HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have embedded web server attributes which may be potentially vulnerable to Buffer Overflow.
Hp
CVE-2019-6327
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an IPP Parser potentially vulnerable to Buffer Overflow.
CVE-2019-6332
A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A – V1N08A, Y5H60A – Y5H80A; HP DeskJet Ink Advantage 2600 All-in-One Printer series model numbers V1N02A – V1N02B, Y5Z00A – Y5Z04B; HP DeskJet Ink Advantage 5000 All-in-One Printer series model numbers M2U86A – M2U89B; HP DeskJet Ink Advantage 5200 All-in-One Printer series model numbers M2U76A – M2U78B; HP ENVY 5000 All-in-One Printer series model numbers M2U85A – M2U85B, M2U91A – M2U94B, Z4A54A – Z4A74A; HP ENVY Photo 6200 All-in-One Printer series model numbers K7G18A-K7G26B, K7S21B, Y0K13D – Y0K15A; HP ENVY Photo 7100 All-in-One Printer series model numbers 3XD89A, K7G93A-K7G99A, Z3M37A – Z3M52A; HP ENVY Photo 7800 All-in-One Printer series model numbers K7R96A, K7S00A – K7S10D, Y0G42D – Y0G52B; HP Ink Tank Wireless 410 series model numbers Z4B53A – Z4B55A, Z6Z95A – Z6Z99A, 4DX94A – 4DX95A, 4YF79A, Z7A01A; HP OfficeJet 5200 All-in-One Printer series model numbers M2U75A, M2U81A-M2U84B, Z4B12A – Z4B14A, Z4B27A – Z4B29A; HP Smart Tank Wireless 450 series model numbers Z4B56A, Z6Z96A – Z6Z98A.
CVE-2019-6334
HP LaserJet, PageWide, OfficeJet Enterprise, and LaserJet Managed Printers have a solution to check application signature that may allow potential execution of arbitrary code.
CVE-2019-6324
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page
CVE-2019-5396
A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.