CVSS: 7.8EPSS: 0%CPEs: 774EXPL: 0CVE-2022-27541
https://notcve.org/view.php?id=CVE-2022-27541
12 Jun 2023 — Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. • https://support.hp.com/us-en/document/ish_7709808-7709835-16/hpsbhf03835 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 774EXPL: 0CVE-2022-27539
https://notcve.org/view.php?id=CVE-2022-27539
12 Jun 2023 — Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. • https://support.hp.com/us-en/document/ish_7709808-7709835-16/hpsbhf03835 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 658EXPL: 0CVE-2022-27537
https://notcve.org/view.php?id=CVE-2022-27537
30 Jan 2023 — Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate these potential vulnerabilities. • https://support.hp.com/us-en/document/ish_6664419-6664458-16/hpsbhf03806 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.4EPSS: 0%CPEs: 150EXPL: 0CVE-2022-37018
https://notcve.org/view.php?id=CVE-2022-37018
21 Nov 2022 — A potential vulnerability has been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerability. Se ha identificado una vulnerabilidad potencial en el BIOS del sistema para ciertos productos de PC HP que puede permitir la escalada de privilegios y la ejecución de código. HP está lanzando actualizaciones de firmware para mitigar la vulnerabilidad potencial. • https://support.hp.com/us-en/document/ish_7191946-7191970-16/hpsbhf03820 •
CVSS: 6.7EPSS: 0%CPEs: 28EXPL: 0CVE-2020-15596 – ALPS ALPINE Touchpad DLL Hijacking
https://notcve.org/view.php?id=CVE-2020-15596
21 Jul 2020 — The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file. El controlador de la pantalla táctil ALPS ALPINE versiones anteriores a 8.2206.1717.634, como es usada en varias computadoras portátiles Dell, HP y Lenovo, permite a atacantes conducir ataques de Divulgación de Ruta por medio de un archivo DLL "fake" A DLL hijacking vulnerability was found in the ALPS ALPINE Touchpad driver, which... • https://seclists.org/fulldisclosure/2020/Jul/30 • CWE-427: Uncontrolled Search Path Element •