CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43026 – HP Support Assistant – Potential Escalation of Privilege
https://notcve.org/view.php?id=CVE-2025-43026
05 Jun 2025 — A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write. • https://support.hp.com/us-en/document/ish_12617979-12618008-16/hpsbgn04022 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1697 – HP Touchpoint Analytics Service – Potential Escalation of Privilege
https://notcve.org/view.php?id=CVE-2025-1697
18 Apr 2025 — A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for certain HP PC products with versions prior to 4.2.2439. This vulnerability could potentially allow a local attacker to escalate privileges. HP is providing software updates to mitigate this potential vulnerability. Se ha identificado una posible vulnerabilidad de seguridad en HP Touchpoint Analytics Service para ciertos productos de PC HP con versiones anteriores a la 4.2.2439. Esta vulnerabilidad podría permit... • https://support.hp.com/us-en/document/ish_12269975-12269997-16/hpsbgn04008 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26508 – Certain HP LaserJet Pro, HP LaserJet Enterprise, HP LaserJet Managed Printers – Potential Remote Code Execution and Potential Elevation of Privilege
https://notcve.org/view.php?id=CVE-2025-26508
14 Feb 2025 — Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP LaserJet Pro MFP 3301fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of PostScript data. The issue results from the lack of p... • https://support.hp.com/us-en/document/ish_11953771-11953793-16/hpsbpi04007 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26507 – Certain HP LaserJet Pro, HP LaserJet Enterprise, HP LaserJet Managed Printers – Potential Remote Code Execution and Potential Elevation of Privilege
https://notcve.org/view.php?id=CVE-2025-26507
14 Feb 2025 — Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. This vulnerability allows local attackers to escalate privileges on affected installations of HP LaserJet Pro MFP 3301fdw printers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the suidex... • https://support.hp.com/us-en/document/ish_11953771-11953793-16/hpsbpi04007 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26506 – Certain HP LaserJet Pro, HP LaserJet Enterprise, HP LaserJet Managed Printers – Potential Remote Code Execution and Potential Elevation of Privilege
https://notcve.org/view.php?id=CVE-2025-26506
14 Feb 2025 — Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP LaserJet Pro MFP 3301fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of PostScript data. The issue results from the lack of p... • https://support.hp.com/us-en/document/ish_11953771-11953793-16/hpsbpi04007 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1003 – HP Anyware Agent for Linux – Potential Authentication Bypass
https://notcve.org/view.php?id=CVE-2025-1003
03 Feb 2025 — A potential vulnerability has been identified in HP Anyware Agent for Linux which might allow for authentication bypass which may result in escalation of privilege. HP is releasing a software update to mitigate this potential vulnerability. • https://support.hp.com/us-en/document/ish_11920613-11920636-16 • CWE-273: Improper Check for Dropped Privileges •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9419 – Certain HP Print Products–Potential Remote Code Execution and/or Elevation of Privilege with the HP Smart Universal Printing Driver
https://notcve.org/view.php?id=CVE-2024-9419
30 Oct 2024 — Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could potentially lead to Remote Code Execution and/or Elevation of Privilege on the PC. Los equipos cliente/servidor con el controlador de impresión universal inteligente de HP instalado son potencialmente vulnerables a la ejecución remota de ... • https://support.hp.com/us-en/document/ish_11505949-11505972-16 • CWE-787: Out-of-bounds Write •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8733 – HP One Agent Software – Potential Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-8733
02 Oct 2024 — A potential security vulnerability has been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. A potential security vulnerability has been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. • https://support.hp.com/us-en/document/ish_11270215-11270239-16 • CWE-426: Untrusted Search Path •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42500
https://notcve.org/view.php?id=CVE-2024-42500
09 Sep 2024 — HPE has identified a denial of service vulnerability in HPE HP-UX System's Network File System (NFSv4) services. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04697en_us&docLocale=en_US •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7720 – HP Security Manager - Potential Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-7720
27 Aug 2024 — HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries. • https://support.hp.com/us-en/document/ish_11074404-11074432-16 • CWE-94: Improper Control of Generation of Code ('Code Injection') •