78630_3sj11alaserjet_managed_mfp_e73140_6bs58acolor_laserjet_managed_flow_e87740_3sj20acolor_laserjet_managed_flow_e87750_3sj19acolor_laserjet_enterprise_x55745_49k99acolor_laserjet_managed_mfp_e87760_3sj36acolor_laserjet_managed_flow_e87750_3sj22acolor_laserjet_managed_mfp_e78630_3sj12acolor_laserjet_managed_flow_mfp_e78625_5qk18acolor_laserjet_managed_flow_mfp_e78635_3sj34alaserjet_managed_flow_mfp_e73140_3sj00acolor_laserjet_managed_flow_e87750_3sj38acolor_laserjet_managed_flow_e87740_5qk08acolor_laserjet_managed_mfp_e785dn_5qj81alaserjet_managed_e82650_3sj29acolor_laserjet_managed_mfp_e87770_3sj20acolor_laserjet_managed_flow_e87750_3sj35acolor_laserjet_managed_mfp_e87750_3sj19alaserjet_managed_e82650_5qk13acolor_laserjet_managed_mfp_e87770_5qk08alaserjet_managed_flow_mfp_e73135_6bs57acolor_laserjet_managed_mfp_e78635_5qj94acolor_laserjet_managed_flow_mfp_e786_3sj34acolor_laserjet_managed_mfp_e87740_5qk20alaserjet_managed_mfp_e73140_3sj02acolor_laserjet_managed_mfp_e87750_3sj20acolor_laserjet_managed_mfp_e47528_3qa75alaserjet_managed_e82670_5qk09acolor_laserjet_managed_mfp_e78630_3sj34alaserjet_managed_mfp_e73140_5qk02acolor_laserjet_managed_flow_mfp_e78625_3sj13alaserjet_managed_mfp_e826dn_3sj28alaserjet_managed_e82660_3sj07acolor_laserjet_managed_mfp_e87770_5qk03acolor_laserjet_managed_mfp_e87760_5qk03acolor_laserjet_managed_flow_e87770_5qk08alaserjet_managed_flow_mfp_e73140_3sj01alaserjet_managed_flow_mfp_e73030_3sj04acolor_laserjet_managed_flow_mfp_e78630_5qj90acolor_laserjet_enterprise_mfp_6800_6qn37acolor_laserjet_managed_flow_e87760_5qk08alaserjet_managed_mfp_e73135_6bs59alaserjet_managed_mfp_e73030_5qj87alaserjet_managed_mfp_e73130_6bs58acolor_laserjet_managed_mfp_e786_3sj34acolor_laserjet_enterprise_6700_58m42acolor_laserjet_managed_mfp_e87740_3sj20acolor_laserjet_managed_flow_e87750_5qk08acolor_laserjet_enterprise_mfp_5800_6qn31aHP Enterprise LaserJet and HP LaserJet Managed Printers
CWE ID-CWE-203
Observable Discrepancy
CVE-2022-43917
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.15% / 35.05%
||
7 Day CHG~0.00%
Published-25 Jan, 2023 | 17:17
Updated-31 Mar, 2025 | 14:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM WebSphere Application Server information disclosure

IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045.

Action-Not Available
Vendor-Oracle CorporationHP Inc.Microsoft CorporationIBM CorporationLinux Kernel Organization, Inc
Product-solarislinux_kernelwebsphere_application_serverihp-uxwindowsz\/osaixWebSphere Application Server
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2024-38320
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.04% / 11.48%
||
7 Day CHG~0.00%
Published-27 Jan, 2025 | 15:43
Updated-18 Aug, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Storage Protect for Virtual Environments: Data Protection for VMware information disclosure

IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Action-Not Available
Vendor-Oracle CorporationIBM CorporationHP Inc.Microsoft CorporationLinux Kernel Organization, IncApple Inc.
Product-storage_protect_for_virtual_environmentslinux_kernelwindowsstorage_protectmacossolarishp-uxaixStorage Protect for Virtual Environments: Data Protection for VMwareStorage Protect Backup-Archive Client
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2022-37934
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.8||MEDIUM
EPSS-0.56% / 67.80%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 18:33
Updated-10 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series. The vulnerability could be remotely exploited to allow remote directory traversal in HPE OfficeConnect 1820 switch series version PT.02.17 and below, HPE OfficeConnect 1850 switch series version PC.01.23 and below, and HPE OfficeConnect 1850 (10G aggregator) switch version PO.01.22 and below.

Action-Not Available
Vendor-Hewlett Packard Enterprise (HPE)HP Inc.
Product-officeconnect_1850_6xgtofficeconnect_1820_48g_poe\+_\(370w\)_switch_j9984a_firmwareofficeconnect_1820_8g_poe\+_\(65w\)_switch_j9982aofficeconnect_1850_24g_2xgt_poe\+officeconnect_1850_24g_2xgtofficeconnect_1850_2xgt\/spf\+officeconnect_1850_2xgt\/spf\+_firmwareofficeconnect_1820_24g_poe\+_\(185w\)_switch_j9983a_firmwareofficeconnect_1850_48g_4xgt_poe\+officeconnect_1850_24g_2xgt_firmwareofficeconnect_1850_48g_4xgt_poe\+_firmwareofficeconnect_1850_48g_4xgtofficeconnect_1850_6xgt_firmwareofficeconnect_1820_48g_poe\+_\(370w\)_switch_j9984aofficeconnect_1820_8g_switch_j9979a_firmwareofficeconnect_1820_8g_poe\+_\(65w\)_switch_j9982a_firmwareofficeconnect_1820_24g_poe\+_\(185w\)_switch_j9983aofficeconnect_1850_24g_2xgt_poe\+_firmwareofficeconnect_1820_8g_switch_j9979aofficeconnect_1850_48g_4xgt_firmwareHPE OfficeConnect 1820 and 1850 Switch Series
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-4499
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.64%
||
7 Day CHG~0.00%
Published-13 Oct, 2023 | 16:24
Updated-17 Sep, 2024 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability.

Action-Not Available
Vendor-HP Inc.
Product-mt32thinupdatet430elite_mt645mt43t628mt45mt44t630t638mt31t740t730t640mt21t540mt22t530mt46pro_mt440_g3HP ThinUpdatethinupdate
CWE ID-CWE-295
Improper Certificate Validation
CVE-2022-23698
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.40%
||
7 Day CHG~0.00%
Published-04 Apr, 2022 | 19:45
Updated-03 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote unauthenticated disclosure of information vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.

Action-Not Available
Vendor-n/aHP Inc.
Product-oneviewHPE OneView
CVE-2025-43024
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.03% / 9.44%
||
7 Day CHG~0.00%
Published-27 Oct, 2025 | 23:11
Updated-29 Jan, 2026 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HP ThinPro 8.1 SP8 Security Updates

A GUI dialog of an application allows to view what files are in the file system without proper authorization.

Action-Not Available
Vendor-HP IncHP Inc.
Product-thinproThinPro 8.1
CWE ID-CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CVE-2021-3965
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.58%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews.

Action-Not Available
Vendor-n/aHP Inc.
Product-designjet_z6810_2qu12a_firmwaredesignjet_t930_l2y22a_firmwaredesignjet_t2530_l2y26a_firmwaredesignjet_z6610_2qu13a_firmwaredesignjet_t2530_l2y26b_firmwaredesignjet_t2530_l2y26adesignjet_z6810_2qu14a_firmwaredesignjet_t930_l2y21adesignjet_t920_cr354a_firmwaredesignjet_t920_cr355b_firmwaredesignjet_z6800_f2s72b_firmwaredesignjet_z6610_2qu13bdesignjet_z6600_f2s71adesignjet_t3500_b9e24b_firmwaredesignjet_z6600_f2s71a_firmwaredesignjet_t3500_b9e24a_firmwaredesignjet_t3500_b9e24adesignjet_t3500_b9e25adesignjet_t1530_l2y24b_firmwaredesignjet_z6810_2qu14bdesignjet_t930_l2y22bdesignjet_t930_l2y22adesignjet_z6610_2qu13b_firmwaredesignjet_t3500_b9e24bdesignjet_z6800_f2s72bdesignjet_z6800_f2s72adesignjet_t3500_b9e25a_firmwaredesignjet_t2530_l2y25adesignjet_t930_l2y21bdesignjet_z6810_2qu12b_firmwaredesignjet_z6810_2qu14b_firmwaredesignjet_t2530_l2y26bdesignjet_t930_l2y22b_firmwaredesignjet_t920_cr355a_firmwaredesignjet_t1530_l2y24a_firmwaredesignjet_z6810_2qu12bdesignjet_z6810_2qu12adesignjet_t1530_l2y24adesignjet_z6800_f2s72ar_firmwaredesignjet_t1530_l2y23a_firmwaredesignjet_z6610_2qu13adesignjet_t920_cr354adesignjet_t920_cr355bdesignjet_t930_l2y21a_firmwaredesignjet_t1530_l2y23adesignjet_t2530_l2y25a_firmwaredesignjet_z6800_f2s72ardesignjet_t1530_l2y24bdesignjet_t920_cr355adesignjet_t930_l2y21b_firmwaredesignjet_z6800_f2s72a_firmwaredesignjet_z6600_f2s71ardesignjet_z6810_2qu14adesignjet_z6600_f2s71ar_firmwareHP DesignJet Printer
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2021-39002
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.18% / 39.45%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 17:00
Updated-16 Sep, 2024 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncNetApp, Inc.Oracle Corporation
Product-solarislinux_kerneldb2hp-uxwindowsaixoncommand_insightDB2 for Linux, UNIX and Windows
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2023-33850
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.98%
||
7 Day CHG~0.00%
Published-22 Aug, 2023 | 20:31
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM GSKit-Crypto information disclosure

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information.

Action-Not Available
Vendor-IBM CorporationMicrosoft CorporationHP Inc.Linux Kernel Organization, Inc
Product-txseries_for_multiplatformhp-uxwindowsaixcics_txlinux_kernelCICS TX StandardTXSeries for MultiplatformsCICS TX Advancedcics_txtxseries_for_multiplatform
CWE ID-CWE-203
Observable Discrepancy
CVE-2021-29723
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.14% / 34.49%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 17:00
Updated-16 Sep, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-sterling_external_authentication_serversolarislinux_kernelsterling_secure_proxyhp-uxlinux_on_ibm_zwindowsaixSterling Secure Proxy
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2021-29722
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.14% / 34.49%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 17:00
Updated-16 Sep, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201095.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-sterling_external_authentication_serversolarislinux_kernelsterling_secure_proxyhp-uxlinux_on_ibm_zwindowsaixSterling Secure Proxy
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2021-26586
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.34%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 20:40
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to disclose sensitive information. HPE has made software updates available to resolve the vulnerability in the HPE Edgeline Infrastructure Manager (EIM).

Action-Not Available
Vendor-n/aHP Inc.
Product-edgeline_infrastructure_managementHPE Edgeline Infrastructure Management Software
CVE-2019-11995
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-1.98% / 83.25%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 19:46
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: For customers with release UIoT 1.2.4.2 fixes are made available with 1.2.4.2 RP3 HF1. For customers with release older than 1.2.4.2, such as 1.2.4.1, 1.2.4.0, the resolution will be to upgrade to 1.2.4.2 RP3 HF1 Customers are requested to upgrade to the updated versions or contact HPE support for further assistance.

Action-Not Available
Vendor-n/aHP Inc.
Product-universal_internet_of_thingsHPE IOT + GCP
CVE-2025-33142
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.03% / 6.86%
||
7 Day CHG~0.00%
Published-14 Aug, 2025 | 15:41
Updated-18 Aug, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM WebSphere Application Server information disclosure

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections.

Action-Not Available
Vendor-Oracle CorporationIBM CorporationHP Inc.Microsoft CorporationLinux Kernel Organization, Inc
Product-linux_kernelwindowsz\/osisolarishp-uxwebsphere_application_serveraixWebSphere Application Server
CWE ID-CWE-295
Improper Certificate Validation
CVE-2017-17556
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.13% / 32.67%
||
7 Day CHG~0.00%
Published-15 Dec, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A debug tool in Synaptics TouchPad drivers allows local users with administrative access to obtain sensitive information about keyboard scan codes by modifying registry keys.

Action-Not Available
Vendor-n/aHP Inc.
Product-synaptics_touchpad_drivern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-12784
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.04% / 11.31%
||
7 Day CHG-0.02%
Published-13 Nov, 2025 | 17:35
Updated-13 Feb, 2026 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Certain HP LaserJet Pro Printers – Potential Information Disclosure

Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server.

Action-Not Available
Vendor-HP IncHP Inc.
Product-7kw59a7kw64a_firmwarew1a63a7kw68a7kw75a_firmware7kw57a_firmwarew1a82aw1a77a7kw66aw1a30a_firmwarew1a35a_firmware7kw55a7kw66a_firmwarew1y47a_firmwarew1a76aw1a33a7kw67aw1a28a_firmware7kw49a_firmwarew1a32a_firmware7kw59a_firmwarew1a60a_firmwarew1a34aw1y47aw1a63a_firmwarew1y45a_firmwarew1a35aw1y40aw1y40a_firmwarew1a52aw1a38a7kw74aw1a80aw1y43aw1a31a7kw56a7kw57aw1a48a_firmware7kw73a_firmwarew1a57a_firmwarew1a81a_firmwarew1a79aw1a56aw1a38a_firmware7kw76a7kw58a_firmware7kw48a7kw72a_firmwarew1a58a_firmwarew1a47a7kw77a_firmware7kw72aw1a56a_firmware7kw48a_firmwarew1a66aw1a58aw1a79a_firmwarew1a51a_firmwarew1y43a_firmwarew1y44a7kw79aw1y41a_firmware7kw58aw1a77a_firmware7kw77a7kw63a_firmware7kw78a7kw65a7kw64a7kw54a_firmwarew1a53aw1y44a_firmwarew1y46a_firmwarew1a59aw1a75aw1a53a_firmwarew1a78aw1a30a7kw68a_firmware7kw51a_firmwarew1y46aw1a57a7kw65a_firmwarew1a51aw1a29aw1a47a_firmware7kw63a7kw79a_firmwarew1a48a7kw74a_firmware93m22a_firmwarew1a60aw1a46a_firmwarew1a31a_firmwarew1a46aw1a75a_firmwarew1a34a_firmwarew1y45a7kw51aw1a76a_firmware7kw76a_firmwarew1a32aw1y41aw1a82a_firmwarew1a52a_firmware93m22aw1a81aw1a33a_firmware7kw50aw1a59a_firmware7kw75a7kw56a_firmware7kw55a_firmwarew1a28aw1a80a_firmware7kw50a_firmwarew1a66a_firmwarew1a78a_firmware7kw54aw1a29a_firmware7kw49a7kw73a7kw78a_firmware7kw67a_firmwareHP LaserJet Pro MFP M428-M429 f seriesHP LaserJet Pro M304-M305 Printer seriesHP Color LaserJet Pro M453-M454 seriesHP Color LaserJet MFP M478-M479 seriesHP LaserJet Pro M404-M405 Printer seriesHP LaserJet Pro MFP M428-M429 series
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2014-7883
Matching Score-6
Assigner-HP Inc.
ShareView Details
Matching Score-6
Assigner-HP Inc.
CVSS Score-5||MEDIUM
EPSS-57.74% / 98.11%
||
7 Day CHG~0.00%
Published-15 Feb, 2015 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.

Action-Not Available
Vendor-n/aHP Inc.
Product-universal_configuration_management_databasen/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-12555
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.5||MEDIUM
EPSS-0.57% / 68.20%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 02:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote arbitrary file download and disclosure of information vulnerability in HPE Intelligent Management Center (iMC) Service Operation Management (SOM) version IMC SOM 7.3 E0501 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) Service Operation Management (SOM)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-12543
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.5||MEDIUM
EPSS-0.36% / 57.30%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 02:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-integrated_lights-outintegrated_lights-out_3_firmwareintegrated_lights-out_2_firmwaremoonshot_remote_console_administratorintegrated_lights-out_4_firmwareIntegrated Lights-Out 4
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2008-4412
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.86% / 74.55%
||
7 Day CHG~0.00%
Published-17 Oct, 2008 | 20:00
Updated-07 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-systems_insight_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2008-4560
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 61.75%
||
7 Day CHG~0.00%
Published-08 Feb, 2009 | 21:00
Updated-16 Sep, 2024 | 23:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2008-3902
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.11% / 29.95%
||
7 Day CHG~0.00%
Published-03 Sep, 2008 | 19:00
Updated-07 Aug, 2024 | 09:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP firmware 68DTT F.0D stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer, aka SSRT080104.

Action-Not Available
Vendor-n/aHP Inc.
Product-68dttn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2008-3539
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.12% / 30.89%
||
7 Day CHG~0.00%
Published-10 Sep, 2008 | 15:00
Updated-07 Aug, 2024 | 09:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in HPSI Active Directory Connector 2.30 and earlier, HPSI SunOne Connector 1.14 and earlier, HPSI eDirectory Connector 1.12 and earlier, HPSI eTrust Connector 1.02 and earlier, HPSI OID Connector 1.02 and earlier, HPSI IBM Tivoli Dir Connector 1.02 and earlier, HPSI TOPSecret Connector 2.22.001 and earlier, HPSI RACF Connector 1.12.001 and earlier, HPSI ACF2 Connector 1.02 and earlier, HPSI OpenLDAP Connector 1.02 and earlier, and HPSI BiDir DirX Connector 1.00.003 and earlier, allows local users to obtain sensitive information via unknown vectors.

Action-Not Available
Vendor-n/aMicrosoft CorporationHP Inc.
Product-hpsi_bidir_dirx_connectorhpsi_acf2_connectorhpsi_etrust_connectorhpsi_edirectory_connectorhpsi_sunone_connectorhpsi_oid_connectorhpsi_topsecret_connectorhpsi_racf_connectoribm_tivoli_dir_connectorwindowshpsi_active_directory_connectorhpsi_openldap_connectorn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-8963
Matching Score-6
Assigner-IBM Corporation
ShareView Details
Matching Score-6
Assigner-IBM Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.00%
||
7 Day CHG~0.00%
Published-01 Feb, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user.

Action-Not Available
Vendor-Linux Kernel Organization, IncOracle CorporationHP Inc.IBM CorporationMicrosoft Corporation
Product-bigfix_inventorylicense_metric_toolaixsolarishp-uxlinux_kernelwindowsBigFix Inventory
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-8514
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.5||MEDIUM
EPSS-0.54% / 66.93%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote information disclosure in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-version_control_repository_managerVersion Control Repository Manager (VCRM)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-8525
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-6.51% / 90.89%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Disclosure of Information vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centeriMC PLAT
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-8531
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-6
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-5.3||MEDIUM
EPSS-0.55% / 67.33%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote information disclosure vulnerability in HPE Matrix Operating Environment version 7.6 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-matrix_operating_environmentMatrix Operating Environment
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-4378
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.79% / 73.50%
||
7 Day CHG~0.00%
Published-26 Aug, 2016 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-xp7_command_viewxp_9000_command_viewn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-4367
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.29% / 79.32%
||
7 Day CHG~0.00%
Published-08 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-universal_cmbd_foundationn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-1992
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 48.53%
||
7 Day CHG~0.00%
Published-17 Mar, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-enterprise_security_manager_expressenterprise_security_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-2026
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.24% / 84.22%
||
7 Day CHG~0.00%
Published-08 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2027.

Action-Not Available
Vendor-n/aHP Inc.
Product-matrix_operating_environmentsystems_insight_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-2025
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.65% / 70.34%
||
7 Day CHG~0.00%
Published-30 May, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-2013
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 48.53%
||
7 Day CHG~0.00%
Published-07 May, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to obtain sensitive information via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_node_manager_in/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-2027
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.24% / 84.22%
||
7 Day CHG~0.00%
Published-08 Jun, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-2026.

Action-Not Available
Vendor-n/aHP Inc.
Product-matrix_operating_environmentsystems_insight_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2007-6513
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-8.52% / 92.18%
||
7 Day CHG~0.00%
Published-21 Dec, 2007 | 22:00
Updated-07 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allows remote attackers to (1) read arbitrary files via the ReadTextFile method, or (2) read arbitrary registry values via the ReadValue method.

Action-Not Available
Vendor-n/aHP Inc.
Product-esupportdiagnosticsn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-0777
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-67.20% / 98.52%
||
7 Day CHG~0.00%
Published-14 Jan, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

Action-Not Available
Vendor-n/aOpenBSDSophos Ltd.Apple Inc.Oracle CorporationHP Inc.
Product-unified_threat_managementremote_device_access_virtual_customer_access_systemsolarisopensshunified_threat_management_softwarelinuxmac_os_xn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2007-4514
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.86% / 74.55%
||
7 Day CHG~0.00%
Published-15 Apr, 2009 | 10:00
Updated-07 Aug, 2024 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-procurve_managern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2014-4669
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-3.5||LOW
EPSS-0.35% / 56.87%
||
7 Day CHG~0.00%
Published-28 Jun, 2014 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue.

Action-Not Available
Vendor-n/aHP Inc.
Product-enterprise_mapsn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2015-6862
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.47% / 63.90%
||
7 Day CHG~0.00%
Published-08 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-ucmdb_browsern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-284
Improper Access Control
CVE-2016-2015
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.13% / 32.34%
||
7 Day CHG~0.00%
Published-14 May, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-system_management_homepagen/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 20
  • 21
  • Next
Details not found