Hp Inc. Security Vulnerabilities
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information...
7.8CVSS
8.1AI Score
0.0004EPSS
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information...
7.8CVSS
7.9AI Score
0.0004EPSS
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information...
7.8CVSS
7.9AI Score
0.0004EPSS
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information...
7.8CVSS
7.9AI Score
0.0004EPSS
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information...
7.8CVSS
7.9AI Score
0.0004EPSS
Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to buffer...
9.8CVSS
9.4AI Score
0.002EPSS
Certain versions of HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware are potentially vulnerable to elevation of...
9.8CVSS
9.3AI Score
0.002EPSS
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of...
8.8CVSS
8.9AI Score
0.001EPSS
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of...
9.8CVSS
9.6AI Score
0.001EPSS
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of...
8.8CVSS
8.9AI Score
0.001EPSS
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of...
8.8CVSS
8.9AI Score
0.001EPSS
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of...
7.8CVSS
7.8AI Score
0.0004EPSS
A potential security vulnerability has been identified with a version of the HP Softpaq installer that can lead to arbitrary code...
7.8CVSS
7.8AI Score
0.0004EPSS
Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code...
9.8CVSS
9.6AI Score
0.004EPSS
Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the...
4.6CVSS
4.6AI Score
0.001EPSS
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code...
9.8CVSS
9.7AI Score
0.006EPSS
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of...
9.8CVSS
9.4AI Score
0.002EPSS
A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential...
5.5CVSS
5.5AI Score
0.0004EPSS
HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerability was remediated starting with Windows 10 versions 21H2 on....
7.8CVSS
7.9AI Score
0.001EPSS
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS) which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential...
7CVSS
7AI Score
0.0004EPSS
HP has identified a potential vulnerability in BIOS firmware of some Workstation products. Firmware updates are being released to mitigate these potential...
7.8CVSS
7.5AI Score
0.0004EPSS
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential...
7CVSS
7AI Score
0.0004EPSS
Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential...
7.8CVSS
8.1AI Score
0.0004EPSS
Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential...
7.8CVSS
8.1AI Score
0.0004EPSS
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate these potential...
7.8CVSS
8.1AI Score
0.0004EPSS
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of...
7.8CVSS
7.9AI Score
0.0004EPSS
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of...
7.8CVSS
7.9AI Score
0.0004EPSS
HPSFViewer might allow Escalation of Privilege. This potential vulnerability was remediated on July 29th, 2022. Customers who opted for automatic updates should have already received the...
7.8CVSS
7.6AI Score
0.0004EPSS
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of...
7.8CVSS
7.9AI Score
0.0004EPSS
Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information...
8.8CVSS
8.9AI Score
0.0004EPSS
Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information...
8.8CVSS
8.9AI Score
0.0004EPSS
Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information...
8.8CVSS
8.9AI Score
0.0004EPSS
Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information...
8.8CVSS
8.9AI Score
0.0004EPSS
A potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential...
8.4CVSS
8.6AI Score
0.001EPSS
A potential security vulnerability has been identified in certain HP Workstation BIOS (UEFI firmware) which may allow arbitrary code execution. HP is releasing firmware mitigations for the potential...
8.4CVSS
8.5AI Score
0.001EPSS
Potential security vulnerabilities have been identified in an OMEN Gaming Hub SDK package which may allow escalation of privilege and/or denial of service. HP is releasing software updates to mitigate the potential...
9.8CVSS
9.7AI Score
0.002EPSS
A potential security vulnerability has been identified in OMEN Gaming Hub and in HP Command Center which may allow escalation of privilege and/or denial of service. HP has released software updates to mitigate the potential...
9.8CVSS
9.5AI Score
0.002EPSS
A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP...
7.8CVSS
7.8AI Score
0.0004EPSS
HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance...
7.8CVSS
7.5AI Score
0.001EPSS
A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Denial of Service when running HP Workpath solutions on potentially affected...
9.8CVSS
9.3AI Score
0.002EPSS
Certain HP ENVY, OfficeJet, and DeskJet printers may be vulnerable to a Denial of Service...
7.5CVSS
7.4AI Score
0.001EPSS
Certain HP PageWide Pro Printers may be vulnerable to a potential denial of service...
7.5CVSS
7.3AI Score
0.001EPSS
A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP...
6.8CVSS
6.7AI Score
0.001EPSS
HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device...
8.1CVSS
8AI Score
0.001EPSS
A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A - V1N08A, Y5H60A -...
4.8CVSS
4.9AI Score
0.001EPSS
Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device...
8.1CVSS
8AI Score
0.001EPSS
Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS...
9.8CVSS
9.6AI Score
0.002EPSS
A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary...
7.2CVSS
7.3AI Score
0.001EPSS
A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and could potentially be exploited remotely to allow elevation of...
8.8CVSS
8.6AI Score
0.001EPSS
A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. The BIOS password was stored in CMOS in a way that allowed it to be extracted. This applies to consumer notebooks launched in early...
4.6CVSS
4.7AI Score
0.001EPSS