11 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware flaw does not properly sanitize user input. The exploitation of this vulnerability is dependent on a layered attack and cannot be exploited by itself. Se descubrió una vulnerabilidad potencial en ciertos dispositivos de videoconferencia de Poly. El fallo del firmware no desinfecta adecuadamente la entrada del usuario. • https://support.hp.com/us-en/document/ish_11536495-11536533-16/hpsbpy03900 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could potentially lead to Remote Code Execution and/or Elevation of Privilege on the PC. Los equipos cliente/servidor con el controlador de impresión universal inteligente de HP instalado son potencialmente vulnerables a la ejecución remota de código y/o la elevación de privilegios. Un cliente que utilice el controlador de impresión universal inteligente de HP que envíe un trabajo de impresión compuesto por un archivo XPS malicioso podría provocar la ejecución remota de código y/o la elevación de privilegios en el equipo. • https://support.hp.com/us-en/document/ish_11505949-11505972-16 • CWE-787: Out-of-bounds Write •

CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0

A potential security vulnerability has been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. • https://support.hp.com/us-en/document/ish_11270215-11270239-16 • CWE-426: Untrusted Search Path •

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018. • https://support.hp.com/us-en/document/ish_11159589-11159645-16/hpsbpi03970 • CWE-269: Improper Privilege Management •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries. • https://support.hp.com/us-en/document/ish_11074404-11074432-16 • CWE-94: Improper Control of Generation of Code ('Code Injection') •