CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8733 – HP One Agent Software – Potential Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-8733
02 Oct 2024 — A potential security vulnerability has been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. A potential security vulnerability has been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. • https://support.hp.com/us-en/document/ish_11270215-11270239-16 • CWE-426: Untrusted Search Path •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9423 – Certain HP LaserJet Printers – Potential Denial of Service
https://notcve.org/view.php?id=CVE-2024-9423
02 Oct 2024 — Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, potentially blocking queued print jobs. • https://support.hp.com/us-en/document/ish_11266441-11266463-16/hpsbpi03976 • CWE-241: Improper Handling of Unexpected Data Type •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5760
https://notcve.org/view.php?id=CVE-2024-5760
11 Sep 2024 — The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018. • https://support.hp.com/us-en/document/ish_11159589-11159645-16/hpsbpi03970 • CWE-269: Improper Privilege Management •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42500
https://notcve.org/view.php?id=CVE-2024-42500
09 Sep 2024 — HPE has identified a denial of service vulnerability in HPE HP-UX System's Network File System (NFSv4) services. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04697en_us&docLocale=en_US •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7720 – HP Security Manager - Potential Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-7720
27 Aug 2024 — HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries. • https://support.hp.com/us-en/document/ish_11074404-11074432-16 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41912
https://notcve.org/view.php?id=CVE-2024-41912
07 Aug 2024 — A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly implement access controls. • https://support.hp.com/us-en/document/ish_11006235-11006266-16/hpsbpy03958 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41911
https://notcve.org/view.php?id=CVE-2024-41911
06 Aug 2024 — A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation. • https://support.hp.com/us-en/document/ish_11006770-11006795-16/hpsbpy03959 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41910
https://notcve.org/view.php?id=CVE-2024-41910
06 Aug 2024 — A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XXS vulnerabilities in the version of JavaScript used. A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XSS vulnerabilities in the version of JavaScript used. • https://support.hp.com/us-en/document/ish_11006981-11007005-16/hpsbpy03960 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41913 – Clariti Manager – Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-41913
06 Aug 2024 — A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly sanitize User input. • https://support.hp.com/us-en/document/ish_11006488-11006512-16/hpsbpy03957 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22442
https://notcve.org/view.php?id=CVE-2024-22442
16 Jul 2024 — The vulnerability could be remotely exploited to bypass authentication. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04663en_us&docLocale=en_US • CWE-287: Improper Authentication •